I'm setting up a Rust server with Rocket and I'm trying to use it with a JWT library. They use different versions of the *ring* crate and I get an error during cargo build:
error: multiple packages link to native library `ring-asm`, but a native library can be linked only once
package `ring v0.12.1`
... which is depended on by `jsonwebtoken v4.0.1`
... which is depended on by `auther v0.1.0 (file:///home/drpytho/x/downloadble/auther)`
links to native library `ring-asm`
package `ring v0.11.0`
... which is depended on by `cookie v0.9.2`
... which is depended on by `rocket v0.3.6`
... which is depended on by `rocket_codegen v0.3.6`
... which is depended on by `auther v0.1.0 (file:///home/drpytho/x/downloadble/auther)`
also links to native library `ring-asm`
My Cargo.toml
[package]
name = "auther"
version = "0.1.0"
authors = ["Name <Email#mail.se>"]
[dependencies]
rocket = "0.3.6"
rocket_codegen = "0.3.6"
jsonwebtoken = "4"
serde_derive = "1"
serde = "1"
I read that you are supposed to fix the mismatching dependencies in your Cargo file, but I can't figure out how to do it.
You have to fix this by not transitively depending on different versions of crates that link to a native library.
There's no newer version of rocket available that depends on version 0.10 of cookie, which depends on ring 0.12, so you'll need to downgrade jsonwebtoken to 2.0.3.
You can work this out by checking the crates.io pages for the crates in question (like with jsonwebtoken), going back through older versions, and looking to see what dependencies it needs.
Related
error: failed to select a version for `syn`. \
... required by package `serde_derive v1.0.125`\
... which satisfies dependency `serde_derive = "=1.0.125"` of package `serde v1.0.125`
... which satisfies dependency `serde = "^1.0.125"` of package `mongodb v2.1.0`\
... which satisfies dependency `mongodb = "^2.1"` of package `wagmeet v0.1.0
\(/mnt/e/College/Eighth Semester/Crypto_Capable/wagmeet_app)`\
versions that meet the requirements `^1.0.60` are: 1.0.86, 1.0.85, 1.0.84, 1.0.83, 1.0.82, 1.0.81, 1.0.80, 1.0.79, 1.0.78, 1.0.77, 1.0.76, 1.0.75, 1.0.74, 1.0.73, 1.0.72, 1.0.71, 1.0.70, 1.0.69, 1.0.68, 1.0.67, 1.0.66, 1.0.65, 1.0.64, 1.0.63, 1.0.62, 1.0.61, 1.0.60
all possible versions conflict with previously selected packages.
previously selected package `syn v1.0.57`\
... which satisfies dependency `syn = "=1.0.57"`
\ of package `near-sdk-core v3.0.1`
... which satisfies dependency `near-sdk-core = "=3.0.1"` of package `near-sdk-macros v3.0.1` \
... which satisfies dependency `near-sdk-macros = "=3.0.1"` \ of package `near-sdk v3.0.1`
... which satisfies dependency `near-sdk = "^3"` of package `wagmeet v0.1.0 `\
failed to select a version for `syn` which could resolve this conflict
Cargo.toml file
[package]
name = "wagmeet"
version = "0.1.0"
edition = "2021"
[lib]
crate-type = ["rlib","cdylib"]
[dependencies]
near-sdk = "^3.1.0"
near-contract-standards = "^3.1.1"
mongodb = "2.0.0"
bson = { version = "2", features = ["chrono-0_4"] } # Needed for using chrono datetime in doc
tokio = "1"
chrono = "0.4" # Used for setting DateTimes
serde = "1"
serde_derive = "1.0.135"
Update
added the cargo.toml file
I have tried various versions nothing seems to be working for now. Is mongoDb even compatible with Near protocol?
There is a conflict between two of your dependencies: near-sdk requires exactly syn version 1.0.57, and mongodb requires at least syn version 1.0.60. Clearly both cannot exist together.
You have few solutions:
Patch near-sdk to support later syn versions. This is usually not recommended.
Upgrade near-sdk to the pre-release 4.0.0 (currently 4.0.0-pre.7) that supports later syn versions. This is an unstable version, and may break.
Downgrade mongodb to a version that supports syn version 1.0.57. The latest version that supports that is 1.2.5, so you need to specify in your Cargo.toml mongodb = "=1.2.5". But this relies on an old, unsupported version.
There is no "best solution". All solutions are bad. I would probably upgrade near-sdk to 4.0.0, but what to do depends on your needs.
