Closed yanganto closed 1 year ago
Can you not lock arbitrary to a lower version in your package?
In general this is tooling so maintaining rust version compat isn't as important, and as a project we don't consider changes to the rust version requirement to be breaking.
In this specific case you can use cargo update
to locally pin. Cargo's designed to give authors resilience to this.
Furthermore, arbitrary = "1.1"
would still not fix this, you need an arbitrary = "=1.1"
constraint, which is generally considered bad practice.
Hi @Manishearth,
Thanks for the response, and it is not really breaking changes. I appreciate your work and I did not picky.
Just for your reference.
The arbitrary = "=1.1"
does not fix this scenario.
Here is the exact case I run into if you are willing to know the detail.
https://github.com/yanganto/nearcore/tree/maintenance-window-1.29.0
cargo build --bin neard
Updating crates.io index error: package
derive_arbitrary v1.2.0
cannot be built because it requires rustc 1.63.0 or newer, while the currently active rustc version is 1.62.1
Yes, that's what I said, that's insufficient to pin the version. Use cargo update -p arbitrary --version whatever
Hi there,
The
arbitrary
dependency oflibfuzzer-sys
is not locked.The
1.1
version ofarbitrary
can be built withrustc
1.62.1. But1.2
version ofarbitrary
can be built withrustc
1.63 or newer.I run into issues with building an old version of an application with a specified rust version, which depends on
libfuzzer-sys
. We can avoid this in the future to dep onarbitrary = 1.1
orarbitrary = 1.2
notarbitrary = ^1
.Thanks in advanced.