dependabot[bot]
ef74577f4b
Bump codecov/codecov-action from 6.0.0 to 6.0.1 ( #7979 )
...
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 6.0.0 to 6.0.1.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md )
- [Commits](57e3a136b7...e79a6962e0support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-02 18:12:00 +09:00
Shahar Naveh
14cb5dd874
Remove node24 installation. It's the default now ( #8014 )
...
* Remove node24 installation. It's the default now
* Fix insta tests for llvm-cov
2026-06-02 18:07:32 +09:00
Shahar Naveh
0c9ed36b79
CI: Don't skip windows tests ( #8004 )
2026-06-02 15:42:33 +09:00
Jeong, YunWon
1385c4e472
rename ssl-vendor ( #7989 )
2026-05-28 09:37:44 +03:00
Shahar Naveh
fc637a155d
[META] AI policy ( #7914 )
...
* Add `CONTRIBUTING.md` and link it in the readme
* Add TBD PR template
* Merge `DEVELOPMENT.md` -> `CONTRIBUTING.md`
* Revise `PULL_REQUEST_TEMPLATE.md`
* Have checkboxes
2026-05-28 12:43:43 +09:00
Joshua Megnauth
7d54ba502e
Fix ssl-vendor (OpenSSL) ( #7985 )
...
Closes : #7893
Fix 1:
`foreign-types-shared` needs to match `openssl`'s version. Bumping it is
a SemVer violation because the latest versions of the crate aren't
backwards compatible with older versions.
See: rust-openssl/rust-openssl#2461
Fix 2:
The second fix is to align the `openssl` module with the latest
`host_env` and `ssl` changes.
2026-05-28 12:16:08 +09:00
Joshua Megnauth
30ae48b24b
Support custom rustls providers ( #7657 )
...
* Modularize rustls as work towards providers
`rustls`'s architecture is very clean and trait-driven. There are many
providers for `rustls` including the built-in `aws-lc-rs` and `ring` as
well as backends for `boringssl`, `graviola`, `openssl`, `mbedtls`, etc.
This commit removes the hard dependency on `aws-lc-rs` and adds support
for `ring`. It works towards #7059 as well.
* Clean up rustls features
* Remove ring as an explicit feature
* ssl-rustls is the default and implies aws-lc
* Support custom rustls crypto providers
The new feature, `ssl-rustls-no-provider`, enables custom rustls
providers. By default, `aws-lc-rs` is enabled which matches the old
behavior and keeps backward compatibility.
I wrote a new type that abstracts what we need from crypto providers.
CryptoExt encapsulates the ticketer as well as cipher suites and KX
groups. I wrote fallbacks to help select a reasonable default if a
provider is missing features (they all seem to support the same things
though).
I also wrote an example to show how to actually use custom providers.
* Fix duplicate VERIFY_X509 constants and unused imports in ssl module
Remove duplicate VERIFY_X509_STRICT/VERIFY_X509_PARTIAL_CHAIN definitions
from compat.rs (already defined in _ssl module with #[pyattr]).
Remove unused imports: ClientConnection, ServerConnection.
* no-provider as default
* Fix CI failures: openssl build, wasm target, cargo-shear
- Update openssl.rs to use renamed sock_wait/SockWaitKind and add vm parameter
- Add skip_ssl for wasm32-wasip2 target (aws-lc-sys cannot build for wasm)
- Remove unused workspace dependency aws-lc-rs
- Fix foreign-types-shared version to match openssl's dependency (0.1)
- Restore Cargo.lock from upstream/main
---------
Co-authored-by: Jeong, YunWon <jeong@youknowone.org >
2026-05-28 11:07:09 +09:00
Shahar Naveh
f95b7468f7
Autogen opcodes metadata ( #7983 )
2026-05-27 16:44:58 +09:00
dependabot[bot]
411230a46c
Bump j178/prek-action from 2.0.3 to 2.0.4 ( #7973 )
...
Bumps [j178/prek-action](https://github.com/j178/prek-action ) from 2.0.3 to 2.0.4.
