Prune unused deps + general dependency cleanup #324
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
I'm submitting a
All dependency entries were sorted.
eval
,fs_extra
, and all dev dependencies were dropped from theapp
crate as they were unused.eval
,fs_extra
,openssl
,paw
,structopt
, andtracing-subscriber
were dropped from regular dependencies of the lib crate, andtempdir
,assert_cmd
,predicates
, andassert_fs
were removed from dev-dependencies.In one test, usage of
tempdir
was replaced with the tempdir functionality oftempfile
astempdir
is deprecated.Every dependency was bumped to the latest possible minor version. Major versions would likely require a more hand-done audit, but minor versions are supposed to be back-compatible and safe to update aggressively. Tests still run fine after doing this, so I'm erring on that semver was properly followed for dependencies.
The only potentially contentious part here is that I dropped the patch version pin on each dep, preferring instead to only specify major.minor. The whole dep tree is already pinned via
Cargo.lock
, and I prefer to let the most recent patch be more aggressively consumed. Due to the way cargo resolves dependencies, Minor version is much less safe of a guarantee due to the way that Minor doesn't need to be forward-compatible by design.If there's a particular reason why every dep is pinned down to patch version, I'll go through and pin each to the current latest patch for the minor version. Patch version changes should always be cross compatible both forward and back, the exception here would be non-semver compliant crates.