Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: bump rust toolchain to 1.76 and bump dep package versions to fix security issues #1107

Merged
merged 1 commit into from
Mar 5, 2024
Merged

chore: bump rust toolchain to 1.76 and bump dep package versions to fix security issues #1107

merged 1 commit into from
Mar 5, 2024

Conversation

Peefy
Copy link
Contributor

@Peefy Peefy commented Mar 5, 2024

1. Does this PR affect any open issues?(Y/N) and add issue references (e.g. "fix #123", "re #123".):

  • N
  • Y

security issues: https://github.com/kcl-lang/kcl/security/dependabot

chore: bump rust toolchain to 1.76 and bump dep package versions to fix security issues

2. What is the scope of this PR (e.g. component or file name):

  • .github/workflows/**.yml
  • docs/dev_guide/2.quick_start.md
  • kclvm/tools/src/LSP/Cargo.toml
  • kclvm/tools/Cargo.toml
  • kclvm/runtime/Cargo.toml
  • kclvm/api/Cargo.toml
  • kclvm/config/Cargo.toml

3. Provide a description of the PR(e.g. more details, effects, motivations or doc link):

  • Affects user behaviors
  • Contains syntax changes
  • Contains variable changes
  • Contains experimental features
  • Performance regression: Consumes more CPU
  • Performance regression: Consumes more Memory
  • Other

4. Are there any breaking changes?(Y/N) and describe the breaking changes(e.g. more details, motivations or doc link):

  • N
  • Y

5. Are there test cases for these changes?(Y/N) select and add more details, references or doc links:

  • Unit test
  • Integration test
  • Benchmark (add benchmark stats below)
  • Manual test (add detailed scripts or steps below)
  • Other

All unit and grammar test cases

@Peefy
chore: bump rust toolchain to 1.76 and bump dep package versions to f…
8fb3cdb 
…ix security issues

Signed-off-by: peefy <xpf6677@163.com>
@Peefy Peefy added the chore label Mar 5, 2024
@Peefy Peefy added this to the v0.8.0 Release milestone Mar 5, 2024
@Peefy Peefy requested review from zong-zhe and He1pa March 5, 2024 02:15
zong-zhe
zong-zhe approved these changes Mar 5, 2024
View reviewed changes
Copy link
Contributor

@zong-zhe zong-zhe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

He1pa
He1pa approved these changes Mar 5, 2024
View reviewed changes
Copy link
Contributor

@He1pa He1pa left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@coveralls
Copy link
Collaborator

Pull Request Test Coverage Report for Build 8150056122

Warning: This coverage report may be inaccurate.

This pull request's base commit is no longer the HEAD commit of its target branch. This means it includes changes from outside the original pull request, including, potentially, unrelated coverage changes.

Details

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • 55 unchanged lines in 5 files lost coverage.
  • Overall coverage decreased (-0.06%) to 71.865%
Files with Coverage Reduction New Missed Lines %
kclvm/api/src/service/jsonrpc.rs 1 0.0%
kclvm/sema/src/core/scope.rs 3 63.2%
kclvm/config/src/settings.rs 4 78.08%
kclvm/sema/src/core/symbol.rs 9 45.82%
kclvm/runtime/src/manifests/mod.rs 38 2.56%
Totals Coverage Status
Change from base Build 8139200011: -0.06%
Covered Lines: 44513
Relevant Lines: 61940
💛 - Coveralls

@Peefy Peefy merged commit 848478d into kcl-lang:main Mar 5, 2024
7 of 8 checks passed
@Peefy Peefy deleted the bump-toolchain-and-deps-to-fix-security-issue branch March 5, 2024 02:55
@github-actions github-actions bot locked and limited conversation to collaborators Mar 5, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@He1pa He1pa He1pa approved these changes

@zong-zhe zong-zhe zong-zhe approved these changes

Assignees
No one assigned
Labels
chore
Projects
None yet
Milestone
v0.8.0 Release
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@Peefy @coveralls @He1pa @zong-zhe