rust/checksum(deps): bump uuid from 1.18.1 to 1.19.0 in /tools/checksum_updater #243
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
dependabot
bot
added
automated
dependabot
bot
force-pushed
the
dependabot/cargo/tools/checksum_updater/uuid-1.19.0
branch
from
1b4d42e to
1cb6a54
Compare
Contributor
|
@dependabot rebase |
Bumps [uuid](https://github.com/uuid-rs/uuid) from 1.18.1 to 1.19.0. - [Release notes](https://github.com/uuid-rs/uuid/releases) - [Commits](uuid-rs/uuid@v1.18.1...v1.19.0) --- updated-dependencies: - dependency-name: uuid dependency-version: 1.19.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
force-pushed
the
dependabot/cargo/tools/checksum_updater/uuid-1.19.0
branch
from
1cb6a54 to
236a807
Compare
avrabe
added a commit
that referenced
this pull request
Jan 1, 2026
Bug Fixes: - format_tool_for_bzl now includes extra fields (binary_path, npm_path) from PlatformInfo in generated registry.bzl - Fixed jco toolchain "key binary_path not found" error - Added LTS version filtering for Node.js (even major versions only) - Fixed JSON validation tests for special platforms (wasm_component, universal) - Fixed validation to allow empty SHA256 (npm packages) and placeholders - Fixed version validation to allow non-semver formats (e.g., "29" for wasi-sdk) Dependency Updates (from dependabot PRs): - reqwest: 0.12 → 0.13 - wit-bindgen: 0.49.0 → 0.50.0 - tempfile: 3.23 → 3.24 - uuid: 1.18 → 1.19 - serde_json: 1.0.145 → 1.0.148 - tracing: 0.1.43 → 0.1.44 Tool Updates: - TinyGo: 0.38.0 → 0.40.1 (all 5 platforms) Closes: #285 #286 #283 #281 #276 #274 #270 #269 #243 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
4 tasks
avrabe
added a commit
that referenced
this pull request
Jan 4, 2026
…#249) (#287) * feat: implement unified tool registry for toolchain downloads (#249) Consolidates duplicate download logic across toolchains into single API: - tool_registry.detect_platform() - single platform detection - tool_registry.download() - unified download with checksum verification - Centralizes URL patterns for all tools Migrated toolchains: - wasmtime_toolchain.bzl: 180→97 lines (46% reduction) - wkg_toolchain.bzl: 241→159 lines (34% reduction) Total: ~165 lines of duplicate code eliminated 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix(checksum-updater): add GitHub token authentication for API requests The checksum updater was failing with "Failed to get latest release for wasm-tools" because it was hitting GitHub's unauthenticated rate limit (60 requests/hour). This fix adds automatic GITHUB_TOKEN authentication: - GitHubClient now reads GITHUB_TOKEN from environment automatically - Authenticated requests get 5,000 requests/hour (vs 60 unauthenticated) - All GitHub API methods now use authenticated requests - Added with_token() constructor for explicit token passing - Applied same fix to both native and WASM versions Fixes #284 * fix: propagate tags attribute through rust_wasm_component macro The macro was filtering out tags from kwargs but not passing them to internal targets (_wasm_rust_shared_library, _rust_wasm_component_rule, alias, filegroup). This caused targets with tags=['manual'] to have intermediate targets without the manual tag, which would still be built by wildcard patterns. Now all internal targets properly receive the tags attribute, ensuring that manual-tagged components are fully excluded from //... builds. * chore: update tool checksums - wit-bindgen: 0.49.0 → 0.50.0 - nodejs: 20.18.0 → 24.12.0 (LTS Krypton) Using LTS versions only for Node.js to ensure stability. * fix: checksum updater preserves custom fields in registry.bzl Bug Fixes: - format_tool_for_bzl now includes extra fields (binary_path, npm_path) from PlatformInfo in generated registry.bzl - Fixed jco toolchain "key binary_path not found" error - Added LTS version filtering for Node.js (even major versions only) - Fixed JSON validation tests for special platforms (wasm_component, universal) - Fixed validation to allow empty SHA256 (npm packages) and placeholders - Fixed version validation to allow non-semver formats (e.g., "29" for wasi-sdk) Dependency Updates (from dependabot PRs): - reqwest: 0.12 → 0.13 - wit-bindgen: 0.49.0 → 0.50.0 - tempfile: 3.23 → 3.24 - uuid: 1.18 → 1.19 - serde_json: 1.0.145 → 1.0.148 - tracing: 0.1.43 → 0.1.44 Tool Updates: - TinyGo: 0.38.0 → 0.40.1 (all 5 platforms) Closes: #285 #286 #283 #281 #276 #274 #270 #269 #243 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * refactor(#249): migrate wasm-tools and wit-bindgen to unified tool_registry Partial migration toward unified tool registry (Issue #249): - wasm_toolchain.bzl: _download_wasm_tools now uses tool_registry.download() - wasm_toolchain.bzl: _download_wit_bindgen now uses tool_registry.download() - tool_registry.bzl: fixed wac config (is_binary: true for standalone binary) - Removed unused _get_wasm_tools_platform_info helper function Benefits: - ~40 lines of duplicate URL/checksum logic removed - Consistent platform detection via tool_registry.detect_platform() - Foundation for migrating remaining toolchains Note: _download_wac kept with original implementation for now (standalone binary pattern needs more testing in tool_registry). 