diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 45f32c81..e7ebfca2 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -140,7 +140,7 @@ cargo test --test Reproduce the benchmark regression gate locally without checking out `main` in place: ```bash -cargo install critcmp --version 0.1.7 +cargo install --locked critcmp --version 0.1.7 bash scripts/check_benchmark_regressions.sh ``` @@ -162,7 +162,7 @@ Fuzzing helps discover crashes and panics in critical code paths like WASM parsi **Prerequisites:** Install `cargo-fuzz`: ```bash -cargo install cargo-fuzz +cargo install --locked cargo-fuzz ``` **Running a fuzz target:** diff --git a/Readme.md b/Readme.md index ee7d3abb..dfa65dbb 100644 --- a/Readme.md +++ b/Readme.md @@ -28,14 +28,16 @@ A command-line debugger for Soroban smart contracts on the Stellar network. Debu #### Using Cargo (Recommended) ```bash -cargo install soroban-debugger +cargo install --locked soroban-debugger ``` +> The `--locked` flag pins dependency versions to those tested by the maintainers, ensuring a reproducible install. + #### From Source ```bash git clone https://github.com/Timi16/soroban-debugger.git cd soroban-debugger -cargo install --path . +cargo install --locked --path . ``` ### 2. Your First Debug Run diff --git a/docs/getting-started.md b/docs/getting-started.md index dbf8bb61..170f7ced 100644 --- a/docs/getting-started.md +++ b/docs/getting-started.md @@ -12,7 +12,7 @@ If you have Rust installed, you can install the debugger directly from source or ```bash # Install from crates.io -cargo install soroban-debugger +cargo install --locked soroban-debugger ``` ### Option B: Download Pre-built Binaries diff --git a/docs/tutorials/first-debug.md b/docs/tutorials/first-debug.md index 0bc870f5..66349ae1 100644 --- a/docs/tutorials/first-debug.md +++ b/docs/tutorials/first-debug.md @@ -16,7 +16,7 @@ To step through Soroban WebAssembly (WASM) execution, you need the Soroban debug Install it via Cargo by running the following command in your terminal: ```bash -cargo install soroban-debugger +cargo install --locked soroban-debugger ``` Verify the installation was successful by checking the version: