Skip to content

Move dependencies to workspace for compiler-core crate#7874

Merged
youknowone merged 2 commits into
RustPython:mainfrom
fanninpm:move-deps-to-workspace-for-compiler-core
May 15, 2026
Merged

Move dependencies to workspace for compiler-core crate#7874
youknowone merged 2 commits into
RustPython:mainfrom
fanninpm:move-deps-to-workspace-for-compiler-core

Conversation

@fanninpm
Copy link
Copy Markdown
Contributor

@fanninpm fanninpm commented May 15, 2026
edited by coderabbitai Bot
Loading

cc @ShaharNaveh

Summary by CodeRabbit

  • Chores
    • Consolidated internal dependency configuration for improved version management consistency.

Review Change Stack

@coderabbitai
Copy link
Copy Markdown
Contributor

coderabbitai Bot commented May 15, 2026
edited
Loading

📝 Walkthrough

Walkthrough

This PR consolidates the lz4_flex dependency to be managed at the workspace level. Version 0.13 is added to the root Cargo.toml workspace dependencies, and the compiler-core crate is updated to reference it via workspace inheritance instead of pinning the version locally.

Changes

Workspace Dependency Consolidation

Layer / File(s) Summary
Move lz4_flex to workspace-managed dependencies
Cargo.toml, crates/compiler-core/Cargo.toml		 lz4_flex = "0.13" is added to [workspace.dependencies], and crates/compiler-core/Cargo.toml is updated to use { workspace = true } instead of a pinned version.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Possibly related PRs

Suggested reviewers

  • ShaharNaveh

Poem

🐰 In workspaces tidy, where versions align,
One place for each crate to call "this is mine,"
lz4_flex now lives at the root, clean and neat,
No duplication, no mess to delete! ✨

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title directly and accurately summarizes the main change: moving dependencies to the workspace for the compiler-core crate, which is precisely what the changeset accomplishes.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Tip

💬 Introducing Slack Agent: The best way for teams to turn conversations into code.

Slack Agent is built on CodeRabbit's deep understanding of your code, so your team can collaborate across the entire SDLC without losing context.

  • Generate code and open pull requests
  • Plan features and break down work
  • Investigate incidents and troubleshoot customer tickets together
  • Automate recurring tasks and respond to alerts with triggers
  • Summarize progress and report instantly

Built for teams:

  • Shared memory across your entire org—no repeating context
  • Per-thread sandboxes to safely plan and execute work
  • Governance built-in—scoped access, auditability, and budget controls

One agent for your entire SDLC. Right inside Slack.

👉 Get started

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

coderabbitai[bot]
coderabbitai Bot reviewed May 15, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@coderabbitai coderabbitai Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick comments (1)
Cargo.toml (1)

232-232: ⚡ Quick win

Consider upgrading to lz4_flex 0.13.1 (latest patch).

Verification confirms that version 0.13 is secure (recent security advisories affect only versions < 0.11.6 and 0.12.0–0.12.0) and the workspace dependency is correctly referenced in crates/compiler-core/Cargo.toml. Update to 0.13.1 for the latest patch.

🤖 Prompt for AI Agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@Cargo.toml` at line 232, Update the lz4_flex dependency version from "0.13"
to the latest patch "0.13.1" in Cargo.toml; locate the lz4_flex entry (the line
containing lz4_flex = "0.13") and change the version string to "0.13.1" so the
workspace and crates/compiler-core use the patched release.
🤖 Prompt for all review comments with AI agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In `@Cargo.toml`:
- Line 232: Update the lz4_flex dependency version from "0.13" to the latest
patch "0.13.1" in Cargo.toml; locate the lz4_flex entry (the line containing
lz4_flex = "0.13") and change the version string to "0.13.1" so the workspace
and crates/compiler-core use the patched release.
ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yml

Review profile: CHILL

Plan: Pro

Run ID: fd890e3b-b38c-4699-b661-63b9beb4963d

📥 Commits

Reviewing files that changed from the base of the PR and between 11e991f and 7c2ee5a.

📒 Files selected for processing (2)
  • Cargo.toml
  • crates/compiler-core/Cargo.toml

@youknowone youknowone merged commit e467b67 into RustPython:main May 15, 2026
25 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@youknowone youknowone youknowone approved these changes

@ShaharNaveh ShaharNaveh ShaharNaveh approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@fanninpm @youknowone @ShaharNaveh