I think I read about it two years ago, but currently I can not remember at least two points.

First is about using latest Git revisions as dependencies. For young projects like Xilem that can be required. The Xilem devs suggests to add a rev tag to Cargo.toml, like

[dependencies]
xilem   = { git = "https://github.com/linebender/xilem.git", rev = "ac10aeb47e0ec2d9a89bcb72679d3c3445d3e4a9" }

I think that would pin the dependency, which makes sense when the crate changes and I can't update my app that fast. I extracted these hashes from the latest Cargo.lock. I think there is another way to get the hash codes -- how does that work?And when I already have the rev codes in Cargo.toml, do I then still have to ship the large Cargo.lock?

The second question is about the asterisks in Cargo.toml. For my EGUI app, I once took the Cargo.toml just from an example, just to get it working. I have now updated Cargo.toml with commands like "cargo updates" and "cargo update --allowsomebreakingchange". But now I have still these asterisks in the Cargo.toml file, which might cause trouble in the future. Like

$ cat ~/allgitprojects/tiny-chess/Cargo.toml 
[package]
name = "tiny-chess"
version = "0.5.0"
edition = "2024"

[dependencies]
mpsc = "*"
num-traits = "*"
# bitintr = "*"
eframe = { version = "*", features = [
    "default",
    "__screenshot", # __screenshot is so we can dump a screenshot using EFRAME_SCREENSHOT_TO
] }

# For image support:
egui_extras = { version = "*", features = ["default", "image"] }

env_logger = { version = "0.10", default-features = false, features = [
    "auto-color",
    "humantime",
] }

Is there a way to replace the "*" with the currently latest available version?

2 posts - 2 participants

Read full topic