Cargo.lock and Cargo.toml specify incompatible dependencies for libc
We committed src/rust/Cargo.lock
which is a bit strange since it's normally not recommended, and especially not for library crates like ours. In our current Cargo.lock
, we have:
[root]
name = "tor_util"
version = "0.0.1"
dependencies = [
"libc 0.2.22 (registry+https://github.com/rust-lang/crates.io-index)",
]
[[package]]
name = "libc"
version = "0.2.22"fixes
source = "registry+https://github.com/rust-lang/crates.io-index"
[metadata]
"checksum libc 0.2.22 (registry+https://github.com/rust-lang/crates.io-index)" = "babb8281da88cba992fa1f4ddec7d63ed96280a1a53ec9b919fd37b53d71e502"
This is possibly a good idea, because we're specifying the hash we expect. It might be a bad idea, because it specifies the registry for packages, which I'm pretty sure will mean "offline" builds would never work. In addition, it also conflicts with the dependency specification in src/rust/tor_util/Cargo.toml
:
[package]
authors = ["The Tor Project"]
name = "tor_util"
version = "0.0.1"
[lib]
name = "tor_util"
path = "lib.rs"
crate_type = ["rlib", "staticlib"]
[dependencies]
libc = "*"
In legacy/trac#22830 (moved), if we do cargo update
to get the dependencies, this currently looks at the Cargo.toml
and gives us libc = "0.2.24"
which is correct and is what we asked for with libc = "*"
. However, this does not satisfy the constraints in the lockfile.