Figure out how to lock specific dependency versions for cargo-zaplib
disambiguator opened this issue · 0 comments
disambiguator commented
Currently cargo zaplib installs any matching dependencies on its Cargo.toml. Since transitive dependencies aren't pinned to specific versions, this can lead to non-deterministic builds as dependencies publish minor version updates.
Figure out how to lock down all dependencies to a specific version per build, presumably by providing some sort of Cargo.lock.