On Wed, Oct 18, 2023 at 02:06:48PM +0300, Adrian Bunk wrote: > Package: librust-env-logger-0.7+default-dev > Severity: serious > > https://buildd.debian.org/status/fetch.php?pkg=mdevctl&arch=arm64&ver=1.2.0-4%2Bb3&stamp=1697626199&raw=0 > > ... > Merged Build-Depends: ..., librust-env-logger+default-dev, > ... > The following NEW packages will be installed: > ... > librust-env-logger-0.7+default-dev librust-env-logger-0.7-dev > ... > error: failed to select a version for the requirement `env_logger = "^0.10.0"` > ... > > > This is due to: > librust-env-logger+default-dev reverse Provides: > librust-env-logger-0.7+default-dev 0.7.1-4 (= 0.7.1-4) > librust-env-logger-dev 0.10.0-2 (= 0.10.0-2) > > > I'll file a separate bug for mdevctl having a too loose build dependency.
I am not sure why it shouldn't? librust-env-logger-0.7-dev does contain env_logger source code after all the expectation is that any rdep that requires a certain version (according to the semantic versioning rules employed by almost the entire rust ecosystem) would encode that information in the Debian package relationship (either by adding a version constraint, or depending on the virtual or real package encoding the appropriate version prefix in the package name/provides, or both). by virtue of those rules, depending on just librust-env-logger+default-dev without a version constraint says "I want env_logger with the default feature(s), but don't care about the version" - which in almost all cases isn't sensible. there's ongoing work on providing a command in debcargo that allows rdeps that don't use debcargo for the full packaging (e.g., because they are a rust component of a bigger project) to translate Cargo.toml into corresponding, version-constraint-preserving Debian package relationship stanzas: https://salsa.debian.org/rust-team/debcargo/-/merge_requests/49
signature.asc
Description: PGP signature