Version 2.11.3

[tdimitrov]

Bump the version of the crate to 2.11.3 and add Cargo.lock under version control.

[niklasad1]

No, this is wrong scale-info is just a library and Cargo.lock doesn't matter.

Thus, revert this please

[tdimitrov]

I just had exactly the opposite conversation with @ascjones.

Bottom line - I'll revert Cargo.lock and keep the comment. Okay @ascjones ?

[jsdw]

TIL: Nowadays the argument is that there are pros and cons either way. (see https://blog.rust-lang.org/2023/08/29/committing-lockfiles.html)

Basically, the pros of keeping it are that one knows the precise deps the thing was tested against and can workout which dep updates may have broken something (if they do). The cons are that packages pulling in scale-info will ignore the lockfile, so you want to make sure not to be only testing what's in the lockfile in CI.

So, we can start committing the lockfile if we like, but in that case I'd prob suggest adding a step involving a cargo update to CI (maybe as a nightly thing) to make sure the latest versions of things work over time. Edit: Or maybe just having dependabot tryingto update the lockfile deps every now and then is enough?