crypto backends during default builds of 1.13.0 from dependencies that use __implicit-crypto-backend-for-tests

(this may be related to #987 (closed)) I'm having difficulty with the automatic tests on debian of packages that depend on sequoia-openpgp 1.13.0.

This version introduced the __implicit-crypto-backend-for-tests feature, which itself is hard for me to understand, although i've read b7e1b0e5 a few times. I think sequoia's use of Rust features is cleverer than i am ☹

Let's work from a concrete example: sequoia-net 0.26.0 includes the following stanza in Cargo.toml:

# Enables a crypto backend for the tests:
[target.'cfg(not(windows))'.dev-dependencies]
sequoia-openpgp = { path = "../openpgp", version = "1", default-features = false, features = ["crypto-nettle", "__implicit-crypto-backend-for-tests"] }

and it contains no explicit dependencies on any sequoia-openpgp except for the baseline (no default features).

However, dh_auto_test by default for any crate wants to ensure that the crate itself is at least buildable.

For sequoia-net 0.26.0, it invokes the following during the package build on my quadcore amd64 machine:

env RUST_BACKTRACE=1 /usr/bin/cargo -Zavoid-dev-deps build --verbose --verbose -j4 --target x86_64-unknown-linux-gnu

This ultimately results in the following build failure:

     Running `/home/dkg/src/rust/2023-03-14/rust-sequoia-net-0.26.0/target/debug/build/sequoia-openpgp-622ac82572943ba4/build-script-build`
[sequoia-openpgp 1.13.0] No cryptographic backend selected.
[sequoia-openpgp 1.13.0] 
[sequoia-openpgp 1.13.0] Sequoia requires a cryptographic backend.  This backend is selected at compile
[sequoia-openpgp 1.13.0] time using feature flags.
[sequoia-openpgp 1.13.0] 
[sequoia-openpgp 1.13.0] See https://crates.io/crates/sequoia-openpgp#crypto-backends
error: failed to run custom build command for `sequoia-openpgp v1.13.0`

Caused by:
  process didn't exit successfully: `.../rust-sequoia-net-0.26.0/target/debug/build/sequoia-openpgp-622ac82572943ba4/build-script-build` (exit status: 1)
  --- stderr
  No cryptographic backend selected.

  Sequoia requires a cryptographic backend.  This backend is selected at compile
  time using feature flags.

  See https://crates.io/crates/sequoia-openpgp#crypto-backends

This is likely due to the -Zavoid-dev-deps during the test build: only the base sequoia-openpgp is available, so there is no default crypto dependency enabled (or compression, for that matter). (-Zavoid-dev-deps on a debian system is inserted during build by the wrapper script /usr/share/cargo/bin/cargo)

I am not sure the right way around this, but i see a few obvious options which i don't much like:

• i could override dh_auto_test to disable it entirely: this means no build-time testing
• i could override dh_auto_test with my own manual test: then i'd have to write and maintain my own build-time test for each dependent package.
• i could patch Cargo.toml to remove the default-features = false from the sequoia-openpgp dependency: this would make anything downstream of sequoia-net depend on the default crypto library though.
• i could override dh_auto_test to make it pass some additional arguments to cargo build on top of what it's already passing, but i don't know what to pass it to get it to pick a crypto backend.

Do you have other suggestions for how i should work around this issue? It looks to me like i'll run into it when updating each of sequoia-openpgp-mt, sequoia-wot, sequoia-net, sequoia-autocrypt, sequoia-ipc, as well as any other library crate that depends on them.

Is there some other way to express this attenuated dependency so that a simple cargo build of sequoia-net 0.26.0 can succeed?

I'm doing this work in debian experimental so that it doesn't interfere with the debian freeze, fwiw.