Awesome
<p align="center"> <img alt="semver-checks" src="./brand/banner.png" width="800" /> </p>cargo-semver-checks
Lint your crate API changes for semver violations.
Quick Start
# If you already use `cargo-binstall` for faster tool installations:
$ cargo binstall cargo-semver-checks
# Otherwise:
$ cargo install cargo-semver-checks --locked
# Lint a new release for SemVer breakage before `cargo publish`:
$ cargo semver-checks
Or use as a GitHub Action (used in .github/workflows/ci.yml
in this repo):
- name: Check semver
uses: obi1kenobi/cargo-semver-checks-action@v2
Each failing check references specific items in the Cargo SemVer reference or other reference pages, as appropriate. It also includes the item name and file location that are the cause of the problem, as well as a link to the implementation of that query in the current version of the tool.
FAQ
- What Rust versions does
cargo-semver-checks
support? - Can I use
cargo-semver-checks
withnightly
Rust? - What if my project needs stronger guarantees around supported Rust versions?
- Does the crate I'm checking have to be published on crates.io?
- What features does
cargo-semver-checks
enable in the tested crates? - My crate uses
--cfg
conditional compilation. Cancargo-semver-checks
scan it? - Does
cargo-semver-checks
have false positives? - Will
cargo-semver-checks
catch every semver violation? - Can I configure individual lints?
- If I really want a new feature to be implemented, can I sponsor its development?
- How is
cargo-semver-checks
similar to and different from other tools? - Why is it sometimes
cargo-semver-check
andcargo-semver-checks
? - What is the MSRV policy with respect to semver?
What Rust versions does cargo-semver-checks
support?
cargo-semver-checks
uses the rustdoc tool to analyze the crate's API.
Rustdoc's JSON output format isn't stable, and can have breaking changes in new Rust versions.
When each cargo-semver-checks
version is released, it will at minimum include support
for the then-current stable and beta Rust versions. It may, but is not guaranteed to,
additionally support some nightly Rust versions.
The GitHub Action by default uses
the most recent versions of both cargo-semver-checks
and stable Rust,
so it should be unaffected. Users using cargo-semver-checks
in other ways
are encouraged to update cargo-semver-checks
when updating Rust versions
to ensure continued compatibility.
Can I use cargo-semver-checks
with nightly
Rust?
Support for nightly
Rust versions is on a best-effort basis.
It will work often, but not always. If you must use nightly
,
it's strongly recommended to pin to a specific nightly
version to avoid broken workflows.
cargo-semver-checks
relies on the rustdoc JSON format, which is unstable and changes often.
After a new rustdoc JSON format version gets shipped in nightly
, it usually takes
several days to several weeks for it to be supported in a new cargo-semver-checks
,
during which time it is not possible to use cargo-semver-checks
with those nightly
versions.
It's also possible that support for some nightly
versions may be dropped even while older
stable versions are still supported. This usually happens when a rustdoc format gets superseded by
a newer version before becoming part of any stable Rust. In that case, we may drop support for
that format to conserve maintenance bandwidth and speed up compile times.
For example, cargo-semver-checks
v0.24
supported rustdoc formats v24, v26, and v27, but did not support the nightly-only v25 format.
What if my project needs stronger guarantees around supported Rust versions?
If you'd like extended support for older Rust versions,
or an SLA on supporting new nightly
releases, we're happy to offer those on a commercial basis.
It could be in the form of a formal support contract,
or something as simple as discussing expectations over email
and setting up a recurring GitHub sponsorship for an agreed-upon amount.
Please reach out at the email in the Cargo.toml and let us know about what projects this is for and what their needs are.
Does the crate I'm checking have to be published on crates.io?
No, it does not have to be published anywhere. You'll just need to use a flag to help
cargo-semver-checks
locate the version to use as a baseline for semver-checking.
