List of packages failing to build due to a missing or broken Cargo.lock

[paper42]

• cargo-auditable cargo-auditable: patch lockfile #43498
• cargo-auditable-bootstrap cargo-auditable: patch lockfile #43498
• cargo-c cargo-c: update to 0.9.18. #43484
• cargo-license cargo-license: generate missing lockfile #43493
• geckodriver
• leftwm
• mandown mandown: generate missing lockfile #43483
• ntdsextract2
• openpgp-ca
• openpgp-card-tools
• riff riff: fix build failure from --locked #43477
• rsClock
• sandboxfs
• stdm
• wezterm

cc @jcgruenhage

[tranzystorekk]

mandown: #43483

[tranzystorekk]

cargo-license: #43493

[icp1994]

Maybe we can do a cleanup by adding a do_configure to the cargo build style.

do_configure() {
     cargo fetch --target ${RUST_TARGET} ${configure_args}
}

From the docs of cargo-fetch

If a Cargo.lock file is available, this command will ensure that all of the git dependencies and/or registry dependencies are downloaded and locally available. Subsequent Cargo commands will be able to run offline after a cargo fetch unless the lock file changes.

If the lock file is not available, then this command will generate the lock file before fetching the dependencies.

[tranzystorekk]

This would defeat the point of the lockfile PR, which AFAIU was to make the packages that have lockfile problems more prominent.

[icp1994]

Oh, okay. I thought we are just (re-)generating the lockfile anyway - fex, bandwhich.

[jcgruenhage]

I'd like to rename this issue: In some of these cases, the Cargo.lock file is present, but not up to date. In the case of cargo-auditable` for example, it's just a tiny issue around the version number of itself:

diff --git a/Cargo.lock2 b/Cargo.lock
index 00969c9e1c..5caabbda1c 100644
--- a/Cargo.lock2
+++ b/Cargo.lock
@@ -72,7 +72,7 @@ dependencies = [
 
 [[package]]
 name = "cargo-auditable"
-version = "0.6.0"
+version = "0.6.1"
 dependencies = [
  "auditable-info",
  "auditable-serde",

cargo-auditable: #43498