Finomnis
commented
4 months ago @mciantyre I also fixed it so that we don't force the user to upgrade to a newer dependency version.
Closed Finomnis closed 4 months ago
Finomnis
commented
4 months ago @mciantyre I also fixed it so that we don't force the user to upgrade to a newer dependency version.
Finomnis
commented
4 months ago I think that points one and two are true.
In my opinion the point where I disagree is that the user should be able install a version with a defect. If a dependency has a defect, it should be yanked. All non-yanked versions should work fine, just have a different amount of features.
I'm concerned I can't provide a guarantee like "imxrt-usbd works with 1.74 for 8 months" if I need to force a dependency update.
I'm not sure how you could ever guarantee that. As you mentioned, if there is a defect in a dependency, and a new version of the dependency fixes the defect but features a new MSRV, then you need to update, no matter what. I guess that's a general problem of not having the control over all dependencies.
So I'm unsure what to do now... Do you object to the changes I proposed in general? Just don't have an MSRV?
Finomnis
commented
4 months ago @mciantyre The official guidelines seem to be:
There don't seem to be more than that, so it's kind of open to interpretation.
In my own projects, I check all four of:
Although I do suppose this is a little overkill.
Finomnis
commented
4 months ago As more references, this is how tokio does the min-versions thing: https://github.com/tokio-rs/tokio/blob/59579465bee804b65a66f95c810c3ea01bb923a1/.github/workflows/ci.yml#L277-L307
And here is some more discussion around that topic: https://users.rust-lang.org/t/psa-please-specify-precise-dependency-versions-in-cargo-toml/71277
Finomnis
commented
4 months ago Closed due to inactivity.
This is an alternative to #26 and #27.
It combines the MSRV and minimal-versions check. This has several advantages: