Skip to content

[Feature Request] Overwrite The Version of a Dependency's Dependency #13625

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
Embers-of-the-Fire opened this issue Mar 22, 2024 · 5 comments
Closed

[Feature Request] Overwrite The Version of a Dependency's Dependency #13625

Embers-of-the-Fire opened this issue Mar 22, 2024 · 5 comments
Labels
A-dependency-resolution Area: dependency resolution and the resolver C-feature-request Category: proposal for a feature. Before PR, ping rust-lang/cargo if this is not `Feature accepted` S-needs-info Status: Needs more info, such as a reproduction or more background for a feature request.

Comments

@Embers-of-the-Fire
Copy link

Problem

This feature proposal is intended to allow setting the version of a dependency of a dependency.

Consider the following dependency graph:

  • main
    • DepA v0.1.0
      • DepB v0.2.0
    • DepB v0.2.1

Currently, Cargo compiles two copies of the DepB crate, but in many real-world scenarios, we don't need to emphasize that the two use different versions. Thus, allowing overwriting of the version of a secondary dependency could theoretically be an effective way to save on compilation footprint; at the same time, since this behavior is done proactively, there are theoretically no unexpected serious bugs - after all, you can always drop this feature.
For an example in practice, imagine a library that provides some predefined data structures. Typically, these libraries implement the optional serde::Ser/Deserialize for their own data structures, which means that these libraries all need to include a serde. While differences in patches are handled by cargo, some minors or even majors that don't affect the implementation are not optimized.

Proposed Solution

Continue to follow the dependency diagram above. The syntax I envision is:

[dependencies]
DepB = "0.2.1"

[dependencies.DepA]
version = "0.1.0"
override-dep = { DepB = "0.2.1" }

This should be expressed as the following dependency:

  • main
    • DepA v0.1.0
      • DepB v0.2.1 Reusing v0.2.1's DepB here.
    • DepB v0.2.1

Notes

All actual syntax and keywords are for demonstration purposes only. The FEATURE REQUEST simply raises the need for this feature. If this request is accepted, the proposer can participate in the implementation.
@Embers-of-the-Fire Embers-of-the-Fire added C-feature-request Category: proposal for a feature. Before PR, ping rust-lang/cargo if this is not `Feature accepted` S-triage Status: This issue is waiting on initial triage. labels Mar 22, 2024
@weihanglo
Copy link
Member

Consider the following dependency graph:

* main
  
  * DepA v0.1.0
    
    * DepB v0.2.0
  * DepB v0.2.1

Currently, Cargo compiles two copies of the DepB crate

Not for this example. Cargo will either resolves DepB to one SemVer compatible version, or error out, depending on the exact version requirements. This behavior is documented in this paragraph. You can also use the [patch] table to patch DepA if they have a unnecessary restricted version requirement.

It's hard to tell what the problem is upon a non-complete example. Do you mind sharing more details for the version requirements used there?

@weihanglo weihanglo added A-dependency-resolution Area: dependency resolution and the resolver S-needs-info Status: Needs more info, such as a reproduction or more background for a feature request. and removed S-triage Status: This issue is waiting on initial triage. labels Mar 22, 2024
@weihanglo
Copy link
Member

You might be interested in this issue #5640, and this might be a duplicate of that?

@Embers-of-the-Fire
Copy link
Author

Not for this example. Cargo will either resolves DepB to one SemVer compatible version, or error out, depending on the exact version requirements. This behavior is documented in this paragraph. You can also use the [patch] table to patch DepA if they have a unnecessary restricted version requirement.

Sorry, I may not have expressed myself clearly. Currently Cargo is able to correct for patch differences. But there are times when minor or even major versions don't cause problems with the library, which is not semver safe behaviour, but I think some room for optimisation can be given with explicit user specification.

@Embers-of-the-Fire
Copy link
Author

You might be interested in this issue #5640, and this might be a duplicate of that?

Haven't had time to read this issue carefully, if it is a duplicate then you can close my issue.

@weihanglo
Copy link
Member

there are times when minor or even major versions don't cause problems with the library

Then it is #5640. Thanks for the report. Close in favor of #5640.

@weihanglo weihanglo closed this as not planned Won't fix, can't repro, duplicate, stale Mar 23, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
A-dependency-resolution Area: dependency resolution and the resolver C-feature-request Category: proposal for a feature. Before PR, ping rust-lang/cargo if this is not `Feature accepted` S-needs-info Status: Needs more info, such as a reproduction or more background for a feature request.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@weihanglo @Embers-of-the-Fire