search

jdx / mise

dev tools, env vars, task runner
https://mise.jdx.dev
MIT License
9.57k stars 270 forks source link

Add support to cargo backend to allow installing without specifying --locked #2753

Open kemitix opened 3 days ago

kemitix commented 3 days ago

The default when installing via the cargo backend is to automatically installed with the --locked option. This is a great default, as it installs the software with the same versions the developer worked with.

However, if a downstream dependency version is yanked, the package can no-longer be installed using the --locked parameter.

e.g. mise use -g cargo:getzola/zola@tag:v0.19.2

warning: package `bytemuck v1.16.0` in Cargo.lock is yanked in registry `crates-io`, consider running without --locked
warning: package `bytes v1.6.0` in Cargo.lock is yanked in registry `crates-io`, consider running without --locked
warning: package `futures-util v0.3.30` in Cargo.lock is yanked in registry `crates-io`, consider running without --locked
warning: package `zerovec v0.10.2` in Cargo.lock is yanked in registry `crates-io`, consider running without --locked
warning: package `zerovec-derive v0.10.2` in Cargo.lock is yanked in registry `crates-io`, consider running without --locked

Adding the option to run without --locked would allo packages like this to be installed.

jdx commented 3 days ago

we could have a tool option here like locked = false I think