While the default for library projects is to exclude Cargo.lock from version control as the final application crate should decide which dependencies versions to fix, this does not really apply to a crate that is shipped as a Python wheel. Since this implies shipping binaries, all dependencies should be locked for proper reproducibility of the resulting builds.
While the default for library projects is to exclude Cargo.lock from version control as the final application crate should decide which dependencies versions to fix, this does not really apply to a crate that is shipped as a Python wheel. Since this implies shipping binaries, all dependencies should be locked for proper reproducibility of the resulting builds.