Skip to content

generate-lockfile overwrites a checked-in Cargo.lock #15

New issue
New issue
Closed
Closed
generate-lockfile overwrites a checked-in Cargo.lock#15
@andrewhalle

Description

@andrewhalle
andrewhalle
opened on Aug 16, 2023

Copying actions-rs#163 to this fork.

Description

This action calls cargo generate-lockfile, which overwrites Cargo.lock according to cargo docs1

This command will create the Cargo.lock lockfile for the current package or workspace. If the lockfile already exists, it will be rebuilt with the latest available version of every package.

This negates the purpose of having a checked-in lockfile.

Proposed Fix

actions-rs#163 (comment)

Rather than call cargo generate-lockfile, call cargo metadata --format-version=1 >/dev/null instead.

Footnotes

  1. https://doc.rust-lang.org/cargo/commands/cargo-generate-lockfile.html

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions