Description
Problem
In Firefox, a common problem we have is to temporarily/locally override some crate and use a local version of it, especially for the vendored ones. A common pattern to achieve this is to use a [patch] in the top-most Cargo.toml. But cargo update still updates to the newest version of the crate unless --precise is used.
A smaller reproducer looks like the following:
Steps
Setup
cargo new foocd fooecho 'app_units = "0.7"' >> Cargo.tomlcargo update -p app_units --precise 0.7.0
At this point, we have a crate that depends version 0.7.0 of app_units, while the last version, as of writing, is 0.7.1.
Problem
5. Get version 0.7.0 in a local directory: git clone https://github.com/servo/app_units && git -C app_units checkout v0.7.0
6. Use a patch to force the use of the local version:
echo '[patch.crates-io.app_units]' >> Cargo.toml
echo 'path = "app_units"' >> Cargo.toml
7. Try to update Cargo.lock: cargo update -p app_units.
Cargo's output looks like the following:
Updating crates.io index
warning: Patch `app_units v0.7.0 (/tmp/foo/app_units)` was not used in the crate graph.
Check that the patched package version and available features are compatible
with the dependency requirements. If the patch has a different version from
what is locked in the Cargo.lock file, run `cargo update` to use the new
version. This may also occur with an optional dependency that is not enabled.
Updating app_units v0.7.0 -> v0.7.1
I would have expected the following:
Updating crates.io index
Adding app_units v0.7.0 (/tmp/foo/app_units)
Removing app_units v0.7.1
which is what either cargo update -p app_units --precise 0.7.0 does, or what changing the dependency itself to point to the path, rather than using the patch, does.
Notes
Output of cargo version: cargo 1.44.1 (88ba85757 2020-06-11)