-
Notifications
You must be signed in to change notification settings - Fork 2.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
regression: * deps no longer parsed #3001
Comments
They are not valid per semver, you need the |
Can we then phase them out slowly? This is a breaking change that affects people pinning to iron 3 (e.g. rust-playpen). |
It's going to be a giant pain for me. We could always revert cargo back to a previous semver version as a quick fix. |
So, thinking more: I could backport a warning to the 2.x series of semver, we could make cargo use that instead. That probably wouldn't be too bad, though part of the reason why I re-wrote all that code was because it is a giant mess... |
Yeah, I don't want to muck up semver's code too much. But I'm not sure how this can be done on the pure-cargo side either. Perhaps a crater run would help us gauge the full impact and determine if this is necessary? @brson |
So, another thing: I currently do a regression test across all of crates.io: https://github.com/steveklabnik/semver/blob/master/tests/regression.rs But note that's just for the version, not for dependencies. it looks like that's supported https://frewsxcv.github.io/rust-crates-index/crates_index/struct.Dependency.html So I could also figure it out that way, and probably should add that regardless. |
So, uh https://travis-ci.org/steveklabnik/semver/jobs/152783177 That is, this seemgly passed on semver master for every crate on crates.io. @Manishearth I can't actually find a released Shows them actually fixing this. And it looks like 2.6 wasn't tagged? |
I used cargo-clone to grab iron 2.6, and it does have So, now I'm confused about my tests :( |
okay so https://travis-ci.org/steveklabnik/semver/jobs/152791793
apparently, the crates-index crate is not returning the same contents as the actual cargo.toml. Looking at https://github.com/rust-lang/crates.io-index/blob/master/ir/on/iron#L47 {"name":"iron","vers":"0.2.6","deps":[{"name":"modifier","req":"^0.1","features":[],"optional":false,"default_features":true,"target":null,"kind":"normal"},{"name":"num_cpus","req":"^0.2","features":[],"optional":false,"default_features":true,"target":null,"kind":"normal"},{"name":"conduit-mime-types","req":"^0.7","features":[],"optional":false,"default_features":true,"target":null,"kind":"normal"},{"name":"log","req":"^0.3","features":[],"optional":false,"default_features":true,"target":null,"kind":"normal"},{"name":"plugin","req":"0.2.*","features":[],"optional":false,"default_features":true,"target":null,"kind":"normal"},{"name":"typemap","req":"^0.3","features":[],"optional":false,"default_features":true,"target":null,"kind":"normal"},{"name":"error","req":"^0.1","features":[],"optional":false,"default_features":true,"target":null,"kind":"normal"},{"name":"url","req":"^0.5","features":[],"optional":false,"default_features":true,"target":null,"kind":"normal"},{"name":"lazy_static","req":"^0.1","features":[],"optional":false,"default_features":true,"target":null,"kind":"normal"},{"name":"hyper","req":"^0.7","features":[],"optional":false,"default_features":false,"target":null,"kind":"normal"},{"name":"time","req":"*","features":[],"optional":false,"default_features":true,"target":null,"kind":"dev"}],"cksum":"6d02706746b2d95c50f463fc619de64efe10682adfa17fa18dc95e0a92b10237","features":{"default":["ssl"],"ssl":["hyper/ssl"]},"yanked":false} This also has @alexcrichton do you have any idea what's going on here? |
From IRC:
So yeah, @brson a crater run to check this out might be a good idea. idk. uuuugh |
That said, this change has been in nightly for a while, and we also haven't seen many people file issues about breakage. So maybe things are okay? I dunno 😦 |
Hm ok, so I think we'll want to revert this for now and go back to the old semver version. @steveklabnik could you send a PR for that? Otherwise I can do so later tonight. A similar situation here is that I fixed a parsing bug in TOML but Cargo's still issuing warnings about it. From time to time I still see that url's 0.5.* manifest doesn't parse correctly, so it'll take awhile to flesh all this out. |
It doesn't look like you ended up doing it, so let me see if I can cut a new version of the older semver with some kind of warning about this. If I can't get it done quickly, I'll just send it for the exiting version.
Yeah, we should talk about strategies here. |
As it turns out, people were taking advantage of bugginess in semver, so we can't do this upgrade yet. Fixes rust-lang#3001
So to clarify what happened with TOML, awhile ago the parser was discovered to have a bug where it accepted invalid syntax. This was found in the wild as part of url-0.5.9. To enable a smooth transition, I implemented an option in the TOML parser to accept the old, broken, syntax. When toml was updated I added some logic which basically does:
Could something like that be done for the semver crate as well? E.g. have a temporary option (off by default) to accept the old syntax? |
Conceptually, we can. It might make the crate's deps heavier, but I imagine most non-trivial programs will already have a regex dep... On Aug 17, 2016, 13:55 -0400, Alex Crichton notifications@github.com, wrote:
|
(and this would need coordination with cargo) |
Revert to previous semver version. As it turns out, people were taking advantage of bugginess in semver, so we can't do this upgrade yet. Fixes #3001
@Manishearth note that we've pushed an upgrade of the semver dependency in #3154. I believe we've provided a transition path for any crates with these sorts of bad version requirements, but an extra pair of eyes is always helpful! If you see any breakage, please be sure to let us know! |
cc @nox, our resident overlord of versioning |
I think iron was the only broken one for us, but that should have been fixed since then. Hopefully nothing breaks now. Thanks! |
On
cargo 0.13.0-nightly (c205132 2016-08-09)
, deps like0.2*
no longer parse.I'm not sure if these are valid, but they used to work, e.g on stable (
cargo 0.11.0-nightly (259324c 2016-05-20)
)Minimal example:
works fine on stable, gives the following on nightly:
The text was updated successfully, but these errors were encountered: