Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cargo hack check --locked fails because lockfile needs to be updated #274

Closed
djc opened this issue Mar 24, 2025 · 2 comments
Closed

cargo hack check --locked fails because lockfile needs to be updated #274

djc opened this issue Mar 24, 2025 · 2 comments
Labels
C-question Category: A question

Comments

@djc
Copy link

djc commented Mar 24, 2025

In Quinn, I'd like to start versioning the lockfile due to an issue in a transitive dependency. As such, I want to use --locked in all of my CI jobs to make sure they use the locked dependency versions rather than any newer ones.

However, this yields a failure on our features job:

Run cargo hack check --locked --feature-powerset --optional-deps --clean-per-run --no-dev-deps --ignore-unknown-features --ignore-private --group-features runtime-async-std,async-io,async-std --group-features runtime-smol,async-io,smol --skip ""
info: --no-dev-deps modifies real `Cargo.toml` while cargo-hack is running and restores it when finished
info: skipped applying group `runtime-async-std,async-io,async-std` to quinn-proto
info: skipped applying group `runtime-smol,async-io,smol` to quinn-proto
info: skipped applying group `runtime-async-std,async-io,async-std` to quinn-udp
info: skipped applying group `runtime-smol,async-io,smol` to quinn-udp
info: skipped running on private package `bench`
info: skipped running on private package `perf`
info: skipped running on private package `fuzz`
    Updating crates.io index
error: the lock file /home/runner/work/quinn/quinn/Cargo.lock needs to be updated but --locked was passed to prevent this
If you want to try to generate the lock file without accessing the network, remove the --locked flag and use --offline instead.
error: process didn't exit successfully: `/home/runner/.rustup/toolchains/stable-x86_64-unknown-linux-gnu/bin/cargo clean --locked --package quinn` (exit status: 101)

I think the suggestion to use --offline wouldn't work in this case (could still pick up a newer semver-compatible dependency?). Do you know why this happens/is this is essential or incidental?
@taiki-e
Copy link
Owner

taiki-e commented Mar 24, 2025
edited
Loading

Do you know why this happens/is this is essential or incidental?

See:

info: --no-dev-deps modifies real Cargo.toml while cargo-hack is running and restores it when finished

And see readme:

https://github.com/taiki-e/cargo-hack?tab=readme-ov-file#--no-dev-deps

Currently, using --no-dev-deps flag removes dev-dependencies from real manifest while cargo-hack is running and restores it when finished.

--no-dev-deps is a flag necessary to address some bugs in the Cargo and third-party cargo subcommands, but the changes to the manifest should trigger a request to change the lock file.

@taiki-e taiki-e added the C-question Category: A question label Mar 24, 2025
@djc djc closed this as not planned Won't fix, can't repro, duplicate, stale Mar 24, 2025
@djc
Copy link
Author

djc commented Mar 24, 2025

Okay, thanks.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
C-question Category: A question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@djc @taiki-e