By default, cargo-semver-checks
uses crates.io to look up the previous version of the crate,
which is used as the baseline for semver-checking the current version of the crate.
The following flags can be used to explicitly specify a baseline instead:
--baseline-version <X.Y.Z>
Version from registry to lookup for a baseline
--baseline-rev <REV>
Git revision to lookup for a baseline
--baseline-root <MANIFEST_ROOT>
Directory containing baseline crate source
--baseline-rustdoc <JSON_PATH>
The rustdoc json file to use as a semver baseline
Custom registries are not currently supported (#160), so crates published on registries other than crates.io should use one of the other approaches of generating the baseline.
What features does cargo-semver-checks
enable in the tested crates?
By default, checking is done on all features except features named unstable
, nightly
, bench
, no_std
, or ones with prefix _
, unstable-
, or unstable_
, as such names are commonly used for private or unstable features.
This behaviour can be overriden. Checked feature set can be changed to:
- all the features, selected with
--all-features
, - only the crate's default features, selected with
--default-features
, - empty set, selected with
--only-explicit-features
.
Additionally, features can be enabled one-by-one, using flags --features
, --baseline-features
and --current-features
.
For example, consider crate serde, with the following features (per v1.0.163):
std
- the crate's only default feature,alloc
,derive
,rc
- optional features,unstable
- a feature that possibly breaks semver.
used flags | selected feature set | explanation |
---|---|---|
none | std , alloc , derive , rc | Feature unstable is excluded by the default heuristic. |
--features unstable | std , alloc , derive , rc , unstable | The flag explicitly adds unstable to the heuristic's selections. |
--all-features | std , alloc , derive , rc , unstable | All the features are used, disabling the default heuristic. |
--default-features | std | The crate has only one default feature. |
--default-features --features derive | std , derive | Feature derive is used along with crate's default features. |
--only-explicit-features | none | No explicit features are passed. |
--only-explicit-features --features unstable | unstable | All features can be added explicitly, regardless of their name. |
My crate uses --cfg
conditional compilation. Can cargo-semver-checks
scan it?
Yes! You can configure the --cfg
options that cargo-semver-checks
will use
when scanning your crate by setting them in the RUSTDOCFLAGS
environment variable.
For example, you can ask cargo-semver-checks
to enable the some-option
config
by invoking it as:
RUSTDOCFLAGS="--cfg some-option" cargo semver-checks
Does cargo-semver-checks
have false positives?
"False positive" means that cargo-semver-checks
reported a semver violation incorrectly.
A design goal of cargo-semver-checks
is to not have false positives.
If they do occur, they are considered bugs.
When cargo-semver-checks
reports a semver violation, it should always point to a specific
file and approximate line number where the specified issue occurs; failure to specify
a file and line number is also considered a bug.
If you think cargo-semver-checks
might have a false-positive but you aren't sure, please
open an issue.
Semver in Rust has many non-obvious and tricky edge cases,
especially in the presence of macros.
We'd be happy to look into it together with you to determine if it's a false positive or not.
Will cargo-semver-checks
catch every semver violation?
No, it will not — not yet!
There are many ways to break semver, and cargo-semver-checks
doesn't yet have lints for all of them.
New lints are added frequently, and
we'd be happy to mentor you
if you'd like to contribute new lints!
Append --verbose
when semver-checking your crate to see the full list of performed semver checks.
Here are some example areas where cargo-semver-checks
currently will not catch semver violations:
- breaking type changes, for example in the type of a field or function parameter
- breaking changes in generics or lifetimes
- breaking changes that exist when only a subset of all crate features are activated
Can I configure individual lints?
Yes! See lint-level configuration.
If I really want a new feature to be implemented, can I sponsor its development?
Depending on the feature, possibly yes!
Please reach out to us ahead of time over email to discuss the scope of the feature and sponsorship.
It's possible that the feature might be deemed out of scope, too complex to build or maintain, or otherwise unsuitable. In such cases we'd like to let you know that before you've sent us money, since there are no refunds on GitHub Sponsors.
