Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Inconsistent Cargo.lock generation with overlapping version ranges #14613

Open
x-hgg-x opened this issue Sep 29, 2024 · 2 comments
Open

Inconsistent Cargo.lock generation with overlapping version ranges #14613

x-hgg-x opened this issue Sep 29, 2024 · 2 comments
Labels
A-dependency-resolution Area: dependency resolution and the resolver C-bug Category: bug S-needs-design Status: Needs someone to work further on the design for the feature or fix. NOT YET accepted.

Comments

@x-hgg-x
Copy link
Contributor

x-hgg-x commented Sep 29, 2024

Steps

  1. Create a package with the following Cargo.toml:
[package]
name = "a"
version = "0.1.0"
edition = "2021"

[dependencies]
ic-stable-structures = ">=0.1, <0.6"

[build-dependencies]
ic-stable-structures = ">=0.2, <0.5"

[dev-dependencies]
ic-stable-structures = "0.3"
  1. Run cargo fetch then cargo generate-lockfile

Generated Cargo.lock:

# This file is automatically @generated by Cargo.
# It is not intended for manual editing.
version = 3

[[package]]
name = "a"
version = "0.1.0"
dependencies = [
 "ic-stable-structures 0.3.0",
 "ic-stable-structures 0.4.1",
 "ic-stable-structures 0.5.6",
 "libc",
]

[[package]]
name = "ic-stable-structures"
version = "0.3.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7cf57a7a43948acb3bc11572533f57e52f60cbbf33d7c699678ac9d1a9307537"

[[package]]
name = "ic-stable-structures"
version = "0.4.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "77002de282a2042e50e345d17ff8a4b8a396bc6b4033aeb0dee1b7d519a80630"

[[package]]
name = "ic-stable-structures"
version = "0.5.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "95dce29e3ceb0e6da3e78b305d95365530f2efd2146ca18590c0ef3aa6038568"
  1. Run cargo generate-lockfile --offline (or cargo tree)

Generated Cargo.lock:

# This file is automatically @generated by Cargo.
# It is not intended for manual editing.
version = 3

[[package]]
name = "a"
version = "0.1.0"
dependencies = [
 "ic-stable-structures",
 "libc",
]

[[package]]
name = "ic-stable-structures"
version = "0.3.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7cf57a7a43948acb3bc11572533f57e52f60cbbf33d7c699678ac9d1a9307537"
  1. Run cargo generate-lockfile

Same as §2.

  1. Run cargo generate-lockfile --offline

Same as §3.

  1. Delete Cargo.lock and run cargo generate-lockfile --offline

Same as §3.

  1. Delete Cargo.lock and run cargo tree

Same as §2.

Version

cargo 1.83.0-nightly (80d82ca22 2024-09-27)
release: 1.83.0-nightly
commit-hash: 80d82ca22abbee5fb7b51fa1abeb1ae34e99e88a
commit-date: 2024-09-27
host: x86_64-unknown-linux-gnu
libgit2: 1.8.1 (sys:0.19.0 vendored)
libcurl: 8.9.0-DEV (sys:0.4.74+curl-8.9.0 vendored ssl:OpenSSL/1.1.1w)
ssl: OpenSSL 1.1.1w  11 Sep 2023
os: Linux Mint 22.0.0 (wilma) [64-bit]
@x-hgg-x x-hgg-x added C-bug Category: bug S-triage Status: This issue is waiting on initial triage. labels Sep 29, 2024
@ehuss ehuss changed the title Running cargo tree can update the Cargo.lock file, even after running cargo update Inconsistent Cargo.lock generation with overlapping version ranges Sep 29, 2024
@ehuss
Copy link
Contributor

ehuss commented Sep 29, 2024

Thanks for the report! This is unrelated to cargo tree or the version resolver. The dependency resolver seems to only use one version, but only after the dependencies are locked.

@ehuss ehuss added A-dependency-resolution Area: dependency resolution and the resolver S-needs-design Status: Needs someone to work further on the design for the feature or fix. NOT YET accepted. and removed S-triage Status: This issue is waiting on initial triage. labels Sep 29, 2024
@Eh2406
Copy link
Contributor

Eh2406 commented Sep 30, 2024

I had to run a fetch before I could get the problem to reproduce. Another symptom of this problem is that cargo generate-lockfile && cargo check --locked returns an error.

My instinct is that this feels like #5529 / #14115 / #14446 , but maybe not because #14582 (nor removing that heuristic) helped with the problem. This generally has the feeling of src/cargo/core/registry.rs is encoding the problem differently depending on whether there's a lock file, but that is just a feeling.

Getting trace logs from the runs with the different behavior seems like the next investigation step.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
A-dependency-resolution Area: dependency resolution and the resolver C-bug Category: bug S-needs-design Status: Needs someone to work further on the design for the feature or fix. NOT YET accepted.
Projects
None yet
Development

No branches or pull requests

3 participants