- [Release notes](https://github.com/j178/prek-action/releases )
- [Commits](6ad8027733...bdca6f102fsupport@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-25 21:20:30 +09:00
dependabot[bot]
f4696ea890
Bump peaceiris/actions-gh-pages from 4.0.0 to 4.1.0 ( #7972 )
...
Bumps [peaceiris/actions-gh-pages](https://github.com/peaceiris/actions-gh-pages ) from 4.0.0 to 4.1.0.
- [Release notes](https://github.com/peaceiris/actions-gh-pages/releases )
- [Changelog](https://github.com/peaceiris/actions-gh-pages/blob/main/CHANGELOG.md )
- [Commits](4f9cc6602d...84c30a85c1support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-25 18:40:33 +09:00
dependabot[bot]
0237a1d520
Bump taiki-e/install-action from 2.77.6 to 2.79.1 ( #7971 )
...
Bumps [taiki-e/install-action](https://github.com/taiki-e/install-action ) from 2.77.6 to 2.79.1.
- [Release notes](https://github.com/taiki-e/install-action/releases )
- [Changelog](https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md )
- [Commits](c070f87102...b550161ef8support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-25 18:40:17 +09:00
dependabot[bot]
6bbe24a725
Bump zizmorcore/zizmor-action from 0.5.3 to 0.5.6 ( #7970 )
...
Bumps [zizmorcore/zizmor-action](https://github.com/zizmorcore/zizmor-action ) from 0.5.3 to 0.5.6.
- [Release notes](https://github.com/zizmorcore/zizmor-action/releases )
- [Commits](b1d7e1fb5d...5f14fd08f7support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-25 18:40:02 +09:00
dependabot[bot]
f9e4988cf5
Bump github/gh-aw from 0.73.0 to 0.74.4 ( #7969 )
...
Bumps [github/gh-aw](https://github.com/github/gh-aw ) from 0.73.0 to 0.74.4.
- [Release notes](https://github.com/github/gh-aw/releases )
- [Changelog](https://github.com/github/gh-aw/blob/main/CHANGELOG.md )
- [Commits](4d44d0e898...2c1a237d20support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-25 18:39:43 +09:00
fanninpm
bc3d00e879
Replace ahash with rapidhash ( #7954 )
...
* Add `rapidhash` to list of dependencies
* Use `rapidhash::quality::RandomState` in `codegen` crate
* Use `rapidhash::quality::RandomState` in `stdlib` crate
* Use `rapidhash::quality::RandomState` in `vm` crate
* Remove `ahash` from lists of dependencies
2026-05-25 13:53:54 +09:00
dependabot[bot]
53941295a2
Bump taiki-e/install-action from 2.76.0 to 2.77.6 ( #7919 )
...
Bumps [taiki-e/install-action](https://github.com/taiki-e/install-action ) from 2.76.0 to 2.77.6.
- [Release notes](https://github.com/taiki-e/install-action/releases )
- [Changelog](https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md )
- [Commits](711e1c3275...c070f87102support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-19 13:36:00 +09:00
dependabot[bot]
b902ffdcf8
Bump github/gh-aw from 0.71.3 to 0.73.0 ( #7918 )
...
Bumps [github/gh-aw](https://github.com/github/gh-aw ) from 0.71.3 to 0.73.0.
- [Release notes](https://github.com/github/gh-aw/releases )
- [Changelog](https://github.com/github/gh-aw/blob/main/CHANGELOG.md )
- [Commits](2f2a6f572b...4d44d0e898support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-19 13:34:06 +09:00
dependabot[bot]
9c0557820b
Bump cargo-bins/cargo-binstall from 1.19.0 to 1.19.1 ( #7917 )
...
Bumps [cargo-bins/cargo-binstall](https://github.com/cargo-bins/cargo-binstall ) from 1.19.0 to 1.19.1.
- [Release notes](https://github.com/cargo-bins/cargo-binstall/releases )
- [Changelog](https://github.com/cargo-bins/cargo-binstall/blob/main/release-plz.toml )
- [Commits](4852a15cf0...aaa84a43aesupport@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-19 13:33:57 +09:00
Shahar Naveh
3ed8c91fef
Update test/support to 3.14.5 ( #7896 )
...
