Is this normal behavior that cargo install
don't respect lock file and downloads/compiles newest versions of dependencies? There's no versions specified in toml file.
Cargo.lock
isn't included in the package uploaded to crates.io, so there's no way for cargo install
to use the lockfile for these packages. This feels like a bug, especially because installing the same package using cargo install --git <repo>
will correctly use the lockfile.
I filed an issue to for this: Packages for binary crates should include Cargo.lock · Issue #2263 · rust-lang/cargo · GitHub
Thanks!