this post was submitted on 31 Mar 2024
15 points (85.7% liked)
Rust
6119 readers
19 users here now
Welcome to the Rust community! This is a place to discuss about the Rust programming language.
Wormhole
Credits
- The icon is a modified version of the official rust logo (changing the colors to a gradient and black background)
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Regarding
Cargo.lock
, the recommendation always was to include it in version control for application/binary crates, but not library ones. But tendencies changed over time to include it even for libraries. If arust-toolchain
file is tracked by version control, and is pinned to a specific stable release, thenCargo.lock
should definitely be tracked too [1][2].It's strictly more information tracked, so there is no logical reason not to include it. There was this concern about people not being aware of
--locked
not being the default behaviour ofcargo install
, giving a false sense of security/reliability/reproducibility. But "false sense" is never a good technical argument in my book.Anyway, your crate is an application/binary one. And if you were to not change the
"*"
dependency version requirement, then it is almost guaranteed that building your crate will break in the future without trackingCargo.lock
;)