Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Path dependencies doesn't work with --locked/--frozen options #1442

Closed
messense opened this issue Jan 31, 2023 · 6 comments · Fixed by #1741
Closed

Path dependencies doesn't work with --locked/--frozen options #1442

messense opened this issue Jan 31, 2023 · 6 comments · Fixed by #1741
Labels
sdist Source distribution

Comments

@messense
Copy link
Member

messense commented Jan 31, 2023
edited
Loading

Because maturin rewrites Cargo.toml when encountered path dependencies without syncing Cargo.lock, build from sdist with --locked or --frozen Cargo options fails with

      Updating crates.io index
       Running `git fetch --force --update-head-ok 'https://github.com/rust-lang/crates.io-index' '+HEAD:refs/remotes/origin/HEAD'`
  error: the lock file /home/conda/feedstock_root/build_artifacts/maturin_1675149830257/work/Cargo.lock needs to be updated but --locked was passed to prevent this
  If you want to try to generate the lock file without accessing the network, remove the --locked flag and use --offline instead.
  error: `cargo build --manifest-path Cargo.toml --message-format=json-render-diagnostics --target x86_64-unknown-linux-gnu --release -v --locked` failed with code 101

See #1441.

There are no easy ways to sync Cargo.lock, I think we should explore better ways for bundling path dependencies in sdist, avoid rewriting Cargo.toml.
@messense messense added the sdist Source distribution label Jan 31, 2023
@konstin
Copy link
Member

konstin commented Jan 31, 2023

this is most likely low-priority for them, but an option to export a transformed Cargo.toml/Cargo.lock for downstream tooling to consume would also be something i think we could ask as a new cargo feature

@messense
Copy link
Member Author

There is cargo generate-lockfile, but it's too aggressive for our use case.

This command will create the Cargo.lock lockfile for the current package or workspace. If the lockfile already exists, it will be rebuilt with the latest available version of every package.

@konstin
Copy link
Member

konstin commented Jan 31, 2023

I thought of this more as a generalization of cargo package, which e.g. already creates a Cargo.toml.orig and a modified Cargo.toml. Imaging something like cargo package --no-verify --allow-dirty --no-dev --list=json which then tells you something like

{
  "Cargo.toml": "target/package/files/Cargo.toml",
  "Cargo.toml.orig": "target/package/files/Cargo.toml.orig",
  "Cargo.lock": "target/package/files/Cargo.lock",
  "src/lib.rs": "src/lib.rs",
  "src/macros.rs": "src/macros.rs",
  "src/marker.rs": "src/marker.rs"
}

Where target/package/files/Cargo.toml contains only the the main and build deps but not the dev deps

@messense
Copy link
Member Author

Yeah, that'd be great, should also resolve #1431.

@messense
Copy link
Member Author

There are no easy ways to sync Cargo.lock

Looks like cargo update -p <root package name> can be used for this.

@messense messense mentioned this issue Feb 1, 2023
Open
@messense
Copy link
Member Author

messense commented Feb 1, 2023

rust-lang/cargo#11666

@messense messense mentioned this issue May 2, 2023
Merged
@alex alex mentioned this issue May 2, 2023
Closed
@messense messense mentioned this issue Aug 20, 2023
Merged
11 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
sdist Source distribution
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Refactor Cargo sdist generator to avoid rewriting local dependencies messense/maturin
2 participants
@messense @konstin