WORKSPACE: bump rules_rust to 0.48.0
Change-Id: Ib2921a50e9c3273512444825054e386e57bd9ae7
Reviewed-on: https://review.monogon.dev/c/monogon/+/3304
Reviewed-by: Leopold Schabel <leo@monogon.tech>
Tested-by: Jenkins CI
diff --git a/third_party/rust/README.md b/third_party/rust/README.md
index de1ac4a..f0e2da3 100644
--- a/third_party/rust/README.md
+++ b/third_party/rust/README.md
@@ -1,17 +1,10 @@
Rust dependency management
==========================
-You will need cargo-raze installed on your host operating system, as currently building cargo-raze with Bazel [seems to be broken](https://github.com/google/cargo-raze/issues/423) (and pulls in _a lot_ of transitive dependencies).
+Dependencies are defined in Cargo.toml. Dependency syncing and updating is done in the repository rule which means it’s done during the analysis phase of builds.
- $ cargo install cargo-raze
+To render a new lock file:
-Dependencies are defined in Cargo.toml. Raze is used to lock these into concrete versions (in `//third_party/rust/cargo/Cargo.raze.lock`) and to generate BUILDfiles (in `//third_party/rust/cargo/remote/...` and `//third_party/rust/BUILD.bazel`).
+ $ CARGO_BAZEL_REPIN=1 bazel sync
-In contrast to Gazelle/go dependencies, the BUILD files for external packages are actually committed into the repository instead of being generated on demand during analysis phase. This makes Raze a bit more noisy in Git history, but vastly speeds up analysis phase, and doesn't rely on an early, pre-analysis Go toolchain that Gazelle relies on.
-
-To relock dependencies and regenerate BUILDfiles:
-
- $ cd third_party/rust/
- $ cargo raze
-
-For more information on the process, consult the official [cargo-raze documentation](https://github.com/google/cargo-raze).
+For more information on the process, consult the official [rules_rust/crate_universe documentation](https://bazelbuild.github.io/rules_rust/crate_universe.html).