If the feature is viable and the work involved in building is commensurate to the sponsorship amount, we'd be happy to build it. At your option, we'd also be happy to give you a shout-out for sponsoring the feature when it is announced in the release notes.
How is cargo-semver-checks
similar to and different from other tools?
rust semverver builds on top of rustc internals to build rlib's and compare their metadata. This strips the code down to the basics for identifying changes. However, is tightly coupled to specific nightly compiler versions and takes work to stay in sync. As of April 17, 2023, it appears to be deprecated and no longer maintained.
cargo breaking effectively runs
cargo expand
and re-parses the code using
syn
which requires re-implementing large
swaths of rust's semantics to then lint the API for changes.
This is limited to the feature and target the crate was compiled for.
As of November 22, 2022, it appears to be
archived and no longer maintained.
cargo-semver-checks
sources its data from rustdoc's json output. While the
json output format is unstable, the rate of change is fairly low, reducing the
churn in keeping up. The lints are also written as queries for trustfall
"query everything" engine, reducing
the work for creating and maintaining them. Because of the extra data that
rustdoc includes, some level of feature/target awareness might be able to be
introduced.
There is interest in
hosting rustdoc JSON on docs.rs
meaning
that semver-checking could one day download the baseline rustdoc JSON file instead of generating it.
Also, generally speaking, inspecting JSON data is likely going to be faster than full compilation.
cargo-public-api
uses rustdoc,
like cargo-semver-checks
, but focuses more on API diffing (showing which
items has changed) and not API linting (explaining why they have changed and
providing control over what counts).
Why is it sometimes cargo-semver-check
and cargo-semver-checks
?
This crate was intended to be published under the name cargo-semver-check
, and may indeed one
day be published under that name. Due to
an unfortunate mishap,
it remains cargo-semver-checks
for the time being.
The cargo_semver_check
name is reserved on crates.io but all its versions
are intentionally yanked. Please use the cargo-semver-checks
crate instead.
What is the MSRV policy with respect to semver?
MSRV bumps are not considered major changes.
cargo-semver-checks
has two Rust version bounds, since it depends on Rust
both at compile-time and at runtime:
- The MSRV for compiling
cargo-semver-checks
("compile MSRV") is currently Rust 1.70. This is primarily determined by our dependencies' MSRVs. - The MSRV for checking crates ("runtime MSRV") is currently Rust 1.71. This is determined based on the rustdoc JSON format versions and known bugs in older rustdoc versions.
As much as practically possible, changes to the runtime MSRV will come in bumps
of the middle number in the version, e.g. 0.24.1 -> 0.25.0
or 1.2.3 -> 1.3.0
.
Changes to the compile MSRV may happen in any kind of version bump. As much as practically possible, we'll aim to make them simultaneously with runtime MSRV bumps.
Configuration
Lint-level configuration
cargo-semver-checks
offers the ability to customize which lints are enforced, what SemVer versions they require, and whether violations of that lint produce deny / warn / allow
behavior.
As a reminder, a "lint" or "check" is a rule in cargo-semver-checks
that looks for a specific kind of issue. For example, the function_missing
lint looks for functions that no longer exist in a crate's public API. cargo-semver-checks
has many dozens of such lints.
Lints may be configured in two ways:
- lint level: When a lint finds issues, the lint level controls how
cargo-semver-checks
responds. Thedeny
level makes the lint a hard error:cargo-semver-checks
will exit with an error and will require a version bump to resolve. Thewarn
level will print a warning describing the issue, but will not causecargo-semver-checks
to exit with an error code — meaning it will not block CI runs. Theallow
level means the findings of the lint should be silently ignored, so the check doesn't even need to be run. - required update: This sets the kind of version bump this check should require (for
deny
-level) or suggest (forwarn
) when it spots an issue. For example, thefunction_missing
lint ismajor
by default, so if a public function is removed between versions, the version needs a major version bump (e.g., 1.2.3 to 2.0.0 or 0.5.2 to 0.6.0). This can be configured tomajor
orminor
(1.2.3 to 1.3.0 or 0.5.2 to 0.5.3). There is no "patch" setting since that is equivalent to setting anallow
lint level.
