Skip to content

chore(deps): Update dependencies (20250610) #7229

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Jun 11, 2025
Merged

chore(deps): Update dependencies (20250610) #7229

merged 2 commits into from
Jun 11, 2025

Conversation

Teebor-Choka
Copy link
Contributor

@Teebor-Choka Teebor-Choka commented Jun 10, 2025
edited
Loading

This pull request updates various dependencies across multiple Cargo.toml and pyproject.toml files to newer versions, ensuring compatibility and incorporating the latest features and fixes. The changes primarily focus on dependency version upgrades and maintaining consistency across the project.

Dependency Updates in Rust (Cargo.toml files):

  • Updated async-std to version 1.13.1 with additional features (attributes, unstable) and made it optional in common/async-runtime/Cargo.toml.
  • Upgraded opentelemetry and related dependencies (opentelemetry-otlp, opentelemetry_sdk, tracing-opentelemetry) to version 0.30.0 and 0.31.0 respectively.
  • Updated tower-http to version 0.6.6 in hoprd/rest-api/Cargo.toml with features for request validation, compression, and CORS.
  • Incremented versions of cfg-if, clap, petgraph, reqwest, and sea-query to their latest releases for improved functionality and bug fixes. [1] [2] [3]

Dependency Updates in Python (pyproject.toml files):

  • Updated aiohttp to version 3.12.12 and cryptography to version 45.0.4 in sdk/python/api/pyproject.toml to address security and compatibility improvements.
  • Incremented the version of ruff to 0.11.13 in the dev dependency group in pyproject.toml.

@Teebor-Choka Teebor-Choka added this to the 3.0.0 milestone Jun 10, 2025
@Teebor-Choka Teebor-Choka requested a review from a team June 10, 2025 19:51
@Teebor-Choka Teebor-Choka self-assigned this Jun 10, 2025
@coderabbitai coderabbitai
Copy link
Contributor

coderabbitai bot commented Jun 10, 2025
edited
Loading

📝 Walkthrough

Walkthrough

This update modifies dependency versions across multiple Cargo.toml and pyproject.toml files. Several Rust dependencies are upgraded or removed, notably the removal of async-std and async-std-resolver in the main Cargo.toml, and an explicit version pinning for async-std in a sub-crate. Python dependencies are also updated to newer minimum versions.

Changes

File(s) Change Summary
Cargo.toml Removed async-std and async-std-resolver; upgraded several dependencies to newer versions.
common/async-runtime/Cargo.toml Changed async-std from workspace-relative to explicit version with features; no code changes.
hoprd/rest-api/Cargo.toml Upgraded tower-http from 0.6.4 to 0.6.6; feature set unchanged.
pyproject.toml Updated ruff dev dependency minimum version from 0.11.11 to 0.11.13.
sdk/python/api/pyproject.toml Increased minimum versions: aiohttp to 3.12.12, cryptography to 45.0.4.

Sequence Diagram(s)

No sequence diagram generated as the changes are limited to dependency version updates and removals, with no modifications to control flow or feature logic.

📜 Recent review details

Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 9165547 and 7ff35b9.

⛔ Files ignored due to path filters (1)
  • Cargo.lock is excluded by !**/*.lock
📒 Files selected for processing (5)
  • Cargo.toml (3 hunks)
  • common/async-runtime/Cargo.toml (1 hunks)
  • hoprd/rest-api/Cargo.toml (1 hunks)
  • pyproject.toml (1 hunks)
  • sdk/python/api/pyproject.toml (1 hunks)
⏰ Context from checks skipped due to timeout of 90000ms (7)
  • GitHub Check: hoprd / docker
  • GitHub Check: Docs / Rust docs
  • GitHub Check: zizmor
  • GitHub Check: Build Candidate Binaries (hoprd)
  • GitHub Check: tests-unit
  • GitHub Check: Linter
  • GitHub Check: tests-unit-nightly
🔇 Additional comments (11)
pyproject.toml (1)

18-18: Confirm ruff version bump
The development dependency ruff has been upgraded to >=0.11.13. Ensure the new linter version is compatible with existing rules and that CI linting passes.

hoprd/rest-api/Cargo.toml (1)

