Closed philbooth closed 6 years ago
Would you want to go back to specific versions once this ships to prod? IIRC, the reason we pin to versions is so that we can remove one variable, dependency version, if tests fail on stage/prod but not locally.
we could also use the > operator but I don't see the point really
I like those instead of *
If we do rocket = ">0.3.12"
and at some point Rocket breaks, we can just set `rocket = ">0.3.12, <1" and call it a day, I think it is more well defined that way. Otherwise the "*" makes it harder to 'bisect' a broken dependency
Would you want to go back to specific versions once this ships to prod?
Not really.
IIRC, the reason we pin to versions is so that we can remove one variable, dependency version, if tests fail on stage/prod but not locally.
We still get that without putting hard version strings in Cargo.toml
fwiw, because Cargo.lock
always hard-codes a version string regardless. All this affects is the behaviour when we run cargo update
.
If we do
rocket = ">0.3.12"
and at some point Rocket breaks, we can just set `rocket = ">0.3.12, <1" and call it a day, I think it is more well defined that way. Otherwise the "*" makes it harder to 'bisect' a broken dependency
Good point, well made. I am persuaded.
Hey guys, I will work on this :)
The workflow for updating dependencies when you specify full version strings in
Cargo.toml
is more awkward and doesn't actually add any benefits (imho).This is my workflow for updating dependencies:
rustup update
cargo update
cargo t
If all of the version strings in
Cargo.toml
are"*"
">x.y.z"
, we'll automatically take the last version of everything then test stuff still works. If there are failures, we can resolve them on a case-by-case basis.However, if we use version strings in
Cargo.toml
, it only updates as far as it can without changing the most-significant (non-zero) component of the version string (docs). To update beyond that requires doing a manualcargo search foo
or whatever for each dependency and then changing the version inCargo.toml
accordingly if a newer version is available. All of the steps for testing and so on are the same, it just makes the update part more difficult.Hence I'm proposing we specify
"*"
">x.y.z"
for everything and make life easier.(we could also use the>
operator but I don't see the point really)