Cargo rand compilation errors

[rida914-4]

Hi,

This is a general cargo question as a beginner.

I have a rust code which uses rand so i add rand="0.4.3" as a dependency. Idk why when the registry updates randv0.5.5(latest) is automatically downloaded and it also runs into "break loop" error which was stabilized a while ago. I am not sure how to suppress this error or make it not install the latest version.

Cargo.toml
[package]
name = "hello-world"
version = "0.0.0"
authors = [""]

[dependencies]
time = ">=0.1.0"
rand = "0.4.3"
rustc-serialize = "0.3"
histogram = "*"

I get this error. The repository is not cloned locally so i cannot apply the patch rust-lang/rust#37339.

Compiling rand v0.5.5
error: break with a value is experimental (see issue #37339)
--> /root/.cargo/registry/src/github.com-1ecc6299db9ec823/rand-0.5.5/src/distributions/uniform.rs:674:25
|
674 | break d;
| ^^^^^^^
|
= help: add #![feature(loop_break_value)] to the crate attributes to enable

error: pub(restricted) syntax is experimental (see issue #32409)
--> /root/.cargo/registry/src/github.com-1ecc6299db9ec823/rand-0.5.5/src/distributions/float.rs:71:5
|
71 | pub(crate) trait IntoFloat {
| ^^^^^
|
= help: add #![feature(pub_restricted)] to the crate attributes to enable

error: pub(restricted) syntax is experimental (see issue #32409)
--> /root/.cargo/registry/src/github.com-1ecc6299db9ec823/rand-0.5.5/src/rngs/mod.rs:174:27
|
174 | #[cfg(feature="std")] pub(crate) mod thread;
| ^^^^^
|
= help: add #![feature(pub_restricted)] to the crate attributes to enable

error: aborting due to 3 previous errors

error: Could not compile rand.

What am i doing wrong? What is the right way to go about it?

[ehuss]

Hi @rida914-4. I'm not able to reproduce getting rand 0.5 with the example you posted. Can you post a copy of your Cargo.lock file? Also, which version of cargo are you using?

[rida914-4]

cargo 0.19.0-nightly (c995e9e 2017-03-17)
I am supposed to use this old version. that is why i am trying to force cargo to not install the latest rand version.

I have attached the lock file. You will see mutiple versions of rand. 0.3.22 is the one i specified. and v0.5.5 and 0.4.3, it installs while updating the registry.

[rida914-4]

cargo.txt

[ehuss]

It looks like the twox-hash crate has a range specifier for the rand crate (">= 0.3.10, < 0.6"), and Cargo always picks the newest version available. It also looks like you might be able to use an earlier version. If you specify twox-hash = "=1.1.0" in your dependencies, it will pick the older version that only uses rand 0.4. Packages really shouldn't make breaking dependency changes like that for minor version bumps, but such is life. It looks like all the uses of twox-hash in your lock file are under your control, so hopefully that should help?

An alternative if you check your Cargo.lock into source is to downgrade it manually with a command like cargo update -p rand:0.5.5 --precise=0.4.3. However, that can be a pain when you need to update the lock file later.

Another option is to check out your own copy of twox-hash, modify its Cargo.toml to use the version of rand that you want, and then set up an override. See https://doc.rust-lang.org/cargo/reference/specifying-dependencies.html for documentation on how to do that. However, that is a bit of a hassle.

Maybe someone else knows of a better way to override the dependency, but I'm not aware of any other methods.

[rida914-4]

Thanks for such a detailed answer. That was spot on. The issue is due to twox-hash.

I am trying to apply patch in the main Cargo.toml file. However, it is not working. is this how we override the dependencies and sub dependencies?

[patch.'rand 0.5.5 (registry+https://github.com/rust-lang/crates.io-index)']
rand = { git = "https://github.com/rust-random/rand", rev = "7d09b3606811300741dc1a44ce6a27ea846e971c" }

is this how we patch?
or

[patch.crates-io]
rand = { git = "https://github.com/rust-random/rand", rev = "7d09b3606811300741dc1a44ce6a27ea846e971c" }

Both are not working.

[ehuss]

I don't think patching will affect dependencies of dependencies. If you want to use the patching approach, you'll need to clone the twox-hash crate and change its Cargo.toml to point to the version of rand that you want. Unfortunately it looks like [patch] was introduced in rust 1.21, so it won't work with your version. You can use the older [replace] method:

[dependencies]
twox-hash = "1.1.1"

[replace]
"twox-hash:1.1.1" = {path="twox-hash-1.1.1"}

Are you unable to change the dependency of twox-hash to 1.1.0?

[rida914-4]

I was able to resolve the error using the above method.

[alexcrichton]

Ok great! Sounds like this was sorted out, so I'm gonna close this.