Recently, one of my users reported a compilation failure with my package. I have noticed I relied on a feature of dbus package introduced in
0.9.1 while I specified
dbus = "0.9" in my
Is there a way to compile my project with a oldest possible versions of the dependencies so I know that my dependencies are correct?
I have also get another issue with clap. My
clap = "2.0", but on older rust editions, clap >= 2.28 does not compile. I have not find any easy way to enforce the version of a dependency. Finally, I have changed my dependency in
clap = "2.0, < 2.28". I am not very satisfied of the workaround: the user of newer rust edition still use an outdated version of clap.
I believe that
clap has made a mistake when declaring the minimal supported edition, but it is now too late to fix it. If they have had a tool to check their requirements maybe it didn't happen. What do you think?
Globally, does anyone have some recipe to deal with that issues?
I don't know, but here are some relevant Cargo tickets:
Please don't do this. If users of your crate need an older version they can force the version themself. Using an upperbound will make it impossible to use your crate if they also happen to depend on 2.y where y >= 28 as cargo doesn't allow more than one semver compatible version of a crate to be used inside a workspace.
I agree, but I did not find any easy way to enforce a version. Do you have any suggestion?
Yes. Upgrade to a modern version of clap, it's at 3.x by now.
Granted it doesn't prevent the issue from happening again in principle, but it does solve it now without crippling the dependency upgrade path.
Unfortunately, I don't have the time to make this migration for now.
BTW, how am I going to support my users with older rust editions?
Is your crate a library or an application? The other responders seem (I apologize if I misunderstand) to be assuming that it is a library, but it seems unusual for a library to depend on
A library of mine did once depend on
clap, but that was strange and I don't think I approve of it in hindsight.
An application. You can find it here: wisun-br-linux/app_wsbrd_cli at main · SiliconLabs/wisun-br-linux · GitHub.
For applications you should check in
Cargo.lock. This file contains the exact versions to use for all crates when building your application.
You mean I should provide my
Cargo.lock for binaries.
Cargo lock in .gitignore for libraries.
Make sense. I am going to think about that.
At least, I have answer to one of my question: I can enforce the version of
cargo update -p clap --precise 2.27.1