Closed oxalica closed 1 month ago
Upholding that is tricky. The purpose of the msrv
lock here is really just to ensure that the CI passes. However I agree that this is not ideal for the cargo-insta case and a regression from when we had a dedicated lock file for it. I was hoping the binaries we distribute now solve that case for most users. I will have a look.
Closed by #524
What happened?
On both tag
1.39.0
and current master (569bbade9d9ff4bd43fe4138bdcbde00a6bf34c4), theCargo.lock.msrv
is outdated and some dependencies are missing from lock file.This affects downstream distro packager like nixpkgs (https://github.com/NixOS/nixpkgs/issues/317404) since we requires a frozen lock file with all necessary hashes included.
Reproduction steps
cp Cargo.lock.msrv Cargo.lock
cargo build -p cargo-insta --locked
When running
cargo build -p cargo-insta
without--locked
flag, it will update the lock file with the following change:Insta Version
both 1.39.0 and master
rustc Version
1.78.0
What did you expect?
cargo build -p cargo-insta --locked
should succeed without updating the lock file or recalculation any dependency hashes.I'd like to actually commit
Cargo.lock
to the repository to prevent future mis-synchronization issue. Otherwise, we should at least add--locked
in CI to catch it.