build(deps): bump prost from 0.13.5 to 0.14.3#27
Conversation
Bumps [prost](https://github.com/tokio-rs/prost) from 0.13.5 to 0.14.3. - [Release notes](https://github.com/tokio-rs/prost/releases) - [Changelog](https://github.com/tokio-rs/prost/blob/master/CHANGELOG.md) - [Commits](tokio-rs/prost@v0.13.5...v0.14.3) --- updated-dependencies: - dependency-name: prost dependency-version: 0.14.3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
added
dependencies
📝 WalkthroughWalkthroughThe Estimated code review effort🎯 1 (Trivial) | ⏱️ ~2 minutes 🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@Cargo.toml`:
- Line 27: The Cargo.toml currently mixes prost = "0.14" with tonic = "0.12" and
prost-build = "0.13", causing dual prost versions and prost::Message trait
incompatibility; update the dependent crates so they all target the same prost
0.14 ecosystem by changing tonic → 0.14, prost-build → 0.14, and tonic-build →
0.14 (and keep prost = "0.14"), then run cargo update to refresh Cargo.lock and
ensure only prost 0.14 is resolved so generated types and tonic codecs share the
same prost::Message trait.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro Plus
Run ID: 0ee2e219-d13f-4360-9e9b-a888465e40bd
⛔ Files ignored due to path filters (1)
Cargo.lockis excluded by!**/*.lock,!**/*.lock
📒 Files selected for processing (1)
Cargo.toml
| tonic = { version = "0.12", default-features = false, features = ["prost", "codegen"] } | ||
| tonic-web-wasm-client = "0.6" | ||
| prost = "0.13" | ||
| prost = "0.14" |
There was a problem hiding this comment.
🧩 Analysis chain
🏁 Script executed:
#!/bin/bash
set -euo pipefail
echo "== Locate Cargo.lock =="
fd -HI '^Cargo.lock$' .
echo
echo "== prost/tonic versions resolved in Cargo.lock =="
rg -n 'name = "(prost|prost-build|tonic|tonic-build)"|^version = ' Cargo.lock -A1
echo
echo "== Cargo.toml pinned versions =="
rg -n '^\s*(prost|prost-build|tonic|tonic-build)\s*=' Cargo.tomlRepository: Sentriscloud/sentrix-explorer-v2
Length of output: 28077
Align prost with tonic/prost-build to avoid protobuf trait/version skew
Line 27 upgrades prost to 0.14 alone, but this file still pins tonic = "0.12" (Line 25) and prost-build = "0.13" (Line 63). Cargo.lock shows both prost 0.13.5 and 0.14.3 are resolved—tonic 0.12 depends on prost ≤0.13, forcing a dual-version graph. This breaks prost::Message trait compatibility between generated types and tonic codecs.
Update all related dependencies to the same ecosystem version:
tonicfrom 0.12 → 0.14prost-buildfrom 0.13 → 0.14tonic-buildfrom 0.12 → 0.14
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In `@Cargo.toml` at line 27, The Cargo.toml currently mixes prost = "0.14" with
tonic = "0.12" and prost-build = "0.13", causing dual prost versions and
prost::Message trait incompatibility; update the dependent crates so they all
target the same prost 0.14 ecosystem by changing tonic → 0.14, prost-build →
0.14, and tonic-build → 0.14 (and keep prost = "0.14"), then run cargo update to
refresh Cargo.lock and ensure only prost 0.14 is resolved so generated types and
tonic codecs share the same prost::Message trait.
|
Looks like prost is up-to-date now, so this is no longer needed. |
Bumps prost from 0.13.5 to 0.14.3.
Changelog
Sourced from prost's changelog.
... (truncated)
Commits
fafa97fchore: remove protobuf submodule and leverage cmake for it (#1389)e0643e2release 0.14.35595b61fix: Add backDecodeError::new(#1382)e42dcadBufix: Name::full_name() is correct for empty packages (#1386)107153fbuild(deps): update pulldown-cmark-to-cmark requirement from 21 to 22 (#1384)3fc7003build(deps): bump actions/upload-artifact from 5 to 6 (#1381)33f8721fix some forgotten prost import paths (#1385)efb0755chore: Release version 0.14.2 (#1372)91a093ftest(derive_copy): Allow dead code (#1362)2c22c59build(deps): bump actions/checkout from 5 to 6 (#1370)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)Summary by CodeRabbit