I have a workspace where running cargo update fails with the following:
error: cyclic package dependency: package `serde_json v1.0.66` depends on itself. Cycle:
package `serde_json v1.0.66`
... which is depended on by `wasm-bindgen v0.2.75`
... which is depended on by `js-sys v0.3.52`
... which is depended on by `getrandom v0.2.3`
... which is depended on by `ahash v0.7.4`
... which is depended on by `hashbrown v0.11.2`
... which is depended on by `indexmap v1.7.0`
... which is depended on by `serde_json v1.0.66`
... which is depended on by `stdweb-internal-macros v0.2.9`
... which is depended on by `stdweb v0.4.20`
... which is depended on by `time v0.2.27`
... which is depended on by `cookie v0.14.4`
... which is depended on by `actix-http v2.2.1`
I think this is happening because something else in the dependency tree (not ahash) is turning on the js feature of the getrandom crate, which is incorrect in this case as it's not a wasm build.
I'm looking at the inverse dependency tree with cargo-tree and I haven't been able to find any chain of features that would cause this yet. Does anyone have any tips for troubleshooting or resolving feature toggles in a systematic manner? Hunting down Cargo.toml files and resolving features in my head isn't working out so far.