* Update `test/support` to 3.14.5
* Adjuat test markers
* Add `test_set` to env polluting tests
2026-05-18 00:23:06 +09:00
Shahar Naveh
ea2a3d9d84
Build workspace cache ( #7889 )
2026-05-17 20:55:33 +09:00
Shahar Naveh
2d8f8ab818
Move cargo doc to a seperate CI job ( #7883 )
2026-05-17 01:58:48 +09:00
dependabot[bot]
0871bc8a2d
Bump taiki-e/install-action from 2.75.22 to 2.76.0 ( #7838 )
2026-05-16 20:00:39 +09:00
Jeong, YunWon
8253253fc7
more hostenv impl ( #7604 )
2026-05-16 19:01:40 +09:00
Bas Schoenmaeckers
4059a032a7
Add basic capi error support ( #7787 )
...
* Add basic capi error support
* Add missing symbols to make tests compile again
* Add `pyerrors` to dictionary
* Return exception in `Py_GetConstantBorrowed`
* Remove `allow(dead_code)`
* Fix windows
* Load stdlib when calling `Py_InitializeEx`
* Debug tests
* Revert "Load stdlib when calling `Py_InitializeEx`"
This reverts commit bccd38e981b2c2f6913f
2026-05-13 23:19:58 +09:00
dependabot[bot]
673db1d71a
Bump cargo-bins/cargo-binstall from 1.18.1 to 1.19.0 ( #7837 )
...
Bumps [cargo-bins/cargo-binstall](https://github.com/cargo-bins/cargo-binstall ) from 1.18.1 to 1.19.0.
- [Release notes](https://github.com/cargo-bins/cargo-binstall/releases )
- [Changelog](https://github.com/cargo-bins/cargo-binstall/blob/main/release-plz.toml )
- [Commits](dc19f1e484...4852a15cf0support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-12 20:49:32 +09:00
dependabot[bot]
3cfb0fe7bc
Bump j178/prek-action from 2.0.2 to 2.0.3 ( #7839 )
...
Bumps [j178/prek-action](https://github.com/j178/prek-action ) from 2.0.2 to 2.0.3.
- [Release notes](https://github.com/j178/prek-action/releases )
- [Commits](cbc2f23eb5...6ad8027733support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-12 20:49:09 +09:00
dependabot[bot]
3bce5566fa
Bump github/gh-aw from 0.71.1 to 0.71.3 ( #7841 )
...
Bumps [github/gh-aw](https://github.com/github/gh-aw ) from 0.71.1 to 0.71.3.
- [Release notes](https://github.com/github/gh-aw/releases )
- [Changelog](https://github.com/github/gh-aw/blob/main/CHANGELOG.md )
- [Commits](f01a9d118a...2f2a6f572bsupport@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-12 20:48:42 +09:00
Shahar Naveh
09c27bb440
Workaround for random windows cache failure ( #7812 )
2026-05-10 00:30:54 +09:00
fanninpm
3b364608d9
Make determine_changes step run on ubuntu-slim ( #7790 )
2026-05-06 20:43:55 +09:00
Shahar Naveh
02a2b19839
Remove unused rust impl for formatting dis output ( #7660 )
...
* Remove unused rust impl for formatting dis output
* remove `examples/dis.rs`
* Added tests
* Update lock
* Try to set snapshot dir
* Remove verbose flag
* Regenerate snapshots after #7711
* Revert "Bump insta from 1.46.3 to 1.47.2 (#7706 )"
This reverts commit e6d9ea6bfe#7706 )"
This reverts commit 693ca8cbe4d7885a81162a9be31e8bb567db885a.
* simplify macro
* trim on function side
* Force insta workspace root
* fix merge
2026-05-05 08:09:35 +00:00
dependabot[bot]
8bd4c5137e
Bump mwilliamson/setup-wabt-action from 3.2.0 to 4.0.0 ( #7778 )
...
Bumps [mwilliamson/setup-wabt-action](https://github.com/mwilliamson/setup-wabt-action ) from 3.2.0 to 4.0.0.
