Enforce lockfile floors for time and bytes by multiplex55 · Pull Request #804 · multiplex55/Multi_Launcher

multiplex55 · 2026-02-07T16:06:24Z

Ensure transitive dependencies time and bytes resolve to known-safe minimums to avoid accidental downgrades or incompatibilities.
Provide an automated, deterministic guard so maintainers can detect lockfile regressions locally and in CI.

Add explicit dependency floor constraints in Cargo.toml: time = ">=0.3.47, <0.4" and bytes = ">=1.11.1, <2" to express the required minimums.
Regenerate Cargo.lock so time resolves to 0.3.47 and bytes resolves to 1.11.1 (remove older resolved versions for those crates).
Add tests/dependency_floor_guard.rs, a deterministic, offline-safe test that parses Cargo.lock, asserts each crate appears exactly once, and verifies time >= 0.3.47 and bytes >= 1.11.1, including a local SemVer helper and unit tests for the helper.
Update README.md to document the enforcement command for maintainers: cargo test --test dependency_floor_guard.

Ran cargo update -p time --precise 0.3.47 && cargo update -p bytes --precise 1.11.1, which succeeded and updated Cargo.lock to the targeted versions.
Ran a local script to inspect Cargo.lock and confirmed time is 0.3.47 and bytes is 1.11.1.
Attempted cargo test --test dependency_floor_guard on the environment default toolchain which failed because time 0.3.47 requires rustc 1.88.0.
Attempted cargo +1.88.0 test --test dependency_floor_guard, which progressed but the build ultimately failed in this Linux environment due to a missing system alsa development library required by a transitive native crate, not due to the guard test logic itself.

Enforce dependency floor versions for time and bytes

c3d5438

multiplex55 added the codex label Feb 7, 2026 — with ChatGPT Codex Connector

Remove dependency floor guard test

f99312c

multiplex55 merged commit dde5d08 into master Feb 7, 2026
1 check passed

multiplex55 deleted the codex/update-dependency-resolution-strategy-in-cargo.toml branch February 8, 2026 01:16

Provide feedback