Skip to content

Add CI check to detect dependency changes that may affect downstream users #4526

@drganjoo

Description

@drganjoo

Summary

When a crate removes a dependency or removes a feature flag on an existing dependency, downstream users who relied on transitive feature enablement may encounter compilation errors. We should add a CI check to detect such changes and ensure they are documented in release notes.

Background

Rust's feature unification combines all features across the dependency graph. If crate A depends on crate B with feature X enabled, users of A also get feature X on B without explicitly requesting it.

Two types of changes can break downstream users:

  1. Removing a dependency that was enabling features on other crates
  2. Removing a feature flag on an existing dependency

In both cases, users see cryptic compilation errors that do not indicate a missing feature flag is the root cause.

Proposed Action

  1. Add a CI check that parses Cargo.toml diffs and detects:
    • Removed dependencies
    • Removed features on existing dependencies
  2. When such changes are detected, verify that a corresponding changelog entry exists
  3. Fail the CI check if the changelog does not document the change

Acceptance Criteria

  • CI check detects removed dependencies in Cargo.toml
  • CI check detects removed features on existing dependencies
  • CI check verifies a changelog entry exists for detected changes
  • CI check fails if changelog entry is missing, passes otherwise

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions