[rust-dev] Deprecating rustpkg

Tony Arcieri bascule at gmail.com
Fri Jan 31 13:05:09 PST 2014

On Fri, Jan 31, 2014 at 12:51 PM, Vladimir Lushnikov <
vladimir at slate-project.org> wrote:

> So for slots distinguish the versions that you are trying to pick between
> - if you package only depends on slot 1, then you pick the highest version
> available in slot 1.

What if they're incompatible? In a very handwavey manner, rustpkg claims it
want to (but does not) support semantic versioning. An unexpected major
version bump is to be avoided, IMO, and pinning to a specific version is a
bad solution.

> If you have a package whose libraries depend on incompatible versions of
> the same library (the definition of incompatible being what was specified
> in the packages that declare their dependencies) - then you get a
> resolution error.

Why even bother to support multiple versions in this case?

IMO, a system that respects semantic versioning, allows you to constrain
the dependency to a particular *major* version without requiring pinning to
a *specific* version.

I would call anything that requires pinning to a specific version an
antipattern. Among other things, pinning to specific versions precludes
software updates which may be security-critical.

Tony Arcieri
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.mozilla.org/pipermail/rust-dev/attachments/20140131/dade43eb/attachment.html>

More information about the Rust-dev mailing list