Prevent ahash from pulling in getrandom 0.3
#2714
Conversation
Modules generally don't honor the workspace cargo lock file, so may upgrade `ahash` silently, which pulls in a `getrandom` version that is not the one pulled in via `binding`. Thus feature unification doesn't apply and modules fail to compile due to the wasm target not being supported by the transitive `getrandom`. This also causes smoketests to fail.
|
Conceivably, this can happen again if we have some other crate that transitively depends on |
|
I think ideally in the future this kinda thing never happens again in the rust ecosystem, cause it's been a royal pain to deal with. But, also, those errors from getrandom 0.3 are actually exactly what we want - failing to compile when you pull in getrandom. So, this is the right fix. |
|
Also, it seems like you unintentionally ran a full cargo update. |
It was not quite unintentionally, because the actual problem here is that building a module won't honor the lock file. So making the dependency graphs match, if only for a short period of time, seems like something we should do more often. Feel free to disagree, but I'd like to understand the reasoning. |
Can we (in a separate PR) add a flag to |
No I don't think: a module has What we might want to consider is to somehow make the tests that compile |
|
Wait, what? Surely if you compile your module with |
|
If I create a fresh module, it won't have a Smoketests create fresh modules all the time, and they are built outside the workspace, so that's why they are failing. |
|
Ah, I see. Yes, that's unfortunate. |
|
Looks like @coolreader18 and @gefjon got the review handled so no further input from me :) |
|
Someone press the button then? 😇 |
Make sure the `Cargo.lock` file of the `wasm_bindings` job reflects the latest available versions. This is what users would end up with on a fresh module, so we want to catch any compile errors arising from a different transitive closure of dependencies than what is in the workspace lock file. Follup-up for: #2714
Conflicts: Cargo.lock It looks like you may be committing a cherry-pick. If this is not correct, please run git update-ref -d CHERRY_PICK_HEAD and try again. Author: Kim Altintop <kim@eagain.io> Date: Thu May 8 16:33:58 2025 +0200 On branch phoebe/release-v1.1.2 You are currently cherry-picking commit a056796. Changes to be committed: modified: Cargo.lock modified: Cargo.toml modified: crates/bindings/tests/snapshots/deps__spacetimedb_bindings_dependencies.snap
Modules generally don't honor the workspace cargo lock file, so may upgrade
ahashsilently, which pulls in agetrandomversion that is not the one pulled in viabinding. Thus feature unification doesn't apply and modules fail to compile due to the wasm target not being supported by the transitivegetrandom.This also causes smoketests to fail.
Expected complexity level and risk
1
Testing
Smoketests / module compilation fail before this change, and succeed after.