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat(#249): migrate toolchains to unified tool_registry API - wasm_toolchain.bzl: Migrate wasm-tools, wit-bindgen, and wac downloads to use tool_registry.download() instead of custom download logic - jco_toolchain.bzl: Replace _detect_host_platform with tool_registry.detect_platform (keeps custom nodejs download for enterprise mirror support) - tinygo_toolchain.bzl: Replace _detect_host_platform with tool_registry.detect_platform (keeps custom downloads for Go SDK and Binaryen not in registry) - tool_registry.bzl: Add tool_info to download() return value for custom paths Net reduction of ~46 lines by eliminating duplicate platform detection code. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat(#249): complete platform detection consolidation Migrate remaining toolchains to use tool_registry.detect_platform: - wasm_toolchain.bzl: Remove _detect_host_platform, use tool_registry - wasi_sdk_toolchain.bzl: Remove _detect_host_platform, use tool_registry - cpp_component_toolchain.bzl: Remove _detect_host_platform, use tool_registry - symmetric_wit_bindgen_toolchain.bzl: Remove _detect_host_platform, use tool_registry Only tool_registry.bzl now contains the canonical platform detection logic. Net reduction of ~76 lines of duplicate code. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat(#249): add enterprise air-gap support to tool_registry Add environment variable support for enterprise/air-gap deployments: - BAZEL_WASM_OFFLINE: Use vendored files from third_party/toolchains/ - BAZEL_WASM_VENDOR_DIR: Custom vendor directory (NFS/shared) - BAZEL_WASM_MIRROR: Single mirror URL for all tools Priority order: offline → vendor_dir → mirror → default URL Also adds: - Go SDK checksums (checksums/tools/go.json) for v1.25.3 - Binaryen checksums (checksums/tools/binaryen.json) for v123 - CI test for enterprise mirror/offline support - Updated vendor documentation with new environment variables 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: correct wkg 0.13.0 url_suffix format (binary, not archive) The wkg 0.13.0 release assets are direct binaries, not archives. Fixed checksums/tools/wkg.json and registry.bzl fallback data. * fix: correct TinyGo Linux url_suffix from .tar.xz to .tar.gz TinyGo 0.40.1 uses .tar.gz for all platforms including Linux. The previous .tar.xz extension was causing 404 errors on CI. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: update TinyGo fallback data to use .tar.gz for Linux The fallback data in registry.bzl was out of sync with tinygo.json. Both linux_amd64 and linux_arm64 were using .tar.xz but TinyGo 0.40.1 releases use .tar.gz for all platforms. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: propagate tags to wizer macro aliases The rust_wasm_component_wizer macro creates alias targets for the main name and profile variants, but these aliases were missing the user-specified tags. This meant 'manual' tagged targets were still included in '//...' patterns. Now tags are properly propagated to all alias targets. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: add darwin_amd64 and windows_amd64 platforms to wasm-tools 1.243.0 The checksum updater missed these platforms when updating to 1.243.0. This caused CI failures on Intel Mac (darwin_amd64) runners. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: add darwin_amd64 platform to wac 0.8.1 Intel Mac support was missing from wac 0.8.1 checksums. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: correct wasi-sdk 29 Windows checksum The Windows wasi-sdk-29.0 checksum was incorrect. Updated to the verified checksum from the actual release file. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * refactor!: eliminate fallback data - JSON files are now single source of truth BREAKING CHANGE: Registry API functions now require repository_ctx parameter Previously, checksums/registry.bzl contained ~860 lines of hardcoded fallback checksum data that duplicated the JSON files in checksums/tools/*.json. This meant every JSON update required a manual sync to the fallback data. This change: - Adds repository_ctx parameter to all public API functions (get_tool_info, get_tool_checksum, get_github_repo, get_latest_version, etc.) - Updates all 7 call sites in tool_registry.bzl, secure_download.bzl, and wasm_toolchain.bzl to pass repository_ctx - Deletes 860 lines of hardcoded fallback data - Creates checksums/tools/BUILD.bazel to export JSON files Result: Update a JSON file once → changes take effect everywhere. The checksum_updater tool now directly controls what versions are available. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
Contributor
Author
|
Looks like uuid is up-to-date now, so this is no longer needed. |
dependabot
bot
deleted the
dependabot/cargo/tools/checksum_updater/uuid-1.19.0
branch
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps uuid from 1.18.1 to 1.19.0.
Release notes
Sourced from uuid's releases.
Commits
7527cefMerge pull request #849 from uuid-rs/cargo/v1.19.0d0422faprepare for 1.19.0 releasef9a36e2Merge pull request #848 from paolobarbolini/maintenance029a57eFix most clippy warningse73bb27Upgrade to 2021 editionc597622Merge pull request #843 from paolobarbolini/serde_core-migration9835bd6Switch serde dependency to serde_coreDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)