Skip to content

feat(release): major-bump no-commit crates on direct dependency major bumps#2195

Merged
iunanua merged 8 commits into
mainfrom
igor/versioning/do-not-skip-crates-without-commits
Jul 6, 2026
Merged

feat(release): major-bump no-commit crates on direct dependency major bumps#2195
iunanua merged 8 commits into
mainfrom
igor/versioning/do-not-skip-crates-without-commits

Conversation

@iunanua

@iunanua iunanua commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

What

Release-proposal crates with no commits since their last release are no longer skipped outright. They are now recorded as pending candidates and released as major when a direct libdd-* dependency's major requirement changed since their last tag — using the same audit (major-bumps-level.sh) that already runs for released crates.

Why

When a dependency (e.g. libdd-common) is released major, cargo-release rewrites dependents' Cargo.toml requirements via a chore(release) bot commit. commits-since-release.sh filters those commits out, so the dependent looks "no-commit" → it was continued in Release version bumps → it never reached /tmp/api-changes.json → the major-bump audit (which only read that file) could never propagate the major bump to it.

How

  • Record instead of skip — a no-commit crate is written to a new /tmp/pending-major-only.json with pending_release: "true" (keeping prev_tag, version, path), rather than dropped.
  • Relaxed step-1 "no changes" guard — it no longer cancels when pending candidates exist; the changelog step's own guard remains the final backstop for a truly empty release.
  • Merged audit — the major-bump step audits api-changes.json + pending, seeds the result with already-released crates, then bumps to major (append for pending, update-in-place for released) via one unified path.
  • Minimal CHANGELOG entry — since these crates have no commits for git-cliff, a small entry noting the dependency bump(s) is prepended above the newest section.

Scope notes

  • Uses the existing detection (main-tip manifest vs prev_tag), so it catches already-merged dependency majors not yet propagated — "like the others". In-proposal propagation (a dep majored within the same run) is not handled here, and wasn't before either.
  • The "tag is not the latest" skip is untouched — it only affects crates with commits, and the no-commit check runs first.

Testing

YAML validated; the jq merge/seed/append and awk changelog-prepend logic were unit-tested in isolation. The full workflow requires the CI runner + org tokens and was not run locally.

🤖 Generated with Claude Code

… bumps

Crates with no commits since their last release were skipped entirely in the
release proposal, so the libdd-* major-bump audit (which only read the released
crates) could never propagate a major bump to them. This is a common case: a
dependency's release rewrites dependents' Cargo.toml via a chore(release) bot
commit, which commits-since-release.sh filters out, making the dependent look
"no-commit".

No-commit crates are now recorded as pending candidates and fed into the same
major-bump audit. They are released as major only when a direct libdd-*
dependency's major requirement changed since their last tag; otherwise they stay
skipped as before. A minimal CHANGELOG entry recording the dependency bump is
written since git-cliff has no commits to work with.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@datadog-datadog-prod-us1-2

datadog-datadog-prod-us1-2 Bot commented Jul 3, 2026

Copy link
Copy Markdown

Tests

🎉 All green!

🧪 All tests passed
❄️ No new flaky tests detected

🎯 Code Coverage (details)
Patch Coverage: 100.00%
Overall Coverage: 74.41% (-0.02%)

This comment will be updated automatically if new data arrives.
🔗 Commit SHA: 0a83f67 | Docs | Datadog PR Page | Give us feedback!

