Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fails to find outdated workspace dependencies #360

Open
e00E opened this issue Jul 6, 2023 · 1 comment
Open

Fails to find outdated workspace dependencies #360

e00E opened this issue Jul 6, 2023 · 1 comment

Comments

@e00E
Copy link

e00E commented Jul 6, 2023 

./crates/foo/src/lib.rs

./crates/foo/Cargo.toml
[package]
name = "foo"
version = "0.1.0"
edition = "2021"

[dependencies]
slab = { workspace = true }

./Cargo.toml
[workspace]
members = ["crates/*"]

[workspace.dependencies]
slab = "0.3"

The current version of slab is 0.4. cargo outdated is mistaken that all dependencies are up to date. If I move slab from a workspace dependency to a traditional dependency, then cargo outdated does find it as outdated.
dburgener added a commit to dburgener/lalrpop that referenced this issue Oct 18, 2023
@dburgener
Update regex-syntax and regex-automata across breaking change
be74ec0 
Changelog here: https://github.com/rust-lang/regex/blob/master/CHANGELOG.md#1100-2023-10-09

The gist is that regex added support for new word-boundary matching
characters, which required changes in the regex_syntax and
regex_automata APIs.  Those changes aren't breaking in our use case.

In order to stay on the latest fixes and also unify with regex (which we
also depend on directly and itself depends on syntax 0.8 and automata
0.4), bump to the newest semver series.

"cargo outdated" doesn't detect these due to this bug:
kbknapp/cargo-outdated#360

I just happened to notice them while checking "cargo tree" on another
issue.  We should try to keep a casual eye on our workspace dependencies
going forward.
@dburgener dburgener mentioned this issue Oct 18, 2023
Merged
github-merge-queue bot pushed a commit to lalrpop/lalrpop that referenced this issue Oct 20, 2023
@dburgener
Update regex-syntax and regex-automata across breaking change (#846)
bc6d46c 
Changelog here: https://github.com/rust-lang/regex/blob/master/CHANGELOG.md#1100-2023-10-09

The gist is that regex added support for new word-boundary matching
characters, which required changes in the regex_syntax and
regex_automata APIs.  Those changes aren't breaking in our use case.

In order to stay on the latest fixes and also unify with regex (which we
also depend on directly and itself depends on syntax 0.8 and automata
0.4), bump to the newest semver series.

"cargo outdated" doesn't detect these due to this bug:
kbknapp/cargo-outdated#360

I just happened to notice them while checking "cargo tree" on another
issue.  We should try to keep a casual eye on our workspace dependencies
going forward.
@willbuckner
Copy link

I'm seeing the same thing on all of my workspace projects. I have, for example, reqwest pinned at ~0.11 in my Cargo.toml under [workspace.dependencies] in the root, and absolutely no combination of flags I've tried identifies that its out of date.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@willbuckner @e00E