Currently, binary dependencies are automatically installed by cargo-make. This is fine for personal builds, but it comes with two issues for CI:
- It will automatically install the newer version of binaries than the one specified
- It won't use the lockfile, leading to using newer version of the binarie's dependencies
Both can cause reproducibility to suffer. Currently, xargo and cargo-make are built with a specified version and lockfile separately, but it's not the case for mkisofs-rs or cargo-travis. Ideally, it'd be nice to have a flag we can use to tell cargo-make to enforce the installation of the version specified, and using the lockfile. I filed sagiegurari/cargo-make#381 on this topic.
Currently, binary dependencies are automatically installed by cargo-make. This is fine for personal builds, but it comes with two issues for CI:
Both can cause reproducibility to suffer. Currently, xargo and cargo-make are built with a specified version and lockfile separately, but it's not the case for mkisofs-rs or cargo-travis. Ideally, it'd be nice to have a flag we can use to tell cargo-make to enforce the installation of the version specified, and using the lockfile. I filed sagiegurari/cargo-make#381 on this topic.