Cargo update -p <localcrate> in a workspace has inconsistent behaviors #12599
Labels
Comments
|
So exhibit 2 involves running I ran The sad case has a long list of that when only 1 exists in the happy case. |
|
It looks like our tracking of what should be ignored is order dependent, depending on whether the package with the changed version is seen first or not. |
epage
added a commit
to epage/cargo
that referenced
this issue
Aug 30, 2023
This address one of the problems mentioned in rust-lang#12599
|
@roblabla your Exhibit One reproduction cases have |
|
Correction, I'm assuming that difference is intended to showcase the difference in behavior. We have a check where we only avoid a path dependency if its changed. That "if" i what is causing the problem here. |
Yeah, the trigger.sh in the happy case changes the version in the manifest, while in the sad case it doesn't, which causes the unexpected difference in behavior. |
|
@Eh2406 for Exhibit One ( |
|
@roblabla seems like these problems are very different, even in reproduction steps (one being order dependent while the other one isn't). Please in the future create separate Issues so we can more easily track the individual conversations and progress. |
|
Alright. Reason they're together is that I actually discovered exhibit 2 while trying to reproduce exhibit 1 😅 |
epage
added a commit
to epage/cargo
that referenced
this issue
Aug 30, 2023
This address one of the problems mentioned in rust-lang#12599
epage
added a commit
to epage/cargo
that referenced
this issue
Aug 31, 2023
This address one of the problems mentioned in rust-lang#12599
epage
added a commit
to epage/cargo
that referenced
this issue
Aug 31, 2023
This addresses the ordering issue of for one of the problems from rust-lang#12599. The intent behind the `path_pkg` check is to make sure we update workspace members in the lockfile if their version number changed. In this case, we don't need to recursively walk, because the change doesn't affect dependencies. However, we also shouldn't *prevent* recursive walks which is what we are doing today, both for packages marked to keep and for packages that have been "poisoned".
epage
added a commit
to epage/cargo
that referenced
this issue
Aug 31, 2023
This addresses the ordering issue of for one of the problems from rust-lang#12599. The intent behind the `path_pkg` check is to make sure we update workspace members in the lockfile if their version number changed. In this case, we don't need to recursively walk, because the change doesn't affect dependencies. However, we also shouldn't *prevent* recursive walks which is what we are doing today, both for packages marked to keep and for packages that have been "poisoned". So we fix this by moving that call after all recursive adds are complete so as to not interfere with them.
|
@roblabla as an update, my change in #12602 was incorrect and it is now changed so you'll be seeing git updates in more cases. We still need to dig into if its possible to skip these git updates. They go through a bit of a different path to evaluate if we should update because we only allow one version in the dependency graph and we'll need to further evaluate what can and shouldn't be changed there. |
epage
added a commit
to epage/cargo
that referenced
this issue
Sep 1, 2023
This addresses the ordering issue of for one of the problems from rust-lang#12599. The intent behind the `path_pkg` check is to make sure we update workspace members in the lockfile if their version number changed. In this case, we don't need to recursively walk, because the change doesn't affect dependencies. However, we also shouldn't *prevent* recursive walks which is what we are doing today, both for packages marked to keep and for packages that have been "poisoned". So we fix this by moving that call after all recursive adds are complete so as to not interfere with them.
epage
added a commit
to epage/cargo
that referenced
this issue
Sep 1, 2023
This addresses the ordering issue of for one of the problems from rust-lang#12599. The intent behind the `path_pkg` check is to make sure we update workspace members in the lockfile if their version number changed. In this case, we don't need to recursively walk, because the change doesn't affect dependencies. However, we also shouldn't *prevent* recursive walks which is what we are doing today, both for packages marked to keep and for packages that have been "poisoned". So we fix this by moving that call after all recursive adds are complete so as to not interfere with them.
epage
added a commit
to epage/cargo
that referenced
this issue
Sep 1, 2023
This addresses the ordering issue of for one of the problems from rust-lang#12599. The intent behind the `path_pkg` check is to make sure we update workspace members in the lockfile if their version number changed. In this case, we don't need to recursively walk, because the change doesn't affect dependencies. However, we also shouldn't *prevent* recursive walks which is what we are doing today, both for packages marked to keep and for packages that have been "poisoned". So we fix this by moving that call after all recursive adds are complete so as to not interfere with them.
bors
added a commit
that referenced
this issue
Sep 5, 2023
fix(resolver): Make resolver behavior independent of package order This address one of the problems mentioned in #12599 The intent behind the `path_pkg` check is to make sure we update workspace members in the lockfile if their version number changed. In this case, we don't need to recursively walk, because the change doesn't affect dependencies. However, we also shouldn't *prevent* recursive walks which is what we are doing today, both for packages marked to keep and for packages that have been "poisoned". So we fix this by moving that call after all recursive adds are complete so as to not interfere with them. This should not affect `Cargo.lock` at rest, so no upgrade compatibility concerns. This just allows more packages to be considered available to change which can prevent unclear failures. The main case I can think of that this does something "undesirable" is when wanting to prevent another "bug" from manifesting: the updating of git dependencies when updating workspace members (#12599). I think I'm ok with that as that needs to be looked into separately.
