When multiple sub-projects share a Manifest.toml via e.g. manifest = ../Manifest.toml, calling Pkg.update() within any sub-project is potentially destructive.
where both A/Project.toml and B/Project.toml contain the entry manifest = ../Manifest.toml.
Suppose A and B have some third-party dependencies, but do NOT depend on each other.
The top-level environment has both A and B as local "develop" dependencies.
Calling Pkg.update() in the top level environment is entirely safe, and behaves as expected. It respects the requirements of both A and B simultaneously.
Calling Pkg.update() within A results in the following changes to the top level Manifest.toml:
A's dependencies are updated, as expected
B itself, and any dependencies (that are not also dependencies of A) are removed
The project_hash changes (presumably to that computed from A/Project.toml)
I've observed this behaviour in Julia 1.9.4 and 1.10.0.
Ideally we would want an update in a sub-packge to be safe. Currently, Julia even encourages one to perform the destructive action above, because when activating the environment in A/ and running ] test, you see:
(A) pkg> test
┌ Warning: The project dependencies or compat requirements have changed since the manifest was last resolved.
│ It is recommended to `Pkg.resolve()` or consider `Pkg.update()` if necessary.
(presumably because project_hash corresponds to the top-level Project.toml rather than A/Projet.toml )
When multiple sub-projects share a
Manifest.toml
via e.g.manifest = ../Manifest.toml
, callingPkg.update()
within any sub-project is potentially destructive.For context on the set-up, see e.g. #3590 , and @nickrobinson251's comment here: https://github.com/JuliaLang/Pkg.jl/pull/3263#issuecomment-1890426685
Suppose we have the structure:
where both
A/Project.toml
andB/Project.toml
contain the entrymanifest = ../Manifest.toml
. Suppose A and B have some third-party dependencies, but do NOT depend on each other. The top-level environment has bothA
andB
as local "develop" dependencies.Calling
Pkg.update()
in the top level environment is entirely safe, and behaves as expected. It respects the requirements of both A and B simultaneously.Calling
Pkg.update()
withinA
results in the following changes to the top levelManifest.toml
:A
's dependencies are updated, as expectedB
itself, and any dependencies (that are not also dependencies of A) are removedproject_hash
changes (presumably to that computed fromA/Project.toml
)I've observed this behaviour in Julia 1.9.4 and 1.10.0.
Ideally we would want an update in a sub-packge to be safe. Currently, Julia even encourages one to perform the destructive action above, because when activating the environment in
A/
and running] test
, you see:(presumably because
project_hash
corresponds to the top-levelProject.toml
rather thanA/Projet.toml
)