To configure the level and/or required update for a lint, first find its name. This will be in snake_case
and is reported in the CLI on errors/warnings, and can also be found as the file name in the lints folder.
- Example: Downgrading an error-level lint to a warning
- Example: Changing the SemVer requirement for a lint
- Example: Configuring lints for an entire workspace
- Example: Overriding workspace configuration
- Common configurations: Make
#[must_use]
lints warn-only - Common configurations: Disable
#[must_use]
lints entirely - Implementation details & limitations
Example: Downgrading an error-level lint to a warning
cargo-semver-checks
by default considers adding #[must_use]
on an existing function to require a minor
version bump, and has level deny
. Let's say our package considers that too strict, and would prefer adding #[must_use]
to produce a warning instead of an error.
We can accomplish that by adding the following to the Cargo.toml
manifest for the package:
[package.metadata.cargo-semver-checks.lints]
function_must_use_added = "warn"
That option is shorthand notation for:
[package.metadata.cargo-semver-checks.lints]
function_must_use_added = { level = "warn" }
If we wanted to configure other lints simultaneously, we could add their configuration there as well: one lint per line.
Example: Changing the SemVer requirement for a lint
Say we instead wanted to mandate a major version bump if #[must_use]
is added.
We'd add the following to our package's Cargo.toml
file:
[package.metadata.cargo-semver-checks.lints]
function_must_use_added = { required-update = "major" }
Of course, it's possible to combine level
and required-update
settings.
For example, the following will make the function_must_use_added
cause warnings (instead of errors) whenever #[must_use]
is added without a major version bump:
[package.metadata.cargo-semver-checks.lints]
function_must_use_added = { level = "warn", required-update = "major" }
Example: Configuring lints for an entire workspace
cargo-semver-checks
allows defining your lint configuration at the workspace level, and reusing it in each of your crates.
First, add your configuration to the workspace root Cargo.toml
, noting the workspace.metadata
prefix instead of package.metadata
:
[workspace.metadata.cargo-semver-checks.lints]
function_must_use_added = { level = "warn" }
Then, to opt into the workspace configuration in individual packages, add either one of these keys to that package's Cargo.toml
:
[package.metadata.cargo-semver-checks.lints]
workspace = true
or, if your workspace already configures workspace-level lints (e.g. for clippy) at [workspace.lints]
,
[lints]
workspace = true
Using the lints.workspace
key will cause a cargo error if it is set and there is no [workspace.lints]
table in the workspace Cargo.toml. We support the lints.workspace
key to ease our transition toward merging cargo-semver-checks
into cargo
itself.
Setting workspace = false
is not valid configuration for either of these keys. To have a package opt-out from the workspace's lints configuration, omit both keys entirely from the package's Cargo.toml
.
Example: Overriding workspace configuration
When workspace = true
is set, it is still possible to override individual lint settings in a package.
Rule of thumb: for each config option of each lint,
- the workspace configuration overrides the lint's defaults, and
- the package's configuration overrides both of the above.
For example, if we have in the workspace Cargo.toml
:
[workspace.metadata.cargo-semver-checks.lints]
function_missing = { level = "warn", required-update = "minor" }
trait_now_doc_hidden = "warn"
function_must_use_added = "warn"
and in the package Cargo.toml
:
[package.metadata.cargo-semver-checks.lints]
workspace = true
function_missing = "deny"
trait_now_doc_hidden = { required-update = "minor" }
Here's the final configuration for that package:
- For
function_missing
:- The built-in defaults are
level = "deny", required-update = "major"
. - The workspace overrides both to
level = "warn", required-update = "minor"
. - The package opts into the workspace's configuration with
workspace = true
, then overrides tolevel = "deny"
. - The final config:
level = "deny", required-update = "minor"
.
