Open lann opened 4 months ago
I can't imagine that use case, at the moment. Maybe start simple and lazy evaluate if we need to change.
Discussed this a bit with @fibonacci1729. There are tradeoffs with both lock-per-tool and one-lock-to-rule-them-all:
I think this is best resolved with prototyping, so I'm proposing the following initial approach:
wasm-pkg.lock
[[dependency]]
s record a specific dependency specification, e.g. wasi:http@{>=0.2.0}
tools
field listing the tool(s) that need this direct dependency: tools = ["wit", "cargo-component", "jco"]
Each tool will be responsible for managing its own entry in this list. If a tool removing itself from this list makes the list empty, the entry is deleted.[[package]]
s, reflecting specific resolutions of both the direct dependency
s and transitive dependenciespackage
matching each dependency
. This implies that any "upgrade" operation may upgrade dependencies for all tools.
dependency
would be explicitly linked to a package
, allowing multiple different resolutions for overlapping dependency specs.We just merged support for a basic lock file adapted from the wit tool in cargo component with the merge of #91. We can keep this open as we might need to do some more prototyping, but just wanted people to be aware
This could probably just be adapted from https://github.com/bytecodealliance/cargo-component/blob/main/crates/core/src/lock.rs
Open question: Should there be a single e.g.
wasm-pkg.lock
file (per workspace) or should each tool pick its own name (likewit.lock
today)? Would you ever want different resolved package versions for different tools in the same workspace?