cargo update: Usage, Options & Common CI Errors
Refresh your locked dependency versions.
cargo update recomputes Cargo.lock, moving dependencies to the newest versions allowed by Cargo.toml. It only edits the lockfile; it does not change Cargo.toml requirements.
What it does
Re-resolves the dependency graph against your version requirements and writes the result to Cargo.lock. Without -p it can bump everything; with -p it updates only the named package.
Common usage
cargo update # update all deps in the lock
cargo update -p serde # update just serde
cargo update -p serde --precise 1.0.200
cargo update --dry-run # show what would changeCommon CI error: silently bumped versions
Running cargo update in CI rewrites Cargo.lock so the build no longer matches what you committed, hiding breakage and defeating reproducibility. Fix: never run a bare cargo update in CI - use cargo build --locked instead, and run cargo update intentionally in a dependency-bump PR.
Options
| Flag | Effect |
|---|---|
| -p, --package <name> | Update only that package |
| --precise <ver> | Set an exact version |
| --dry-run | Print changes, do not write |
| --workspace | Update workspace members only |