Some of our dependencies to crates on crates.io are declared in
Cargo.toml files like this:
[dependencies]
foo = "*"
To be honest, I’m not sure why. With such a declaration, `cargo update`
will happily update the foo library to its latest version, whatever it is.
There’s a number of things we can write instead of "*" (documented in
http://doc.crates.io/crates-io.html ), but another way looks like this:
[dependencies]
bar = "0.1.3"
This looks like we’re specifying a dependency on one precise version,
but we’re not. "0.1.3" is equivalent to "^0.1.3" which means anything
that is compatible with 0.1.3 per Semantic Versionning, namely ">=0.1.3
<0.2".
If we follow Semantic Versionning and increment the first non-zero
component of the version number for breaking changes and another
component for backward-compatible changes, and also use this kind of
dependency declaration, then `cargo update` will pick up any new version
that are compatible, but none with breaking changes.
I think we should do this.
(Breaking changes would most likely require changing some source code,
so changing the dependency declaration at the same time isn’t too much
of a bother.)
--
Simon Sapin
_______________________________________________
dev-servo mailing list
dev-servo@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-servo
