[PR #3361] [MERGED] Ensure Cargo.lock Is Updated Alongside Changes to Cargo.toml #5693

New issue

Closed

opened 2026-03-23 22:19:52 +00:00 by mirror · 0 comments

mirror commented

2026-03-23 22:19:52 +00:00

Owner

📋 Pull Request Information

Original PR: https://github.com/AppFlowy-IO/AppFlowy/pull/3361
Author: @qinluhe
Created: 9/7/2023
Status: ✅ Merged
Merged: 9/11/2023
Merged by: @appflowy

Base: main ← Head: ci/add-cargo-check

📝 Commits (2)

486405a ci: add cargo check workflow
c76e7c0 ci: test cargo.toml

📊 Changes

2 files changed (+113 additions, -147 deletions)

View changed files

📝 .github/workflows/tauri_ci.yaml (+29 -9)
📝 frontend/appflowy_tauri/src-tauri/Cargo.lock (+84 -138)

📄 Description

Feature Preview

This pull request addresses an important aspect of maintaining our Rust projects—keeping Cargo.toml and Cargo.lock synchronized. When changes are made to the project's dependencies, it is crucial to ensure that Cargo.lock is also updated to accurately reflect these changes. This PR helps us maintain consistency and stability in our Rust project builds.

Why This Matters:

Dependency Consistency: The Cargo.toml file defines the high-level dependencies for our project. However, Cargo.lock contains detailed information about specific versions and dependencies used in the build. Keeping them in sync ensures that all team members and our continuous integration process build the project with identical dependencies.
Reproducibility: A synchronized Cargo.lock enables us to reproduce exact builds consistently across different environments. This is especially important when collaborating with other developers or when deploying to production.
Security and Bug Fixes: Updates to dependencies often include security patches and bug fixes. By maintaining an up-to-date Cargo.lock, we can easily incorporate these improvements into our project.

How to Test:

When changes are made to Cargo.toml that affect dependencies (adding, updating, or removing), the CI/CD pipeline should validate that Cargo.lock is also updated in this PR. If it's not, the pipeline should fail, indicating that the Cargo.lock file must be synchronized with Cargo.toml.
Manually verify that any changes to Cargo.toml are reflected in the updated Cargo.lock file.

PR Checklist

My code adheres to the AppFlowy Style Guide
I've listed at least one issue that this PR fixes in the description above.
I've added a test(s) to validate changes in this PR, or this PR only contains semantic changes.
All existing tests are passing.

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/AppFlowy-IO/AppFlowy/pull/3361 **Author:** [@qinluhe](https://github.com/qinluhe) **Created:** 9/7/2023 **Status:** ✅ Merged **Merged:** 9/11/2023 **Merged by:** [@appflowy](https://github.com/appflowy) **Base:** `main` ← **Head:** `ci/add-cargo-check` --- ### 📝 Commits (2) - [`486405a`](https://github.com/AppFlowy-IO/AppFlowy/commit/486405ad8465684d70057d7454ec1726e5426633) ci: add cargo check workflow - [`c76e7c0`](https://github.com/AppFlowy-IO/AppFlowy/commit/c76e7c04aff26d5dd3a530fe3f44a1217d2c6feb) ci: test cargo.toml ### 📊 Changes **2 files changed** (+113 additions, -147 deletions) <details> <summary>View changed files</summary> 📝 `.github/workflows/tauri_ci.yaml` (+29 -9) 📝 `frontend/appflowy_tauri/src-tauri/Cargo.lock` (+84 -138) </details> ### 📄 Description   ### Feature Preview This pull request addresses an important aspect of maintaining our Rust projects—keeping Cargo.toml and Cargo.lock synchronized. When changes are made to the project's dependencies, it is crucial to ensure that Cargo.lock is also updated to accurately reflect these changes. This PR helps us maintain consistency and stability in our Rust project builds. ### Why This Matters: - **Dependency Consistency**: The Cargo.toml file defines the high-level dependencies for our project. However, Cargo.lock contains detailed information about specific versions and dependencies used in the build. Keeping them in sync ensures that all team members and our continuous integration process build the project with identical dependencies. - **Reproducibility**: A synchronized Cargo.lock enables us to reproduce exact builds consistently across different environments. This is especially important when collaborating with other developers or when deploying to production. - **Security and Bug Fixes:** Updates to dependencies often include security patches and bug fixes. By maintaining an up-to-date Cargo.lock, we can easily incorporate these improvements into our project. ### How to Test: - When changes are made to Cargo.toml that affect dependencies (adding, updating, or removing), the CI/CD pipeline should validate that Cargo.lock is also updated in this PR. If it's not, the pipeline should fail, indicating that the Cargo.lock file must be synchronized with Cargo.toml. - Manually verify that any changes to Cargo.toml are reflected in the updated Cargo.lock file.  ---  #### PR Checklist - [x] My code adheres to the [AppFlowy Style Guide](https://appflowy.gitbook.io/docs/essential-documentation/contribute-to-appflowy/software-contributions/submitting-code/style-guides) - [x] I've listed at least one issue that this PR fixes in the description above. - [x] I've added a test(s) to validate changes in this PR, or this PR only contains semantic changes. - [x] All existing tests are passing. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>