46-46: Verify tower-http upgrade to 0.6.6
Bumped tower-http from 0.6.4 to 0.6.6 with the same feature set. Check the changelog for any breaking changes or deprecations that could affect request validation, compression, CORS, tracing, or header handling.

sdk/python/api/pyproject.toml (1)

6-9: Validate Python SDK API dependency bumps
aiohttp was raised to >=3.12.12 and cryptography to >=45.0.4. Run the integration tests to confirm there are no compatibility regressions, especially around TLS and HTTP client behavior.

common/async-runtime/Cargo.toml (1)

20-23: Approve pinned async-std version and feature flags
Locking async-std at 1.13.1 with attributes and unstable features scopes its usage appropriately. Confirm these features are required by downstream crates and that removing the workspace-relative dependency does not break any examples or tests.

Cargo.toml (7)

78-78: Approve cfg-if patch upgrade
The cfg-if crate was bumped to 1.0.1 for minor fixes. This is a non-breaking patch release.

80-80: Approve clap minor version bump
Upgraded clap to 4.5.40. Ensure CLI parsing tests pass and no behavioral changes occurred in argument handling.

126-129: Validate OpenTelemetry crate updates
opentelemetry, opentelemetry-otlp, opentelemetry_sdk, and tracing-opentelemetry were updated to 0.30.x/0.31.x. Run end-to-end tracing scenarios to confirm exporter compatibility and trace propagation remain intact.

132-132: Approve petgraph patch update
petgraph was bumped to 0.8.2 with the serde-1 feature. This is a patch release; existing graph usages should remain unchanged.

140-140: Approve reqwest patch update
Bumped reqwest to 0.12.20. Verify HTTP client behavior and JSON handling remain stable.

145-149: Confirm sea-orm formatting change
The sea-orm declaration remains at 1.1.12 with the same features; only formatting was adjusted. No functional impact is expected.

155-155: Approve sea-query bump
Upgraded sea-query to 0.32.6. This patch release should not introduce breaking API changes.

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share
🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Explain this complex logic.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai explain this code block.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and explain its main purpose.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai generate docstrings to generate docstrings for this PR.
  • @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

@github-actions github-actions bot added dependencies Pull requests that update a dependency file crate:hoprd-api labels Jun 10, 2025
@Teebor-Choka Teebor-Choka force-pushed the kauki/deps/update-20250610 branch from 1cfc0ad to 7ff35b9 Compare June 10, 2025 19:56
@Teebor-Choka Teebor-Choka marked this pull request as ready for review June 10, 2025 19:56
@Copilot Copilot AI review requested due to automatic review settings June 10, 2025 19:56
@Teebor-Choka Teebor-Choka enabled auto-merge (squash) June 10, 2025 19:59
Copilot
Copilot AI reviewed Jun 10, 2025
View reviewed changes
Copy link
Contributor

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot encountered an error and was unable to review this pull request. You can try again by re-requesting a review.

@Teebor-Choka Teebor-Choka changed the title Update dependencies (20250610) chore: Update dependencies (20250610) Jun 11, 2025
@Teebor-Choka Teebor-Choka changed the title chore: Update dependencies (20250610) chore(ci): Update dependencies (20250610) Jun 11, 2025
@Teebor-Choka Teebor-Choka changed the title chore(ci): Update dependencies (20250610) chore(deps): Update dependencies (20250610) Jun 11, 2025
@Teebor-Choka Teebor-Choka disabled auto-merge June 11, 2025 13:32
@Teebor-Choka Teebor-Choka merged commit bda2ef1 into master Jun 11, 2025
72 of 76 checks passed
@Teebor-Choka Teebor-Choka deleted the kauki/deps/update-20250610 branch June 11, 2025 13:32
@coderabbitai coderabbitai bot mentioned this pull request Jul 27, 2025
Merged
@coderabbitai coderabbitai bot mentioned this pull request Sep 3, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

Copilot code review Copilot Copilot left review comments

@NumberFour8 NumberFour8 NumberFour8 approved these changes

Assignees

@Teebor-Choka Teebor-Choka

Labels
crate:hoprd-api dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
3.0.0
Development

Successfully merging this pull request may close these issues.
2 participants
@Teebor-Choka @NumberFour8