Skip to content

Dependencies cleanup #6151

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
youknowone merged 8 commits into from
Sep 17, 2025
Merged

Dependencies cleanup #6151

youknowone merged 8 commits into from
Sep 17, 2025

Conversation

@ShaharNaveh
Copy link
Collaborator

@ShaharNaveh ShaharNaveh commented Sep 15, 2025
edited by coderabbitai bot
Loading

  • removed some unused dependencies
  • update some dependencies
  • be less strict on the version of dependencies

Summary by CodeRabbit

  • Chores

    • Updated many dependencies (minor/patch bumps), added a new base utility dev dependency, and removed/narrowed several workspace/dev/runtime dependencies across platforms.

  • Tests

    • Benchmarking harness updated to use improved Python GIL handling and standard-library benchmarking helpers; observable behavior unchanged.

  • Refactor

    • Dependency and workspace configuration reorganized for clarity; no public API changes.

@coderabbitai
Copy link
Contributor

coderabbitai bot commented Sep 15, 2025
edited
Loading

Walkthrough

Workspace-wide dependency version bumps and additions, several crate Cargo.toml dependency removals/relocations, and benchmark updates replacing pyo3::Python::with_gil with pyo3::Python::attach and using std::hint::black_box; no public API changes.

Changes

Cohort / File(s) Summary of Changes
Workspace dependencies
Cargo.toml		 Bumped many dependency versions (e.g., serde, chrono, indexmap, bitflags, ahash, unicode-*, etc.); added malachite-base = "0.6"; updated dev-dependency pyo3 to "0.26" (features: ["auto-initialize"]).
Benchmarks GIL and black_box
benches/execution.rs, benches/microbenchmarks.rs		 Replaced pyo3::Python::with_gil with pyo3::Python::attach; switched black_box import to std::hint::black_box; benchmark logic otherwise unchanged.
Common crate deps cleanup
common/Cargo.toml		 Removed workspace dependencies: bstr, memchr.
Compiler dev-deps cleanup
compiler/Cargo.toml		 Removed dev-dependency rand.
Compiler core deps/lints tweak
compiler/core/Cargo.toml		 Removed serde dependency entry; adjusted placement of workspace = true relative to [lints]; EOF newline added.
Derive crate deps tweak
derive/Cargo.toml		 Removed proc-macro2 = { workspace = true }; EOF newline added.
Stdlib Windows target deps
stdlib/Cargo.toml		 Removed junction from Windows target dependencies; other Windows workspace deps unchanged.
VM crate deps refactor
vm/Cargo.toml		 Moved nix into [target.'cfg(unix)'.dependencies]; bumped optional flamer to "0.5"; removed memoffset, unicode_names2; removed Windows schannel.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  participant Bench as Benchmark
  participant PyO3 as pyo3
  participant GIL as GIL
  participant VM as Python_VM

  Note over Bench,PyO3: New flow uses Python::attach for GIL scope
  Bench->>PyO3: Python::attach(|py| { ... })
  activate PyO3
  PyO3->>GIL: attach current thread (GIL acquired)
  activate GIL
  GIL->>VM: compile & execute Python code
  VM-->>GIL: result / error
  deactivate GIL
  PyO3-->>Bench: closure returns with result
  deactivate PyO3

  Note over Bench: Measurements use std::hint::black_box for isolation
Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

Suggested reviewers

  • youknowone

Poem

A nibble of deps, a hop through the bench,
I attach to the GIL with a whisker’s clench.
Black boxes hush what numbers reveal—
Versions align, the wheels all wheel.
Tap-tap my paw: cargo says “go!” 🐇✨

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check ✅ Passed The title "Dependencies cleanup" accurately describes the main intent of this changeset, which is focused on dependency version bumps, removals, and minor workspace adjustments (see multiple Cargo.toml edits and added malachite-base). It is short, single-line, and directly related to the diff rather than including unrelated details. Reviewers scanning PR history will understand this is a dependency-maintenance change.
Docstring Coverage ✅ Passed No functions found in the changes. Docstring coverage check skipped.
✨ Finishing touches
🧪 Generate unit tests
  • Create PR with unit tests
  • Post copyable unit tests in a comment
📜 Recent review details

Configuration used: Path: .coderabbit.yml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 5098d80 and 691472c.

⛔ Files ignored due to path filters (1)
  • Cargo.lock is excluded by !**/*.lock
📒 Files selected for processing (1)
  • Cargo.toml (3 hunks)
🚧 Files skipped from review as they are similar to previous changes (1)
  • Cargo.toml
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (10)
  • GitHub Check: Check Rust code with rustfmt and clippy
  • GitHub Check: Check the WASM package and demo
  • GitHub Check: Run snippets and cpython tests on wasm-wasi
  • GitHub Check: Run snippets and cpython tests (windows-2025)
  • GitHub Check: Run snippets and cpython tests (ubuntu-latest)
  • GitHub Check: Run snippets and cpython tests (macos-latest)
  • GitHub Check: Run rust tests (macos-latest)
  • GitHub Check: Run rust tests (ubuntu-latest)
  • GitHub Check: Run rust tests (windows-2025)
  • GitHub Check: Ensure compilation on various targets

Tip

👮 Agentic pre-merge checks are now available in preview!

Pro plan users can now enable pre-merge checks in their settings to enforce checklists before merging PRs.

  • Built-in checks – Quickly apply ready-made checks to enforce title conventions, require pull request descriptions that follow templates, validate linked issues for compliance, and more.
  • Custom agentic checks – Define your own rules using CodeRabbit’s advanced agentic capabilities to enforce organization-specific policies and workflows. For example, you can instruct CodeRabbit’s agent to verify that API documentation is updated whenever API schema files are modified in a PR. Note: Upto 5 custom checks are currently allowed during the preview period. Pricing for this feature will be announced in a few weeks.

Please see the documentation for more information.

Example:

reviews:
  pre_merge_checks:
    custom_checks:
      - name: "Undocumented Breaking Changes"
        mode: "warning"
        instructions: |
          Pass/fail criteria: All breaking changes to public APIs, CLI flags, environment variables, configuration keys, database schemas, or HTTP/GraphQL endpoints must be documented in the "Breaking Change" section of the PR description and in CHANGELOG.md. Exclude purely internal or private changes (e.g., code not exported from package entry points or explicitly marked as internal).

Please share your feedback with us on this Discord post.

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

youknowone
youknowone reviewed Sep 16, 2025
View reviewed changes
Cargo.toml Outdated
bstr = "1"
cfg-if = "1.0"
chrono = "0.4.39"
chrono = "0.4"
Copy link
Member

@youknowone youknowone Sep 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We are using chrono features of later versions. e.g. 0.4.10 is not compatible. This will cause dependency resolver success but build fails.

Copy link
Collaborator Author

@ShaharNaveh ShaharNaveh Sep 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fixed

Copy link
Member

@youknowone youknowone Sep 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How about other libraries? To remove patch version, we have to ensure it is buildable with x.y.0

Copy link
Collaborator Author

@ShaharNaveh ShaharNaveh Sep 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

good point, I'll revert. And will open a PR for base dependentabot config. this should ease the upgrade process

@youknowone youknowone merged commit 141ed72 into RustPython:main Sep 17, 2025
12 checks passed
@coderabbitai coderabbitai bot mentioned this pull request Oct 28, 2025
Merged
@coderabbitai coderabbitai bot mentioned this pull request Nov 14, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@youknowone youknowone youknowone approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ShaharNaveh @youknowone