- [Release notes](https://github.com/mwilliamson/setup-wabt-action/releases )
- [Commits](https://github.com/mwilliamson/setup-wabt-action/compare/v3.2.0...427f2fdd70bc4dbc2e53c2eb4f19f66162d71bd2 )
---
updated-dependencies:
- dependency-name: mwilliamson/setup-wabt-action
dependency-version: 4.0.0
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-05 14:24:34 +09:00
Shahar Naveh
dc12bff0f4
Move clippy and cargo-shear to a dedicated job ( #7741 )
2026-05-05 14:24:21 +09:00
dependabot[bot]
e1dd3d43d5
Bump github/gh-aw from 0.68.3 to 0.71.1 ( #7776 )
...
Bumps [github/gh-aw](https://github.com/github/gh-aw ) from 0.68.3 to 0.71.1.
- [Release notes](https://github.com/github/gh-aw/releases )
- [Changelog](https://github.com/github/gh-aw/blob/main/CHANGELOG.md )
- [Commits](ce1794953e...f01a9d118asupport@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-05 14:22:14 +09:00
Shahar Naveh
eb99a8ecf1
Warn on unreachable_pub ( #7762 )
2026-05-04 10:18:24 +09:00
Shahar Naveh
ac3e067230
Only run cargo check when rust code is changed ( #7760 )
...
* Only run `cargo check` when rust code is changed
* Test
* Another test
* Revert "Test"
This reverts commit 1f23cc33f550a51d5e56
2026-05-03 00:15:46 +09:00
dependabot[bot]
8d1c68c9a0
Bump actions/setup-node from 6.3.0 to 6.4.0 ( #7689 )
...
Bumps [actions/setup-node](https://github.com/actions/setup-node ) from 6.3.0 to 6.4.0.
- [Release notes](https://github.com/actions/setup-node/releases )
- [Commits](53b83947a5...48b55a011bsupport@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-02 08:16:15 +09:00
Shahar Naveh
d9fff99718
Pin actions to hash (cron-ci.yaml) ( #7686 )
2026-05-02 08:15:43 +09:00
Shahar Naveh
0f25d145fd
Make updating actions cache synchronous ( #7712 )
2026-05-02 08:15:14 +09:00
Shahar Naveh
7fd0da92d3
Fix libs deps check ( #7732 )
...
* Convert parsing logic to python
* Trigger job. (DROP ME BEFORE MERGE!)
* Missing EOF
* Add found modules to set
* Suggestion by @fanninpm
* Fix missing trailing slash
* Ensure no `.py` at module name
* Strip any file auffix
* Revert "Trigger job. (DROP ME BEFORE MERGE!)"
This reverts commit 8cf9651a24
2026-05-02 08:14:55 +09:00
Shahar Naveh
c027ffc2ba
Pin marocchino/sticky-pull-request-comment action to a hash ( #7751 )
2026-05-01 22:58:35 +09:00
Shahar Naveh
73b5b69bd8
Cargo check features on all os ( #7733 )
...
* Cargo check features on all os
* Adjust cargo conf
* Skip unsupported ssl platforms
* zizmor
* Remove duplicated check
2026-05-01 19:43:43 +09:00
Shahar Naveh
32e16fe7da
Fix possible npm cache poisoning ( #7742 )
...
* Fix possible npm cache poisoning
* fix typo
* fix logic errors
* Use correct output
2026-04-30 23:21:06 +09:00
dependabot[bot]
6c2c8421d7
Bump actions/upload-artifact from 7.0.0 to 7.0.1 ( #7640 )
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 7.0.0 to 7.0.1.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](bbbca2ddaa...043fb46d1asupport@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-30 11:01:47 +09:00
Shahar Naveh
1fa676fd07
Upgrade cspell to v10.0.0 ( #7696 )
...
* Update cspell to `v10.0.0`
* Force node version to be 24
* Ensure node24
* Disable cache
2026-04-27 21:37:55 +09:00
fanninpm
7f8cdddbbf
Add crates/* directories to Dependabot config ( #7687 )
2026-04-27 10:15:14 +09:00
Shahar Naveh
a2afaf0f13
Pin actions version to commit; force runner to use node 24 ( #7685 )
...
