Set lower minimum dependencies in our Cargo.toml #904
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
These lower minimum versions were set by lowering the version constraints until either tests started failing or compilation failed. I've also changed dependabot to no longer update our Cargo.toml, although that will also result in dependabot no longer giving us notifications for any semver incompatible changes, but unfortunately the
increase-if-necessary
dependabot strategy is not supported for cargo. But if we are packaging into OSes then we should treat backwards incompatible upgrades with care anyway. Note that our lockfile still contains the latest versions, and we probably want to add a CI step that runs every once in a while to check that our minimum versions still compile and test correctly.