Recently I was made aware of the issue in one of my crates where it wouldn’t compile anymore with a fairly weird error, despite crate not receiving any changes since it has been initially written. Turns out the person was using a fairly old version of
rustc 1.17.0 (e.g. provided by distribution packages).
The situation occurs with a
Cargo.toml as follows:
[dependencies] clap = "2.23"
cargo today picks a sem-ver compatible version of
clap =2.29. However somewhere in between version
clap upgraded its
bitflags dependency from
bitflags=1.0, however, requires rustc 1.20 to compile, and so the crate dependent on
clap ^2.23 cannot compile with
rustc 1.17.0 anymore, even though it could compile fine before.
Where should the responsibility fall here?
clap have bumped the major version when releasing a version which (indirectly) drops support for older versions of
rustc? Should the crate depending on
clap in the scenario described above specify
=2.23 instead of
If former, then clearly community isn’t being sufficiently meticulous when bumping dependency versions and we should educate (… evangelise?) maintainers better. If latter, won’t we essentially lose most of the benefits semver brings us in the first place? Is there an unambiguous answer?
I remember there was some chatter regarding this in the past, but not sure if any conclusion was arrived to.