Cargo Pinned Version Trouble?

Given this Cargo.toml file...

[package]
name = "pinned-version"
version = "0.1.0"
edition = "2021"

[dependencies]
chrono = "^0.4.21"

I expect chrono to be pinned to version 0.4.21. However, Cargo used 0.4.23. Cargo.lock snippet...

[[package]]
name = "chrono"
version = "0.4.23"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "16b0a3d9ed01224b22057780a37bb8c5dbfe1be8ba48678e7bf57ec4b385411f"
dependencies = [

Am I misunderstanding the documentation?

If you want to pin a specific version you need "= 0.4.21"

Caret requirements are an alternative syntax for the default strategy, ^1.2.3 is exactly equivalent to 1.2.3.

From that same link
https://doc.rust-lang.org/cargo/reference/specifying-dependencies.html#caret-requirements

1 Like

Ah. Now I understand. By "exactly equivalent" the author means in the sense of string comparison not semantic version comparison.

The string values "^1.2.3" and "1.2.3" have the exact same semantic meaning to cargo, yeah

It didn't occur to me before but that is an unfortunately ambiguous way to phrase that part of the documentation.

1 Like