@dd-octo-sts

dd-octo-sts Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

Artifact Size Benchmark Report

aarch64-alpine-linux-musl
Artifact Baseline Commit Change
/aarch64-alpine-linux-musl/lib/libdatadog_profiling.a 85.91 MB 85.91 MB 0% (0 B) 👌
/aarch64-alpine-linux-musl/lib/libdatadog_profiling.so 7.88 MB 7.88 MB 0% (0 B) 👌
aarch64-unknown-linux-gnu
Artifact Baseline Commit Change
/aarch64-unknown-linux-gnu/lib/libdatadog_profiling.so 10.61 MB 10.61 MB 0% (0 B) 👌
/aarch64-unknown-linux-gnu/lib/libdatadog_profiling.a 97.11 MB 97.11 MB 0% (0 B) 👌
libdatadog-x64-windows
Artifact Baseline Commit Change
/libdatadog-x64-windows/debug/dynamic/datadog_profiling_ffi.dll 25.46 MB 25.46 MB 0% (0 B) 👌
/libdatadog-x64-windows/debug/dynamic/datadog_profiling_ffi.lib 88.44 KB 88.44 KB 0% (0 B) 👌
/libdatadog-x64-windows/debug/dynamic/datadog_profiling_ffi.pdb 184.60 MB 184.60 MB 0% (0 B) 👌
/libdatadog-x64-windows/debug/static/datadog_profiling_ffi.lib 946.34 MB 946.34 MB 0% (0 B) 👌
/libdatadog-x64-windows/release/dynamic/datadog_profiling_ffi.dll 8.32 MB 8.32 MB 0% (0 B) 👌
/libdatadog-x64-windows/release/dynamic/datadog_profiling_ffi.lib 88.44 KB 88.44 KB 0% (0 B) 👌
/libdatadog-x64-windows/release/dynamic/datadog_profiling_ffi.pdb 24.62 MB 24.62 MB 0% (0 B) 👌
/libdatadog-x64-windows/release/static/datadog_profiling_ffi.lib 49.04 MB 49.04 MB 0% (0 B) 👌
libdatadog-x86-windows
Artifact Baseline Commit Change
/libdatadog-x86-windows/debug/dynamic/datadog_profiling_ffi.dll 22.06 MB 22.06 MB 0% (0 B) 👌
/libdatadog-x86-windows/debug/dynamic/datadog_profiling_ffi.lib 89.82 KB 89.82 KB 0% (0 B) 👌
/libdatadog-x86-windows/debug/dynamic/datadog_profiling_ffi.pdb 188.62 MB 188.62 MB 0% (0 B) 👌
/libdatadog-x86-windows/debug/static/datadog_profiling_ffi.lib 935.31 MB 935.31 MB 0% (0 B) 👌
/libdatadog-x86-windows/release/dynamic/datadog_profiling_ffi.dll 6.43 MB 6.43 MB 0% (0 B) 👌
/libdatadog-x86-windows/release/dynamic/datadog_profiling_ffi.lib 89.82 KB 89.82 KB 0% (0 B) 👌
/libdatadog-x86-windows/release/dynamic/datadog_profiling_ffi.pdb 26.43 MB 26.43 MB 0% (0 B) 👌
/libdatadog-x86-windows/release/static/datadog_profiling_ffi.lib 46.65 MB 46.65 MB 0% (0 B) 👌
x86_64-alpine-linux-musl
Artifact Baseline Commit Change
/x86_64-alpine-linux-musl/lib/libdatadog_profiling.a 76.59 MB 76.59 MB 0% (0 B) 👌
/x86_64-alpine-linux-musl/lib/libdatadog_profiling.so 8.78 MB 8.78 MB 0% (0 B) 👌
x86_64-unknown-linux-gnu
Artifact Baseline Commit Change
/x86_64-unknown-linux-gnu/lib/libdatadog_profiling.a 92.11 MB 92.11 MB 0% (0 B) 👌
/x86_64-unknown-linux-gnu/lib/libdatadog_profiling.so 10.69 MB 10.69 MB 0% (0 B) 👌

iunanua and others added 4 commits July 6, 2026 09:44
The octo-sts trust policy does not allow testing branches to mint a token, so
bypass_standard_checks runs failed at every token use. Now, when bypassing:
- check-membership is skipped entirely (and cargo-release runs when that job is
  skipped, but never when it actually failed);
- git signing config and gh pr create fall back to the default GITHUB_TOKEN;
- the verified commit-headless push is replaced by a plain git push (local,
  unverified SHAs), which is acceptable for testing runs.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
A skipped check-membership (bypass runs) propagates its "skipped" status
transitively through cargo-release to create-pr, which still used the implicit
success() gate and was skipped even though its direct needs succeeded. Gate
create-pr on its direct needs' results instead.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
The default GITHUB_TOKEN used on bypass runs cannot open a PR when the org
disables "Allow GitHub Actions to create and approve pull requests", and testing
branches cannot mint an octo-sts token. Rather than branch on the input, always
attempt gh pr create and, on failure, print a prefilled compare URL and the PR
body to the job summary without failing the job (the branch is already pushed).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
The minimal CHANGELOG entry written for crates released solely due to a direct
dependency major bump used a plain "## <version> - <date>" header, unlike
git-cliff entries which link the version to a compare view. Match git-cliff's
format: "## [<version>](.../compare/<prev_tag>..<new_tag>) - <date>".

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@iunanua iunanua marked this pull request as ready for review July 6, 2026 12:25
@iunanua iunanua requested a review from a team as a code owner July 6, 2026 12:25

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 508322ec84

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

Comment thread .github/workflows/release-proposal-dispatch.yml Outdated
Comment thread .github/workflows/release-proposal-dispatch.yml
Comment thread .github/workflows/release-proposal-dispatch.yml
iunanua and others added 3 commits July 6, 2026 15:31
Wrapping gh pr create in an if turned every failure into a warning, so a
standard run could go green with the release/proposal branches pushed and no PR
(cleanup-on-failure never fires). Keep attempting unconditionally, but only fall
back to printing a manual compare link when bypass_standard_checks is true;
standard runs fail so cleanup and retry behavior stay visible.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
The major-bump audit ran in a worktree checked out at github.sha (current main),
so for a hotfix or older-ref release a pending no-commit crate could be
major-bumped due to a dependency requirement change present on main but not in
the branch being released. Check the audit worktree out at the release ref
(the ephemeral release-branch tip saved in /tmp/release_head_sha) instead; this
is a no-op when the release is cut from main tip.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
cargo-release accepted a skipped check-membership unconditionally. In a
non-bypass run where check-proposal-ongoing fails (an existing release branch is
found), check-membership is skipped because its dependency failed, and that
skipped result wrongly satisfied the condition, defeating the ongoing-release
guard. Require check-proposal-ongoing to have succeeded and only accept a
skipped membership when bypass_standard_checks is true.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@iunanua iunanua merged commit e422056 into main Jul 6, 2026
59 checks passed
@iunanua iunanua deleted the igor/versioning/do-not-skip-crates-without-commits branch July 6, 2026 14:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants