search

kbknapp / cargo-outdated

A cargo subcommand for displaying when Rust dependencies are out of date
MIT License
1.2k stars 94 forks source link

Cargo outdated doing invalid resolution of crates #376

Open twirrim opened 9 months ago

twirrim commented 9 months ago

If I get a chance later, I'll dig in to cargo outdated to see how it's doing the crate resolution logic, but it's doing something strange. Minimal repro case in a Cargo.toml:

[package]
name = "outfail"
version = "0.1.0"
edition = "2021"

# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html

[dependencies]
refinery = { version = "0.8", features = ["rusqlite"]}
rusqlite = { version = "0.29", features = ["bundled"] }

Note that we're pinning rusqlite to version 0.29. cargo build will compile quite happily.

Cargo outdated throws an error tying in to the libsqlite-sys crate:

error: failed to select a version for `libsqlite3-sys`.
    ... required by package `rusqlite v0.23.0`
    ... which satisfies dependency `rusqlite = ">=0.23, <=0.29"` of package `refinery-core v0.8.11`
    ... which satisfies dependency `refinery-core = "^0.8.11"` of package `refinery v0.8.11`
    ... which satisfies dependency `refinery = "^0.8.11"` of package `outfail v0.1.0 (/tmp/user/1000/cargo-outdatedYiSfTo)`
versions that meet the requirements `^0.18.0` are: 0.18.0

the package `libsqlite3-sys` links to the native library `sqlite3`, but it conflicts with a previous package which links to `sqlite3` as well:
package `libsqlite3-sys v0.27.0`
    ... which satisfies dependency `libsqlite3-sys = "^0.27.0"` of package `rusqlite v0.30.0`
    ... which satisfies dependency `rusqlite = "^0.30.0"` of package `outfail v0.1.0 (/tmp/user/1000/cargo-outdatedYiSfTo)`
Only one package in the dependency graph may specify the same links value. This helps ensure that only one copy of a native library is linked in the final binary. Try to adjust your dependencies so that only one package uses the links ='libsqlite3-sys' value. For more information, see https://doc.rust-lang.org/cargo/reference/resolver.html#links.

failed to select a version for `libsqlite3-sys` which could resolve this conflict

For reasons I'm not clear on, that second block is suggesting I have rusqlite pinned to version ^0.30.0, when you can see from the Cargo.toml it's set to 0.29. Looking at upstream refinery-core at the time of writing/release: https://github.com/rust-db/refinery/blob/0118f0101b0e171498f965bf26e20d9b2072c4ff/refinery_core/Cargo.toml#L33 that's showing what we see in the resolver output ">= 0.23, <= 0.29".

Switching Cargo.toml to use that version range for rusqlite still returns the same message, erroneously claiming pinned to ^0.30.0.

max-sixty commented 2 months ago

FWIW we get the same error when running cargo outdated in PRQL:

https://github.com/PRQL/prql, latest commit is 67453ae1