Lars was already CC'ed about this, but for what it's worth, I have a PR in progress for Cargo that would warn the user if multiple versions of the same package are used whenever the lock file changes: https://github.com/rust-lang/cargo/pull/2753 . There's some discussion right now about whether it should be included or not.
On Thursday, June 23, 2016 at 10:18:02 AM UTC-7, Michael Howell wrote: > It's in tidy. > https://github.com/servo/servo/blob/master/python/tidy/servo_tidy/tidy.py#L287 > > On Thu, Jun 23, 2016 at 10:16 AM Manish Goregaokar <manishsm...@gmail.com> > wrote: > > > I think it is in tidy > > > > dev-servo@lists.mozilla.org wrote: > > > I thought we had CI checks for duplicate packages, but it seems that > > > is not the case? Or at least I did not seem them in .etc/ci. I can't > > > even find an issue for it now :( > > > > > > In any case, I think this can be automated by CI to catch the problem. > > > In general this is allowed by Cargo but we probably only want it when > > > it is needed and should avoid it otherwise. > > > > > > jack. > > > > > > On Thu, Jun 23, 2016 at 10:51 AM, Bobby Holley <bobbyhol...@gmail.com> > > wrote: > > >> And what about the case of major version bumps? Presumably we want to > > crawl > > >> the Cargo.toml files in that case? And again, will it be obvious that > > needs > > >> to happen from the Cargo.lock diff? > > >> > > >> On Thu, Jun 23, 2016 at 9:32 AM, Manish Goregaokar < > > manishsm...@gmail.com> > > >> wrote: > > >>> We rarely use ranges, just a minimum version, and aside from major > > version > > >>> differences cargo just picks the max. > > >>> > > >>> dev-servo@lists.mozilla.org wrote: > > >>>> Is there a risk that non-overlapping version ranges in dependent > > >>> > > >>> Cargo.toml > > >> > > >>>> files will cause multiple versions of the package to be imported? Or > > >>> > > >>> would > > >> > > >>>> that be obvious when looking at the Cargo.lock diff? > > >>>> > > >>>> On Thu, Jun 23, 2016 at 7:17 AM, Josh Matthews <j...@joshmatthews.net > > > > > >>> > > >>> wrote: > > >>>>> https://github.com/servo/servo/pull/11824 relies on upgrading hyper > > to > > >>>> > > >>> a > > >> > > >>>>> more recent version. As far as I recall, for servo/servo we have only > > >>>> > > >>> ever > > >> > > >>>>> asked people to upgrade the package version via `./mach > > cargo-update`; > > >>>> > > >>> we > > >> > > >>>>> haven't required (or even asked for) modifying all of our many TOML > > >>>> > > >>> files > > >> > > >>>>> to match the new version. This makes sense to me, since we have our > > >>>>> Cargo.lock checked into the repository so there's no chance that a > > >>>>> contributor could end up using an old version of a package. > > >>>> > > >>> Additionally, > > >> > > >>>>> we have so many TOML files that I feel it's unreasonable to ask > > people > > >>>> > > >>> to > > >> > > >>>>> make those changes unnecessarily. > > >>>>> > > >>>>> I'd like to make a policy to either always require the changes or > > never > > >>>> > > >>> do > > >> > > >>>>> so, rather than imposing a burden on some contributors depending on > > who > > >>>>> reviews their PR. > > >>>>> > > >>>>> Cheers, > > >>>>> Josh > > >>>>> _______________________________________________ > > >>>>> dev-servo mailing list > > >>>>> dev-servo@lists.mozilla.org > > >>>>> https://lists.mozilla.org/listinfo/dev-servo > > >>>> > > >>> _______________________________________________ > > >>> dev-servo mailing list > > >>> dev-servo@lists.mozilla.org > > >>> https://lists.mozilla.org/listinfo/dev-servo > > >> > > >> _______________________________________________ > > >> dev-servo mailing list > > >> dev-servo@lists.mozilla.org > > >> https://lists.mozilla.org/listinfo/dev-servo > > _______________________________________________ > > dev-servo mailing list > > dev-servo@lists.mozilla.org > > https://lists.mozilla.org/listinfo/dev-servo > > _______________________________________________ dev-servo mailing list dev-servo@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-servo
