Latest version being installed even though a fixed version is specified

[sunshowers]

Hi again --

Noticed that the latest version of a crate is being installed even though a fixed version is specified.

For example, this workflow installed version 0.22.2: https://github.com/nextest-rs/nextest/actions/runs/3389729301/jobs/5633134431

With this workflow file: https://github.com/nextest-rs/nextest/actions/runs/3389729301/workflow#L104-L107

Could you look into this? Thanks!

[sunshowers]

Oh I think I need to specify the version with an equals sign. Wondering if this is caused by a difference between cargo's and node's respective meanings of semver version requirements around 0.x versions.

[sunshowers]

Thinking about this a bit more: I think that when an exact version is specified, most people expect the installation to be for that specific version -- otherwise, the standard semver requirement logic should apply.

I wrote a Rust version of this logic here:

• https://github.com/nextest-rs/nextest/blob/329d73743d58a382c6c67f9b1054e81df557e8ef/nextest-runner/src/update.rs#L455-L505
• https://github.com/nextest-rs/nextest/blob/329d73743d58a382c6c67f9b1054e81df557e8ef/nextest-runner/src/update.rs#L150-L173

What do you think?

[baptiste0928]

Thanks for reporting this bug!

Node treats caret requirements the same way as cargo, but this isn't properly implemented in the compare-versions package that is used to handle version requirements (https://github.com/omichelsen/compare-versions/issues/65).

I will switch to the semver package (that is internally used by npm).

[sunshowers]

Thanks! What do you think of the suggestion to use the exact version if one is specified that way?

[baptiste0928]

Hi again ! I switched to semver in the next branch. Can you please test it on your workflow and tell me if it works?

You can use the next branch in your workflow with the following syntax:

-  uses: baptiste0928/cargo-install@next

What do you think of the suggestion to use the exact version if one is specified that way?

It's a good idea, I added this to the planned features for v2 (#5).

[begleynk]

Just swinging by to report that this didn't seem to work for me in the next branch with the caret syntax:

Run baptiste0928/cargo-install@next      # Using next branch
  with:
    crate: tauri-cli
    version: ^1.0.0-rc.10      # Explicit version
    locked: false
  env:
     ...
Installing tauri-cli ...
  Fetching crate information on crates.io ...
  Installation settings:
     version: 1.2.2         # Version gets ignored
...

Update: Ignore me - I think this may be an issue on my end. Leaving the comment here just in case it is helpful.

[MeerKatDev]

This still picks up the last one (v0.23.0)

    - name: Install uniffi_bindgen
      uses: baptiste0928/cargo-install@v1
         with:
           crate: uniffi_bindgen
           version: "0.22.0"

[baptiste0928]

I just released an update that switches to semver for version resolution, this should fix this issue :smile: