Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Path dependencies doesn't work with --locked/--frozen options #1442

Closed
messense opened this issue Jan 31, 2023 · 6 comments · Fixed by #1741
Closed

Path dependencies doesn't work with --locked/--frozen options #1442

messense opened this issue Jan 31, 2023 · 6 comments · Fixed by #1741
Labels
sdist Source distribution

Comments

@messense
Copy link
Member

messense commented Jan 31, 2023

Because maturin rewrites Cargo.toml when encountered path dependencies without syncing Cargo.lock, build from sdist with --locked or --frozen Cargo options fails with

      Updating crates.io index
       Running `git fetch --force --update-head-ok 'https://github.com/rust-lang/crates.io-index' '+HEAD:refs/remotes/origin/HEAD'`
  error: the lock file /home/conda/feedstock_root/build_artifacts/maturin_1675149830257/work/Cargo.lock needs to be updated but --locked was passed to prevent this
  If you want to try to generate the lock file without accessing the network, remove the --locked flag and use --offline instead.
  error: `cargo build --manifest-path Cargo.toml --message-format=json-render-diagnostics --target x86_64-unknown-linux-gnu --release -v --locked` failed with code 101

See #1441.

There are no easy ways to sync Cargo.lock, I think we should explore better ways for bundling path dependencies in sdist, avoid rewriting Cargo.toml.

@messense messense added the sdist Source distribution label Jan 31, 2023
@konstin
Copy link
Member

konstin commented Jan 31, 2023

this is most likely low-priority for them, but an option to export a transformed Cargo.toml/Cargo.lock for downstream tooling to consume would also be something i think we could ask as a new cargo feature

@messense
Copy link
Member Author

There is cargo generate-lockfile, but it's too aggressive for our use case.

This command will create the Cargo.lock lockfile for the current package or workspace. If the lockfile already exists, it will be rebuilt with the latest available version of every package.

@konstin
Copy link
Member

konstin commented Jan 31, 2023

I thought of this more as a generalization of cargo package, which e.g. already creates a Cargo.toml.orig and a modified Cargo.toml. Imaging something like cargo package --no-verify --allow-dirty --no-dev --list=json which then tells you something like

{
  "Cargo.toml": "target/package/files/Cargo.toml",
  "Cargo.toml.orig": "target/package/files/Cargo.toml.orig",
  "Cargo.lock": "target/package/files/Cargo.lock",
  "src/lib.rs": "src/lib.rs",
  "src/macros.rs": "src/macros.rs",
  "src/marker.rs": "src/marker.rs"
}

Where target/package/files/Cargo.toml contains only the the main and build deps but not the dev deps

@messense
Copy link
Member Author

Yeah, that'd be great, should also resolve #1431.

@messense
Copy link
Member Author

There are no easy ways to sync Cargo.lock

Looks like cargo update -p <root package name> can be used for this.

@messense
Copy link
Member Author

messense commented Feb 1, 2023

rust-lang/cargo#11666

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
sdist Source distribution
Projects
None yet
Development

Successfully merging a pull request may close this issue.

2 participants