* Pin actions version to commit; force runner to use node 24
* Pin more
2026-04-26 12:32:37 +09:00
dependabot[bot]
6ab1f806ba
Bump actions/cache from 5.0.4 to 5.0.5 ( #7649 )
...
Bumps [actions/cache](https://github.com/actions/cache ) from 5.0.4 to 5.0.5.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](668228422a...27d5ce7f10support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-25 21:57:22 +09:00
fanninpm
a5f48eaaa1
Add sha1 to crypto dependency group ( #7679 )
2026-04-25 21:54:01 +09:00
dependabot[bot]
adafaf222b
Bump github/gh-aw from 0.62.5 to 0.68.3 ( #7650 )
...
* Bump github/gh-aw from 0.62.5 to 0.68.3
Bumps [github/gh-aw](https://github.com/github/gh-aw ) from 0.62.5 to 0.68.3.
- [Release notes](https://github.com/github/gh-aw/releases )
- [Changelog](https://github.com/github/gh-aw/blob/main/CHANGELOG.md )
- [Commits](48d8fdfddc...ce1794953esupport@github.com >
* Fix actionlint SC2129: use single group redirect block in upgrade-pylib.lock.yml
Agent-Logs-Url: https://github.com/RustPython/RustPython/sessions/73a3a050-ff0b-45ad-b5fd-fcadec36239a
Co-authored-by: youknowone <69878+youknowone@users.noreply.github.com >
---------
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com >
Co-authored-by: youknowone <69878+youknowone@users.noreply.github.com >
2026-04-25 05:17:05 +09:00
dependabot[bot]
3f8a0b12eb
Bump actions/github-script from 8.0.0 to 9.0.0 ( #7661 )
...
* Bump actions/github-script from 8.0.0 to 9.0.0
Bumps [actions/github-script](https://github.com/actions/github-script ) from 8.0.0 to 9.0.0.
- [Release notes](https://github.com/actions/github-script/releases )
- [Commits](ed597411d8...3a2844b7e9support@github.com >
* Fix SC2129 shellcheck warning: group consecutive >> redirects into single block
Agent-Logs-Url: https://github.com/RustPython/RustPython/sessions/dab79065-db94-41af-abb3-332d35557b29
Co-authored-by: youknowone <69878+youknowone@users.noreply.github.com >
---------
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com >
Co-authored-by: youknowone <69878+youknowone@users.noreply.github.com >
2026-04-25 05:15:31 +09:00
Changjoon
1ab76d012b
Fix ShellCheck findings in lib-deps-check and update-doc-db workflows ( #7669 )
...
Clear four of the five ShellCheck findings reported in #7653 . The
fifth finding is in upgrade-pylib.lock.yml — a gh-aw-generated file
marked "DO NOT EDIT" whose source .md does not contain the flagged
pattern — and is out of scope here; it will resolve via the in-flight
gh-aw version bump (#7650 ).
lib-deps-check.yaml:
* SC2076: replace `=~ " $module "` (quoted regex interpreted
literally) with `== *" $module "*` glob match. Same intent
(literal substring), same semantics across regex metachars.
* SC2086: quote `$GITHUB_OUTPUT` in the output redirect.
update-doc-db.yml:
* SC2129: collapse the eight sequential `echo ... >> $OUTPUT_FILE`
lines (plus one `cat ... >> $OUTPUT_FILE`) into a single grouped
redirect `{ ...; } > "$OUTPUT_FILE"`. Drops the now-redundant
`echo -n '' > $OUTPUT_FILE` truncate.
* SC2016: add `# shellcheck disable=SC2016` above the block; the
backticks in the auto-generated-header comment are literal
Markdown, not command substitution.
Verified locally with shellcheck 0.11.0: both modified blocks
produce no ShellCheck output. Semantic equivalence of the
lib-deps-check change confirmed across six test inputs including
regex metachars and glob-meaningful characters.
2026-04-25 00:06:23 +09:00
