-
Notifications
You must be signed in to change notification settings - Fork 999
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unable to use libp2p 0.49.0 plus libp2p-swarm-derive while publishing a library #3176
Comments
Even if the entry uses Can we yank |
Yes, the Cargo.toml of $ wget -O libp2p-0.49.0.tar.gz https://crates.io/api/v1/crates/libp2p/0.49.0/download
$ tar -zxf libp2p-0.49.0.tar.gz
$ grep -A 1 "libp2p-swarm-derive" libp2p-0.49.0/Cargo.toml
[dependencies.libp2p-swarm-derive]
version = "0.30.1"
|
Your manifest doesn't have the exact version. What you specified is actually a version range. "0.30.1" is equivalent to "^0.30.1" for cargo and means "any compatible version from '0.30.1' upwards", hence also every patch version. To pin a version you need to use [dependencies.libp2p-swarm-derive]
version = "=0.30.1" Nevertheless, you are right that the version bump was incorrect. #3011 was actually a breaking change because it requires
We should yank it yes. Ideally, we also publish a |
My bad! Thanks @joao-paulo-parity for reporting this. See #3178 as a first step. |
I didn't know this. Thanks for the explanatoin. Using |
Why would that be needed @thomaseizinger? I would hope that those that tried to update their |
I can confirm that the problem is fixed after |
It is not strictly needed, yes. It is possible to depend on a yanked version by using either It is highly unlikely in our case I think so we don't need to do it :) |
Closing here. Thanks to everyone involved, especially @joao-paulo-parity. |
Summary
When trying to publish a library which uses
libp2p 0.49.0
andlibp2p-swarm-derive
, Cargo will picklibp2p-swarm-derive 0.30.2
, which is incompatible withlibp2p 0.49.0
.It should instead pickEDIT: Not actually true, see #3176 (comment).libp2p-swarm-derive 0.30.1
, but it doesn't do that even though the version is set to0.31.0
in theCargo.toml
oflibp2p 0.49.0
.The problem's description is expanded in the README of https://github.com/joao-paulo-parity/libp2p-troubleshoot. That repository contains an example project and sample commands that you can run to reproduce this problem.
Expected behaviour
I should be able to publish a library which uses
libp2p 0.49.0
andlibp2p-swarm-derive
Actual behaviour
I'm unable to achieve the expected behaviour
Possible Solution
The crux of the problem is that
cargo
pickslibp2p-swarm-derive 0.30.2
instead oflibp2p-swarm-derive 0.30.1
, even though the latter is set in theCargo.toml
oflibp2p 0.49.0
. Therefore the solutions entail somehow makingcargo
resolve0.30.1
forlibp2p 0.49.0
.Option 1: Perhaps (i.e. I haven't actually verified this)
cargo
thinks that it's fine to uselibp2p-swarm-derive 0.30.2
because it's a patch bump from0.30.1
, i.e. theoretically semver-compatible withlibp2p 0.49.0
. Thus if we were to turn the currentlibp2p-swarm-derive 0.30.2
release into0.31.0
and yank0.30.2
, that would maybe causecargo
to choose0.30.1
, which would effectively solve the problem.Option 2: A workaround would be to include an
[[example]]
within the library to be published. That would causecargo
to not ignore theCargo.lock
and therefore make it correctly picklibp2p-swarm-derive 0.30.1
during publish. This is mentioned in https://doc.rust-lang.org/cargo/reference/manifest.html:While that would fix the version resolution during publish, I'm still unsure if it would be effective during consumption of the library. I might test this later and report it back here.
I think Option 1 would be preferrable, but as already mentioned I don't know yet if it would work in practice. I might also try this out later.
The text was updated successfully, but these errors were encountered: