Lock down some crate versions; update others semver compatibly #710
Conversation
|
Hm I'm generally quite anti- |
|
I think this is the problem, Cargo doesn't know that it needs to use serde_json 0.9 there, so postgres-shared is getting serde_json 1.0 while we're getting serde_json 0.9, causing compile issues. |
|
cc @sfackler (on previous comment), just to make sure you're aware, not sure you want to take any action though |
|
Ok after #711 let's just solve it here. @carols10cents my theory makes me think that we can get by locking just postgres-shared, or basically finding a version of postgres that doesn't have the wider range of deps on serde. Did you find that locking openssl/serde/etc were required as well? If not, could you back out the other locked versions here and just lock postgres-shared, and then place a comment above it as to why it's locked and when the lock can be removed? #711 should have an example of dealing with the OpenSSL change as well. You can also just |
carols10cents
force-pushed
the
put-crates-on-lockdown
branch
from
2dc7dd0 to
dfcdb98
Compare
|
@alexcrichton you're totally right, i just tried locking down the others first and that didn't work so I kept adding and didn't go back to remove. |
In order to be able to build successfully without the lockfile, which
happens when verifying with
cargo packagesince package never includesCargo.lock.If we don't constrain these crates' versions, they update to
incompatible versions of, most problematically, serde_json.
openssl has also deprecated the
finishmethod and changed some typesin a minor version bump. I don't feel like figuring it out right now so I'm locking it down too :P