Try the following methods...
check your patched dependencies are pointed to the correct source repository
if you use other project's Cargo.lock or change some dependencies as you go, remove target folder and build again
check compilation logs for incorrect dependency paths!
update your Rust
delete .cargo and .rustup directories
I have the crates oauth2 (v4.1.0) and sqlx[json] (v0.5.5):
[dependencies]
oauth2 = "4.1.0"
sqlx = { version = "0.5.5", features = ["json"] }
When attempting to build, I am getting the following error:
error: cyclic package dependency: package `ahash v0.7.4` depends on itself. Cycle:
package `ahash v0.7.4`
... which is depended on by `hashbrown v0.11.2`
... which is depended on by `indexmap v1.7.0`
... which is depended on by `serde_json v1.0.64`
... which is depended on by `wasm-bindgen v0.2.74`
... which is depended on by `js-sys v0.3.51`
... which is depended on by `getrandom v0.2.3`
... which is depended on by `ahash v0.7.4`
This only happens when I activate the json feature flag on sqlx. How do I troubleshoot this kind of problem? Are there any workarounds to make these libs/features work together? What are the alternatives?
After trying a few things back and forth, the only solution I found, was to update the lockfile to the latest version, using:
cargo update
After that, cargo clean && cargo build worked like a charm! Seems like some older patch versions seem to have conflicts, but the changes in the Cargo.lock were too big to track down, which crate combination it was. I hope that helps anybody else!
EDIT: After more communication and searching, I got referred to an issue directly at the ahash github project: https://github.com/tkaitchuck/aHash/issues/95.
According to that, the actual official "workaround" was / is, to pin the indexmap crate to:
indexmap = "=1.6.2"
However when looking into my Cargo.lock file, it seems to work with now:
indexmap = "1.7"
I'm trying to use the jlrs crate (v0.6),
which depends on jl-sys version 0.8,
which depends on bindgen version 0.54.1,
which is yanked.
When I run cargo update it says:
Updating crates.io index
error: failed to select a version for the requirement `bindgen = "^0.54.1"`
candidate versions found which didn't match: 0.55.1, 0.55.0, 0.54.0, ...
location searched: crates.io index
required by package `jl-sys v0.8.0`
... which is depended on by `jlrs v0.6.0`
So far as I can see, jl-sys requires exactly bindgen version 0.54.1, which has been yanked. Is there an easy way to persuade it to use a newer version?
#Herotar was right about the [patch] section being what I needed.
First I checked out https://github.com/Taaitaaiger/jlrs which contains the jl-sys source. Then I bumped the version of bindgen referenced in jl-sys to 0.55
Modified my Cargo.toml like this
[dependencies]
jlrs = "0.6"
jl-sys = "0.8.0"
[patch.crates-io]
jl-sys = { path = '/home/me/jlrs/jl_sys' }
Then it all worked.
I'm following this tutorial here and have also looked into Rocket's official guide of setting up a web server.
I've set as default the nightly builds. But I get the following error:
error: failed to select a version for the requirement `ring = "^0.11.0"`
candidate versions found which didn't match: 0.16.11, 0.16.10, 0.16.9, ...
location searched: crates.io index
required by package `cookie v0.9.1`
... which is depended on by `rocket v0.3.6`
... which is depended on by `my-project`
Obviously there's some mismatch with the dependencies, but since ring is something required by the framework itself, I'm not sure how to debug this... furthermore, I'm using the latest versions of cargo and rust:
cargo 1.43.0-nightly (... 2020-02-18)
rustc 1.43.0-nightly (... 2020-02-21)
ring v0.11.0 was yanked from crates.io (see this issue for some background). Since some versions rocket depended on versions of ring that were yanked, those versions of rocket will no longer work.
Upgrading to rocket v0.4.0 (or the latest v0.4.2) should solve this issue.
I'm facing this problem when I try to cargo build:
error: native library openssl is being linked to by more than one version of the same package, but it can only be linked once; try updating or pinning your dependencies to ensure that this package only shows up once
openssl-sys v0.6.7
openssl-sys v0.7.13
Cargo and Rust versions:
$ cargo --version
cargo 0.11.0-nightly (3ff108a 2016-05-24)
$ rustc --version
rustc 1.11.0-nightly (7746a334d 2016-05-28)
Files:
Cargo.toml
Cargo.lock
can't get why this doesn't compile and how to solve this problem.
Thank you!
The way that linking works, you can only have a single version of a native library linked, otherwise you end up with duplicate symbols. Cargo's links manifest key helps prevent you from accidentally linking to the same set of symbols twice.
To solve it, you need to read through your Cargo.lock (it's not a difficult file format to understand). Find the crates that have the offending library as a dependency and note which ones have conflicting versions.
Then you have to manually resolve your dependencies so that their dependencies use the same version of the native library.
In this case, the important aspects of the dependency chain are:
server (0.0.1) => cookie (0.2.4) => openssl (0.7.13)
=> hyper (0.6.16) => cookie (0.1.21) => openssl (0.6.7)
To fix it, modify your Cargo.toml to use the same version of cookie as hyper. Then you will implicitly get the same version of openssl.
To be honest, this is one of the roughest parts of Rust at the moment. At least this version of the "multiple different versions of the same crate" strangeness provides a straight-forward Cargo error.