Dependency in Cargo.toml

This is a really basic question bit I am somewhat confused with it. Where is a dependency fetched from if I specify its version as well as git in cargo.toml?

It is fetched from the specified git repo, using the commit specified in Cargo.lock if there is one, or else from the branch, tag, or rev specified, or else from the head of the default branch.

After it is fetched, Cargo will check that its version is compatible with your specified version, and will quit with an error if it is not.

1 Like

Check compatibility with crate version on crates.io?

No - rather, the check is that the crate downloaded via git has the same version in its Cargo.toml as the version you specified.

Note that that's only the case, though, if you compile the crate with the dependency locally. When uploading to crates.io, the version will be used instead of the git url.

Say crate bbb has a dependency on aaa = { version = "1", git = "..." }. If you compile bbb locally, it will download aaa via git. If, however, you upload bbb to crates.io & then depend on it via bbb = "1", then both bbb and aaa will be downloaded from crates.io (not git).

This allows for a group of crates which are often developed together to use the dev versions when compiled locally for being developed and the release versions when released without changing the Cargo.toml for releasing. See Specifying Dependencies - The Cargo Book for more information on this.

2 Likes

Thank you for the detailed explanation!

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.