Dart: pub get vs pub upgrade

Question

According to the pub get docs the main difference between pub get and pub upgrade is:

If a lockfile already exists, pub get uses the versions of dependencies locked in it if possible. If a dependency isn’t locked, pub will get the latest version of that dependency that satisfies all the version constraints. This is the primary difference between pub get and pub upgrade, which always tries to get the latest versions of all dependencies.

But this leaves me with a few questions.

1. What do they mean by "If a dependency isn't locked...? Locked?!? Like in version control? File system lock? What is this lock of which they speak?
2. Still not clearly understanding the difference between these two commands. Are they saying that pub get takes version constraints into account, and that pub upgrade doesn't?

Answer 1

It is locked when the pubspec.lock file contains an entry for this dependency. You can change the dependency in pubspec.lock manually to specify exactly what version you want to use. pub upgrade checks for the newest version that fits your pubspec.yaml configuration and updates your pubspec.lock file automatically.

when pubspec.lock is checked in with your package code in a CVS repository you are able to later reproduce the exact same setup as you had when you checked in your code even when your pubspec.yaml allowed a wider range of versions for a dependency.

see also

• Upgrading a dependency
• In Dart and Pub, should I add pubspec.lock to my .gitignore?