semvercrate that is currently lacking this
overlapAPI. Another way to ensure that is to force that only the latest patched version has
>=prefix, and others have
^(semver compatible). In this case there was another bug, namely, the requirement were listed as one string, not two. Not sure how to prevent it from happening in future other than implement a custom semver parser.
Cargo.lockunless the relevant feature of the dependent crate is enabled
lazy_staticusers (I just checked some of my own projects that use
safe-transmute 0.4.0or something
rustsec-test-advisorykeyword and category are tests", because you could get a fair intuition about what it means just by looking