Tracking MSRV of dependencies

1

I've been using cargo-outdated for a long time to track outdated dependencies, but a while back someone (on here?) mentioned that cargo update --verbose is slowly making cargo-outdated redundant. I tried it, and while it was true, I think I was just more used to the output format of cargo-outdated.

But recently when I went on a "update dependencies" rampage, I ran into the issue where cargo-outdated won't work with custom crate registrys, so I began using cargo update [--dry-run] --verbose more, and I noticed that somewhat recently it started doing this neat thing where it tells you which dependencies are being held back due to unmet MSRV requirements.

Nifty! I've been religiously putting rust-version in crates and feeling that I'm probably doing something good, but not really knowing what. But now I know!

3 Likes
2

The MSRV-aware resolver became the default with the 2024 edition. Users can opt-into it without upgrading to the 2024 edition via the config field.

It is important to verify your latest deps and verify your MSRV in CI.

4 Likes
3
Kind of off-topic

I feel obliged to also encourage people to adopt zizmor (for securing GitHub Actions) and cargo-vet (for incremental and collaborative dependency auditing). I am not affiliated with either project, I just think they are good tools and want people to enjoy them as much as I do.

1 Like