Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

What version should we default to within a workspace? #29

Closed
epage opened this issue Nov 16, 2023 · 5 comments · Fixed by #137
Closed

What version should we default to within a workspace? #29

epage opened this issue Nov 16, 2023 · 5 comments · Fixed by #137
Labels
discussion

Comments

@epage
Copy link
Collaborator

epage commented Nov 16, 2023

Currently, we default to the highest version in the workspace. What if that isn't the direct dependency but is a transitive dependency?

Options

  • Pick highest
  • Prioritize the parent directories package
  • Prioritize if its a direct dependency of any workspace member
@hi-rustin
Copy link
Owner

  • Prioritize the parent directories package

What do you mean by this?
Does it depend on the directory where the command is executed?

@epage
Copy link
Collaborator Author

epage commented Nov 21, 2023

Just like cargo does discovery of a manifest for cargo check, select that manifest for cargo info and if the user-specified package is a direct dependency, use that version.

@epage epage mentioned this issue Jan 3, 2024
Open
8 tasks
@hi-rustin
Copy link
Owner

I think we already did this, right?

For example:

ahash is a transitive dep of cargo-information.

If you run ahash under cargo-information dir:

ahash #hash #hasher #hashmap #aes #no-std
A non-cryptographic hash function using AES-NI for high performance
version: 0.8.8 (latest 0.8.9)
license: MIT OR Apache-2.0
rust-version: 1.72.0
documentation: https://docs.rs/ahash
repository: https://github.com/tkaitchuck/ahash
features:
  default          = [std, runtime-rng]
  std              = []
  runtime-rng      = [getrandom]
  getrandom        = [dep:getrandom]
  atomic-polyfill  = [dep:atomic-polyfill, once_cell/atomic-polyfill]
  compile-time-rng = [const-random]
  const-random     = [dep:const-random]
  nightly-arm-aes  = []
  no-rng           = []
  serde            = [dep:serde]
dependencies:
  atomic-polyfill@1.0.1
  cfg-if@1.0
  const-random@0.1.17
  getrandom@0.2.7
  serde@1.0.117
  zerocopy@0.7.31
  once_cell@1.18.0
build-dependencies:
  version_check@0.9.4
owners:
  tkaitchuck (Tom Kaitchuck)
note: to see how you depend on ahash, run `cargo tree --invert --package ahash@0.8.8`

@hi-rustin
Copy link
Owner

Or I misunderstood transitive dependency?

@epage
Copy link
Collaborator Author

epage commented Feb 22, 2024

Say my dependency graph looks like

member1

  • ahash v1
  • dep1
    • ahash v3
      member2
  • ahash v2
  • dep2
    • ahash v1
      member3
  • dep2
    • ahash v1
  • dep4
    • dep1
      • ahash v3

Which ahash should we select?

  • v3 because we pick the highest
  • v2 because it is the highest version among the most shallow
  • v1 because I'm in member3 and that is the highest version among the most shallow set of ahash

@hi-rustin hi-rustin mentioned this issue Mar 12, 2024
Merged
This was referenced Mar 22, 2024
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
discussion
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: Prefer direct dependencies over transitive dependencies epage/cargo-information
2 participants
@epage @hi-rustin