search

EmbarkStudios / cargo-deny

❌ Cargo plugin for linting your dependencies 🦀
http://embark.rs
Apache License 2.0
1.71k stars 83 forks source link

How to force using a version via [patch] #584

Closed dcecile closed 8 months ago

dcecile commented 9 months ago

Is your feature request related to a problem? Please describe. Following the cargo-deny book, I'm trying to set up this use case:

Maybe, even though the versions are supposedly incompatible according to semver, they actually aren't, and you can temporarily introduce a [patch] to force the crate to use a particular version for your entire workspace.

I want to do a simple version override where the new version already published on crates.io. For example, this is just one line in NPM.

But I can't find any info in the Cargo book or elsewhere about how to do this.

Describe the solution you'd like

It would be nice if this part of the cargo-deny book linked to a how-to article or had a Cargo.toml example.

If the only options are changing the "version dependency" to a "Git dependency", or forking the package causing the dependency, that might be nice to explain.

Describe alternatives you've considered I tried this [patch] section...

[patch.crates-io]
windows-targets = { version = "0.52.0" }

...but it gives this error:

error: failed to resolve patches for `https://github.com/rust-lang/crates.io-index`

Caused by:
  patch for `windows-targets` in `https://github.com/rust-lang/crates.io-index` points to the same source, but patches must point to different sources

Additional context

Presumably related open Cargo issues:

Jake-Shadle commented 9 months ago

The wording is confusing, but it means that you can patch one or more of the crates that depend on a crate to relax/refine the version constraint without making any changes to the code itself.

dcecile commented 8 months ago

Let's suppose I have the following dependency chain:

And in this scenario, I want to use a different version of C.

So I could patch B, right? For someone who's never done this before, this means forking B and editing its Cargo.toml, then adding a line in [patch] to use my forked B (e.g. on GitHub) instead of the original B?

Jake-Shadle commented 8 months ago

Yes.

dcecile commented 8 months ago

Perfect, thank you!