Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Odd behaviour for non-precise git dependencies in Cargo.lock #13300

Open
espindola opened this issue Jan 15, 2024 · 4 comments
Open

Odd behaviour for non-precise git dependencies in Cargo.lock #13300

espindola opened this issue Jan 15, 2024 · 4 comments
Labels
A-diagnostics Area: Error and warning messages generated by Cargo itself. A-git Area: anything dealing with git A-lockfile Area: Cargo.lock issues C-bug Category: bug S-needs-design Status: Needs someone to work further on the design for the feature or fix. NOT YET accepted.

Comments

@espindola
Copy link

Problem

If a Cargo lock is mistakenly edited to have a non-precise git dependency, like:

[[package]]
name = "foo"
version = "0.1.0"
source = "git+ssh://espindola@localhost/home/espindola/code/cargo-bug/foo"

I would expect an error, but instead the behavior is pretty odd:

  • Cargo will check the repo on every build. In the above example, it always prints
 Updating git repository `ssh://espindola@localhost/home/espindola/code/cargo-bug/foo`
  • Adding a new commit with a new version to the dependency breaks the build. In this example, adding foo 0.2.0 causes:
    Updating git repository `ssh://espindola@localhost/home/espindola/code/cargo-bug/foo`
error: failed to select a version for the requirement `foo = "*"` (locked to 0.1.0)
candidate versions found which didn't match: 0.2.0
location searched: Git repository ssh://espindola@localhost/home/espindola/code/cargo-bug/foo
required by package `bar v0.1.0 (/home/espindola/code/cargo-bug/bar)`

I can't rule out this being an odd feature, but I could not find it in the Cargo book and can't think how it would be used.

Steps

No response

Possible Solution(s)

No response

Notes

No response

Version

cargo 1.71.1
release: 1.71.1
host: x86_64-alpine-linux-musl
libgit2: 1.6.4 (sys:0.17.1 vendored)
libcurl: 8.5.0 (sys:0.4.61+curl-8.0.1 system ssl:OpenSSL/3.1.4)
os: Alpine Linux 3.18.5 [64-bit]
@espindola espindola added C-bug Category: bug S-triage Status: This issue is waiting on initial triage. labels Jan 15, 2024
@epage epage added A-lockfile Area: Cargo.lock issues A-git Area: anything dealing with git labels Jan 15, 2024
@Eh2406
Copy link
Contributor

Eh2406 commented Jan 21, 2024

Cargo lock is mistakenly edited

Other tools/users editing cargo.lock is not a documented use case. So this feels like "you broke an internal data structure and got an odd behavior". That being said, this does feel like a dumb thing for cargo to do, so I would be okay with fixing it. Specifically I would be okay with either cargo reporting in error on this lock file, or updating git dependency identifying the precise revision and updating the lock file to match.

@weihanglo
Copy link
Member

It would be helpful if a minimal reproducible example could be provided, so we the can move forward to a fix.

@weihanglo weihanglo added S-needs-info Status: Needs more info, such as a reproduction or more background for a feature request. and removed S-triage Status: This issue is waiting on initial triage. labels Mar 28, 2024
@espindola
Copy link
Author

It would be helpful if a minimal reproducible example could be provided, so we the can move forward to a fix.

I think the one in the description (#13300 (comment)) is minimal.

@espindola
Copy link
Author

It would be helpful if a minimal reproducible example could be provided, so we the can move forward to a fix.

I think the one in the description (#13300 (comment)) is minimal.

I pushed it to https://codeberg.org/espindola/cargo-bug-bar, so you can reproduce the problem with:

$ git clone https://codeberg.org/espindola/cargo-bug-bar.git
$ cd cargo-bug-bar
$ cargo check
$ cargo check

@weihanglo weihanglo added A-diagnostics Area: Error and warning messages generated by Cargo itself. S-needs-design Status: Needs someone to work further on the design for the feature or fix. NOT YET accepted. and removed S-needs-info Status: Needs more info, such as a reproduction or more background for a feature request. labels Apr 4, 2024
@weihanglo weihanglo mentioned this issue Jul 11, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
A-diagnostics Area: Error and warning messages generated by Cargo itself. A-git Area: anything dealing with git A-lockfile Area: Cargo.lock issues C-bug Category: bug S-needs-design Status: Needs someone to work further on the design for the feature or fix. NOT YET accepted.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@espindola @epage @Eh2406 @weihanglo