epage
added
Command-update
A-dependency-resolution
epage
added a commit
to epage/cargo
that referenced
this issue
Nov 14, 2023
Before, when running `cargo update <member>`, we'd not reuse the previous resolve result and when the resolver started walking into the dependencies, it would do a git fetch. Now, we won't even try to resolve the workspace members and so we won't look at those dependencies and do git fetch. This will make `cargo update <workspace-member>` match `cargo update --workspace`. I considered whether there were other ways of handling this but I figured aiming for consistency in approaches was the best way. We can investigate improving those approaches separately. There are other discrepancies in the different code paths (handling of patches, adding sources) but I'm deferring looking over those. Between this and rust-lang#12602, this should finnally resolve rust-lang#12599. Fixes rust-lang#12599
epage
added a commit
to epage/cargo
that referenced
this issue
Nov 14, 2023
Before, when running `cargo update <member>`, we'd not reuse the previous resolve result and when the resolver started walking into the dependencies, it would do a git fetch. Now, we won't even try to resolve the workspace members and so we won't look at those dependencies and do git fetch. This will make `cargo update <workspace-member>` match `cargo update --workspace`. I considered whether there were other ways of handling this but I figured aiming for consistency in approaches was the best way. We can investigate improving those approaches separately. There are other discrepancies in the different code paths (handling of patches, adding sources) but I'm deferring looking over those. Between this and rust-lang#12602, this should finnally resolve rust-lang#12599. Fixes rust-lang#12599
epage
added a commit
to epage/cargo
that referenced
this issue
Nov 17, 2023
Before, when running `cargo update <member>`, we'd not reuse the previous resolve result and when the resolver started walking into the dependencies, it would do a git fetch. Now, we won't even try to resolve the workspace members and so we won't look at those dependencies and do git fetch. This will make `cargo update <workspace-member>` match `cargo update --workspace`. I considered whether there were other ways of handling this but I figured aiming for consistency in approaches was the best way. We can investigate improving those approaches separately. There are other discrepancies in the different code paths (handling of patches, adding sources) but I'm deferring looking over those. Between this and rust-lang#12602, this should finnally resolve rust-lang#12599. Fixes rust-lang#12599
bors
added a commit
that referenced
this issue
Nov 18, 2023
fix(resolver): Don't do git fetches when updating workspace members ### What does this PR try to resolve? Before, when running `cargo update <member>`, we'd not reuse the previous resolve result and when the resolver started walking into the dependencies, it would do a git fetch. Now, we won't even try to resolve the workspace members and so we won't look at those dependencies and do git fetch. This will make `cargo update <workspace-member>` match `cargo update --workspace`. Fixes #12599 Fixes #8821 ### How should we test and review this PR? I considered whether there were other ways of handling this but I figured aiming for consistency in approaches was the best way. We can investigate improving those approaches separately. There are other discrepancies in the different code paths (handling of patches, adding sources) but I'm deferring looking over those. I added a test to demonstrate the `--workspace` behavior to use as a base line to compare with. ### Additional information Between this and #12602, this should finally resolve #12599.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Cargo's handling of
cargo update -p <cratename>is extremely inconsistent. Depending on how local crates are named or how up-to-date the Cargo.toml is compared to the Cargo.lock file, it will behave very differently with regards to git dependencies.I have created a repository explaining the problems I found @ https://github.com/roblabla/cargo-wtf-why-are-you-drunk/
In that repository, you'll find two examples of inconsistencies in the behavior of
cargo update -p:In the first one, we show that cargo seems to handle git dependencies differently depending on whether it's got "work" to do on local crates or not. In particular, in my local monorepo, if I bump the version of a local crate in Cargo.toml, then
cargo update -p <crate>will update the local lockfile to bump the versions ofcrateand nothing else. However, if I don't bump the version and run the samecargo update -p <crate>command, cargo will update the git dependencies.This discrepancy is especially frustrating, as it complicates our release process by making bumping the version more complicated.
In the second one, we show that whether or not cargo updates the git dependencies after bumping the version seem to depend on how your local crates in your workspace are named. This makes any call to
cargo update -p <crate>inherently fragile, as what it does will depend on how your dependencies are named.Possible Solutions
IMO,
cargo update -p <crate>should never update an unrelated git dependency, as it does not match what the user intended.Rust version:
rust 1.71.0 (8ede3aae2 2023-07-12)
The text was updated successfully, but these errors were encountered: