How do I resolve a cyclic dependency in Cargo?

Question

I have the crates oauth2 (v4.1.0) and sqlx[json] (v0.5.5):

[dependencies]
oauth2 = "4.1.0"
sqlx = { version = "0.5.5", features = ["json"] }

When attempting to build, I am getting the following error:

error: cyclic package dependency: package `ahash v0.7.4` depends on itself. Cycle:
package `ahash v0.7.4`
    ... which is depended on by `hashbrown v0.11.2`
    ... which is depended on by `indexmap v1.7.0`
    ... which is depended on by `serde_json v1.0.64`
    ... which is depended on by `wasm-bindgen v0.2.74`
    ... which is depended on by `js-sys v0.3.51`
    ... which is depended on by `getrandom v0.2.3`
    ... which is depended on by `ahash v0.7.4`

This only happens when I activate the json feature flag on sqlx. How do I troubleshoot this kind of problem? Are there any workarounds to make these libs/features work together? What are the alternatives?

Answer 1

After trying a few things back and forth, the only solution I found, was to update the lockfile to the latest version, using:

cargo update

After that, cargo clean && cargo build worked like a charm! Seems like some older patch versions seem to have conflicts, but the changes in the Cargo.lock were too big to track down, which crate combination it was. I hope that helps anybody else!

EDIT: After more communication and searching, I got referred to an issue directly at the ahash github project: https://github.com/tkaitchuck/aHash/issues/95.

According to that, the actual official "workaround" was / is, to pin the indexmap crate to:

indexmap = "=1.6.2"

However when looking into my Cargo.lock file, it seems to work with now:

indexmap = "1.7"