Cargo update doesn't look for overrides in the config file

[Manishearth]

This makes it a bit hard to work on rust upgrades locally, since cargo update provides convenient way of updating the lockfiles to specific hashes. However, if the hash doesn't exist in the github repo, it fails to update the lockfile with this error:

$ cargo update -p html5ever --precise 497339bd717fcd78451139a1d8ddc3d6d5836842 --verbose
    Updating git repository `https://github.com/servo/html5ever`
Unable to update https://github.com/servo/html5ever#497339bd

Caused by:
  [4] Revspec '497339bd717fcd78451139a1d8ddc3d6d5836842' not found.

This happens even if the hash exists in the local repo that the config paths key points to.

(Manually updating the lockfile and building works fine, since cargo build does look for overrides)

[Manishearth]

I tried fixing this myself with this WIP, but it still isn't working. Not sure what I should be doing here.

[Manishearth]

I guess to fix this Dependency::get_source_id() or something should be aware of the overrides.

[alexcrichton]

I'm not sure I quite follow, but it looks like you're running cargo update, requesting a non-existent revision in a remote repository? Cargo needs to fetch the repository to learn about dependencies, so how could it ignore the fetch error?

[Manishearth]

When there is a path override it shouldn't have to fetch the repo, right?

[alexcrichton]

The purpose of cargo update is to update the lockfile, which doesn't take into account path overrides, requiring that the repo be fetched.

[Manishearth]

@alexcrichton Can there be some other way to work on dependencies without requiring a push everytime? For example, being able to specify [dependency.something] overrides in the Cargo config would work.

[alexcrichton]

Sorry, but I can't quite grapple what your use case is here. Do you want to update the Cargo.lock as-if all upstream repositories have their information, but you don't want to actually push any of that information?

I would like to support overrides in the manifest, but that seems orthogonal to the issue here.

[Manishearth]

@alexcrichton say I'm doing a rust upgrade (or some sort of dependency
changes) and I'm trying to get a package to work. This package is used by many other dependencies (so updating all the Cargo.toml files to temporary take a local path is painful).

Basically, I want to be able to work on dependencies locally without having to edit toml files all over the place :)

[alexcrichton]

That sounds like what the paths override in .cargo/config is for? Is that not working for you?

I would expect you to have a global ~/.cargo/config which has lots of path entries during a rust upgrade which are then all pushed at once.

[Manishearth]

The path entries don't get updated via cargo update -p <package> --precise <hash> (so it stays locked on an old hash), cargo update instead looks for it in the main repo.

[alexcrichton]

We talked about this on IRC and reached the conclusion that paths overrides are likely working as expected.

[Ericson2314]

Do [replace] overrides work differently than this? Cargo weirdly fails to fetch me repos all the time.

[Ericson2314]

Nevermind on the failure, old lockfile + force pushes was the issue and chucking the lockfile fixed it. Still, the fetches can sometimes be slow and it would be nice to avoid them.