calvinrp
commented
4 months ago I can't imagine that use case, at the moment. Maybe start simple and lazy evaluate if we need to change.
Open lann opened 4 months ago
calvinrp
commented
4 months ago I can't imagine that use case, at the moment. Maybe start simple and lazy evaluate if we need to change.
lann
commented
4 months ago Discussed this a bit with @fibonacci1729. There are tradeoffs with both lock-per-tool and one-lock-to-rule-them-all:
I think this is best resolved with prototyping, so I'm proposing the following initial approach:
wasm-pkg.lock[[dependency]]s record a specific dependency specification, e.g. wasi:http@{>=0.2.0}tools field listing the tool(s) that need this direct dependency: tools = ["wit", "cargo-component", "jco"] Each tool will be responsible for managing its own entry in this list. If a tool removing itself from this list makes the list empty, the entry is deleted.[[package]]s, reflecting specific resolutions of both the direct dependencys and transitive dependenciespackage matching each dependency. This implies that any "upgrade" operation may upgrade dependencies for all tools.
dependency would be explicitly linked to a package, allowing multiple different resolutions for overlapping dependency specs.
thomastaylor312
commented
1 week ago We just merged support for a basic lock file adapted from the wit tool in cargo component with the merge of #91. We can keep this open as we might need to do some more prototyping, but just wanted people to be aware
This could probably just be adapted from https://github.com/bytecodealliance/cargo-component/blob/main/crates/core/src/lock.rs
Open question: Should there be a single e.g.
wasm-pkg.lockfile (per workspace) or should each tool pick its own name (likewit.locktoday)? Would you ever want different resolved package versions for different tools in the same workspace?