[Ignore this] Implement min-rust-version support (in cargo build, resolver support).
#7801
Conversation
Manifest gets min-rust-version key, resolver ignores the packages (summaries) with min-rust-version below the current one, error messages tell what went wrong.
|
(rust_highfive has picked a reviewer for you, use r? to override) |
rust-highfive
added
the
S-waiting-on-review
moxian
changed the title
cargo build).
moxian
changed the title
cargo build).cargo build).
|
Thanks for the PR! It looks like there's a lot of changes here related to the resolver, but I think that the RFC was initially accepted with this explicitly as future work? Although have I perhaps missed discussion in the meantime? |
|
Does "explicitly as future work" mean this needs to go through RFC first? As mentioned in my original comment, I believe it would be actively harmful to have compilation fail on MSRV mismatch, while not having resolver fall back to some other package that passes said check. Would you suggest starting from the other end, and getting MSRV information through |
|
This is a very thorny question to tackle and we spent quite some time debating it amongst the Cargo team, and our conclusion was that we wanted to go with something quite minimal for now which leaves us room to become more ambitious in the future. I'm personally under the impression that's the pretense in which the RFC was accepted, and I would personally have some more objections, for example, to integrate it more deeply into Cargo at this time without having some more dicussion. |
|
This is fair. I guess this topic is a bit more controversial than I assumed it be. |
moxian
changed the title
cargo build).cargo build, resolver support).
Implement support for rust-version field in project metadata Needs a bunch more work, but I'd like some early feedback! Remaining work: - [x] Bikeshedding name (picked `rust-version` here over `msrv` or `min-rust-version`) - [x] Failing test for local dependency with unsatisfied MSRV - [x] Requirement cannot be smaller than 1.27 - [x] Requirement cannot be smaller than initial release of edition used - [x] Check for `run`, `verify` and `publish` subcommands - [x] More tests (would love feedback on this) - [x] Handle pre-release identifiers - [x] Disallow semver range operators - [x] Feature gate it - [x] Add documentation for unstable feature Minimal version of `@moxian's` earlier take in #7801. cc rust-lang/rust#65262
This implements RFC 2495 (rust-lang/rfcs#2495)
cc tracking issue rust-lang/rust#65262
Manifest and crate index get min-rust-version key,
Resolver ignores the packages (summaries) with min-rust-version below the current one.
Error messages tell what went wrong.
Several important details:
On naming
I strongly believe that calling the manifest field
rustis way too ambiguous, and calling itmsrvis way too cryptic.Hence,
min-rust-versionas the name. It's the same amount of characters as dev_dependencies. There's no need to try and shorten it.On unmatched version behavior
I strongly believe that it's fundamentally wrong to implement RFC as written.
Specifically, RFC says
Consider the following situation: I have a package
foothat depends on packagebar = "^1.0".barversion1.0.0builds on rustc1.45.0. Nowbarowners decide to release new semver-compatiblebarversion1.1.0, utilizing features from newly released rustc-1.72.0, and properly tag it withmin-rust-version = 1.72. Now, when attempting to build myfoocrate, cargo hard-fails, since it tries to select latest availablebarversion, finds1.1.0and failsmin-rust-versioncheck.I'm assuming this suggestion was provide in the RFC only as way to minimize the amount of work for the original implementation, and make it more attractive to implementors.
So, I'm choosing to ignore this particular part of RFC, and replace it its "Future work" section of "Influencing version resolution".
With this PR, cargo selects the highest dependency version of those that pass
min-rust-versioncheck.This is the reason why the MSRV requirements need to be stored in the crate index.
On nightly
Both the RFC and the tracking issue are thinking of ways to specify required nightly release into the mix.
I believe that this is a wrong approach, for several reasons:
requires-nightly = truefield in the manifest, but this should not be bundled withmin-rust-versionand the following is several different ways to say "just update your nightly, duh":
1.40.0) is extremely likely to succeed. Having 6-months old nightly toolchains installed is weird.So I did not implement any of this, and instead added a warning to users trying to write
min-rust-version = "1.41.0-nightly"On version comparison
Tracking issue has discussion on whether the
min-rust-versionspecification should allow semver operators (e.g. "^1.2.3" vs ">=1.2.0" vs...) alluding to the fact that it would probably easy to implement.Well, it turned that plain
>=comparison is much easier to implement (read: code is very slightly more performant, and/or very slightly more easy to follow) than the semver one, so that's what I implemented for now.I agree that semver comparison (
"^") would probably be better, and can be convinced to change the code to use that instead.I don't agree that user should be able to specify custom version comparison (
=)On deployment
I couldn't think of a way to deploy this better than just commiting this without any stabilization shenanigans.
Introducing a
--honor-min-rust-versionflag is weird, since it would only be enable on nightlies, which are almost by definition newer than any package out there. I agree that escape-hatch flag of "please disable min-rust-version check" is needed, but see below.For this feature to fully work, the publishing side, and crates-io index generation would need to be updated. I haven't done any work on that yet, but it should be relatively straightforward.
On backwards compatibility
Old cargo version would ignore
min_rust_versionfield both in the index and in the manifest.For simplicity's sake this means that the version of the package that introduces
min-rust-versionfield should be treated as breaking change (provided package owners consider MSRV bump a breaking change), and all subsequent ones to be treated as normal.(More specifically: Provided package owners treat MSRV bump as breaking change: Addition of
min-rust-versionby itself is not a breaking change, but the first actual MSRV bump after and including themin-rust-version-introducting package is still breaking. The subsequent ones aren't).I believe this should be worded more nicely than I am capable of, and put into docs.. somewhere..
On crate index format
Cargo crate index serves a lot of packages, and it seems that we try to optimize it as much as we can. Right now this PR adds a new
min_rust_versionkey to the JSON. I wonder if maybe I should shrink it here tomsrvinstead? I'm not sure it would net enough benefit to be worth it though.Future work
cargo publishI think that's all the controversial parts.
I would appreciate input on:
--ignore-min-rust-version, but that feels too long for a flag (it would fine as a config option though)--assume-rust-version 1.72.2instead of plain skipping the check? But then how does one express "no, just skip the check completely" with that?