cargo-hack Per-crate Cargo.lock checks?

Per-crate Cargo.lock checks?

Open kornelski opened this issue 1 year ago • 1 comments

Would it make sense to adapt cargo-hack for checking dependency version resolution per crate in a workspace? Especially with -Z minimal-versions.

If I have:

workspace
- my_crate1
  - serde = "1.0.1"
- my_crate2
  - serde = "1.0.123"

Then my_crate1 will only be tested with serde v1.0.123, but if I publish it outside of the workspace, someone else could use it with older dependencies I never tested with. The problem is not limited to direct dependencies in the workspace - the same thing can happen with transitive dependencies:

workspace
- my_crate1
  - serde = "1.0.1"
- my_crate2
  - wants_newer_serde = "7"

So I think the hack needed here is to remove crates from the workspace, re-link them as path dependencies if needed (or with [patch]? not sure), and test with individual Cargo.locks.

Feb 05 '24 16:02 kornelski

cargo-hack cargo-hack copied to clipboard

Per-crate Cargo.lock checks?

cargo-hack
cargo-hack copied to clipboard