Currently we only prune imports when doing an explicit prune or when certifying a new audit for the crate. This patch updates the behaviour to also prune imports whenever we are otherwise also adding new imports for the given crate.
This gives us an opportunity to automatically prune old publisher entries when updating a dependency with a trusted entry or wildcard audit, which otherwise wouldn't happen until cargo vet prune is explicitly called.
This pruning happens after resolution, so existing imports will still be preferred, and cargo vet prune may still perform additional cleanup. Exemptions, git audits, and unpublished entries aren't impacted.
Currently we only prune imports when doing an explicit prune or when certifying a new audit for the crate. This patch updates the behaviour to also prune imports whenever we are otherwise also adding new imports for the given crate.
This gives us an opportunity to automatically prune old publisher entries when updating a dependency with a trusted entry or wildcard audit, which otherwise wouldn't happen until
cargo vet prune
is explicitly called.This pruning happens after resolution, so existing imports will still be preferred, and
cargo vet prune
may still perform additional cleanup. Exemptions, git audits, and unpublished entries aren't impacted.Fixes #620