Dependencies in pre-release should always use fixed version

[yozhgoor]

Problem

If you use a dependency with a pre-release version (like "0.1.0-alpha"), you'll need to use a fixed version ("=0.1.0-alpha") to avoid bump on the pre-release version.

As you can see in the sem ver doc:

A pre-release version indicates that the version is unstable and might not satisfy the intended compatibility requirements as denoted by its associated normal version.

Steps

Using a depency in pre-release version, the dependency need to bump to a new pre-release version with some breaking change compared to the old one.

Possible Solution(s)

Use a fixed version by default to avoid this pitfall. This can be really silent.

Notes

I had that situation where i was using clap = "3.0.0-beta.2" as a dependency, few days ago someone opened an issue because cargo install wasn't working.
I tried myself and seen that i was trying to compile clap = "3.0.0-beta.5, this version change imports for the derive macro of clap. The program can't compile, so no one can install it

Version

cargo 1.56.0 (4ed5d137b 2021-10-04)
release: 1.56.0
commit-hash: 4ed5d137baff5eccf1bae5a7b2ae4b57efad4a7d
commit-date: 2021-10-04

[ehuss]

Thanks for the report! I think this is essentially covered in #2222, so closing as a duplicate of that. I think this is somewhat of an undecided issue, but if you want a specific version, I suggest using = or use --locked with cargo install. Feel free to leave a comment on that issue with your use case and experience.