- The built-in defaults are
- For
trait_now_doc_hidden
:- The built-in defaults are
level = "deny", required-update = "major"
. - The workspace overrides
level = warn"
, leavingrequired-update
unchanged. - The package opts into the workspace's configuration with
workspace = true
, then setsrequired-update = "minor"
. - The final config:
level = "deny", required-update = "minor"
.
- The built-in defaults are
- For
function_must_use_added
:- The built-in defaults are
level = "deny", required-update = "minor"
. - The workspace overrides
level = "warn"
, leavingrequired-update
unchanged. - The package opts into the workspace's configuration with
workspace = true
. - The final config:
level = "warn", required-update = "minor"
.
- The built-in defaults are
Common configurations: Make #[must_use]
lints warn-only
In the default configuration, cargo-semver-checks
considers it an error to add #[must_use]
attributes in patch versions.
The rationale is that such an addition risks introducing new lints in downstream projects, and many projects consider lints as errors and may be broken as a result.
(Whether that setting is good practice for widespread use or not is outside the scope of cargo-semver-checks
.)
To downgrade all lints related to #[must_use]
from error to warnings, add the following lines to the cargo-semver-checks
configuration in your package or workspace:
function_must_use_added = "warn"
inherent_method_must_use_added = "warn"
struct_must_use_added = "warn"
enum_must_use_added = "warn"
trait_must_use_added = "warn"
union_must_use_added = "warn"
Common configurations: Disable #[must_use]
lints entirely
To skip checking #[must_use]
-related lints entirely, apply the following configuration to your package or workspace:
function_must_use_added = "allow"
inherent_method_must_use_added = "allow"
struct_must_use_added = "allow"
enum_must_use_added = "allow"
trait_must_use_added = "allow"
union_must_use_added = "allow"
Implementation details & limitations
When checking a package, cargo-semver-checks
uses the manifest of the current subject's Cargo.toml
file (plus its workspace configuration, if opted in).
Configuration set in the baseline version of the package (the version being compared against, such as an existing version published on crates.io) is not read and has no effect. This is because when publishing a new version, it makes sense to use the new version's configuration instead of any prior configuration.
When the --manifest-path
option is used to specify the subject package's Cargo.toml
file, that's also the file from which configuration is loaded. If that CLI flag is not specified, cargo-semver-checks
will by default attempt to find and use a Cargo.toml
file that belongs to the current directory.
If cargo-semver-checks
is executed in a way that skips reading the current manifest (such as with the --current-rustdoc
flag), it is currently not possible to configure lints. Interest in, and progress toward resolving this limitation is tracked in this issue.
Troubleshooting
This section documents common issues and the best ways to resolve them.
Running cargo install cargo-semver-checks --locked
produces an error
Recommendation: use cargo-binstall
to download a prebuilt binary if one is available for your platform, rather than compiling from scratch.
Specific errors and their resolutions:
- "error: failed to run custom build command for
libz-ng-sys vX.Y.Z
"- Preferred resolution: use a prebuilt binary to avoid this problem entirely.
- This error is caused by missing
cmake
on your system, which is required by a transitive dependency ofcargo-semver-checks
.cargo
does not currently offer a mechanism for such a binary dependency to be declared as required, nor automatically installed when needed. - You can usually install it via a command like
apt install cmake
orbrew install cmake
, depending on your platform.
Visual Design
Logo by NUMI:
License
Available under the Apache License (Version 2.0) or the MIT license, at your option.
Copyright 2022-present Predrag Gruevski and Project Contributors. The present date is determined by the timestamp of the most recent commit in the repository. Project Contributors are all authors and committers of commits in the repository.