alamb commented on issue #14962: URL: https://github.com/apache/datafusion/issues/14962#issuecomment-2694210949
> From the discussion, I can see the main motivation is to have reproducible build (agains near latest dependencies) in CI. To achieve this, Cargo.lock (updated by bot) is enough. Another reason we always increase Cargo.toml versions of submodules is that we don't test DataFusion building with other versions. For example, if one of the dependencies like `arrow` releases a new minor version that has a new function, and then we update DataFusion to use that new function, then DataFusion actually really does require the newer version We don't spend much time > Whether or not updating Cargo.toml means whether or not force downstream users to use only the latest dependency versions. Personally I prefer a more tolerable version range, so that downstream can update deps 1 by 1 and audit each dep's changes. I think having a wider version range would be valuable and make DataFusion easier to use by downstream projects as well. The key thing is to figure out how to test that the ranges encoded in Cargo.toml are actually accurate -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: github-unsubscr...@datafusion.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: github-unsubscr...@datafusion.apache.org For additional commands, e-mail: github-h...@datafusion.apache.org
