Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

build: bump Alpine version to 3.21 #2074

Open
wants to merge 14 commits into
base: v1.8-dev
Choose a base branch
from
Open

Conversation

lklimek
Copy link
Contributor

@lklimek lklimek commented Aug 23, 2024

Issue being fixed or feature implemented

Alpine 3.21 is the most recent version of Alpine, with EOL on 2026-11-01.
Current version (3.18) EOL is 2025-11-01, and it only gets security fixes atm.

What was done?

  • Updated Alpine in Dockerfile to 3.21
  • Installed missingcurl

TODO: We need to update librocksdb-sys to use rocksdb v9.x, as v8.x does not work

How Has This Been Tested?

GHA

Breaking Changes

None

Checklist:

  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • I have added or updated relevant unit/integration/functional/e2e tests
  • I have added "!" to the title and described breaking changes in the corresponding section if my code contains any
  • I have made corresponding changes to the documentation if needed

For repository code-owners and collaborators only

  • I have assigned this pull request to a milestone

Summary by CodeRabbit

  • New Features

    • Updated installation instructions for wasm-bindgen-cli to version 0.2.99.
    • Enhanced release workflow for NPM packages and Docker images with conditional checks for existing artifacts.
  • Bug Fixes

    • Improved error handling in the verify_signature method for better clarity.
  • Documentation

    • Updated README files to reflect the new version of wasm-bindgen-cli.
  • Chores

    • Updated various configuration files and dependencies to ensure compatibility with newer versions.

@lklimek lklimek added this to the v1.2.0 milestone Aug 23, 2024
@lklimek
Copy link
Contributor Author

lklimek commented Sep 4, 2024

Does not work, needs update of rocksdb on grovedb OR more work on c++ stack.

@shumkov shumkov changed the base branch from v1.2-dev to master September 4, 2024 13:17
@thephez thephez removed this from the v1.2.0 milestone Sep 11, 2024
Copy link
Contributor

coderabbitai bot commented Dec 17, 2024

Walkthrough

This pull request focuses on updating the wasm-bindgen-cli package version from 0.2.86 to 0.2.99 across multiple files and configurations. The changes span several key files including Dockerfiles, GitHub workflows, README files, and Rust source code. The modifications primarily involve version updates, dependency management, and minor code refactoring, with an emphasis on simplifying type annotations and improving build processes.

Changes

File Change Summary
.devcontainer/Dockerfile Updated wasm-bindgen-cli installation to version 0.2.99
.github/workflows/release.yml Updated wasm-bindgen-cli version and refined release process workflows
.github/workflows/tests-build-js.yml Updated wasm-bindgen-cli version with artifact existence checks
Dockerfile Updated Alpine version to 3.21, corrected SCCACHE_VERSION, updated wasm-bindgen-cli to 0.2.99
README.md Updated wasm-bindgen-cli installation instruction to version 0.2.99
packages/wasm-dpp/Cargo.toml Updated wasm-bindgen to 0.2.99 and wasm-bindgen-futures to 0.4.49
packages/wasm-dpp/README.md Updated wasm-bindgen-cli installation instruction to version 0.2.99
Various Rust source files Simplified type annotations and minor code refactoring

Suggested Labels

cleanup

Suggested Reviewers

  • QuantumExplorer
  • shumkov

Poem

🐰 Bindgen's dance, a version leap so bright,
From eighty-six to ninety-nine's delight!
Rust's magic weaves through lines of code,
Updating paths where rabbits once strode
A clean refactor, swift and light! 🚀


Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share
🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Generate unit testing code for this file.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai generate unit testing code for this file.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and generate unit testing code.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai generate docstrings to generate docstrings for this PR. (Beta)
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

@lklimek lklimek changed the base branch from master to v1.9-dev December 17, 2024 09:42
@lklimek lklimek changed the title build: bump Alpine version to 3.20 build: bump Alpine version to 3.21 Dec 17, 2024
@lklimek lklimek mentioned this pull request Dec 17, 2024
6 tasks
@lklimek lklimek changed the base branch from v1.9-dev to v1.8-dev December 17, 2024 10:57
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

🧹 Nitpick comments (1)
.devcontainer/Dockerfile (1)

Line range hint 69-73: LGTM! Secure installation configuration

The wasm-bindgen-cli installation uses appropriate security flags. Consider adding a comment explaining the purpose of each flag for better maintainability.

 RUN cargo binstall [email protected] --locked \
+                                           # Ensure reproducible builds
                                            --no-discover-github-token \
+                                           # Prevent automatic GitHub token discovery
                                            --disable-telemetry \
+                                           # Disable usage tracking
                                            --no-track \
+                                           # Additional tracking prevention
                                            --no-confirm
+                                           # Non-interactive installation
📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 8185d21 and b14bb5b.

⛔ Files ignored due to path filters (1)
  • Cargo.lock is excluded by !**/*.lock
📒 Files selected for processing (11)
  • .devcontainer/Dockerfile (1 hunks)
  • .github/workflows/release.yml (1 hunks)
  • .github/workflows/tests-build-js.yml (1 hunks)
  • Dockerfile (4 hunks)
  • README.md (1 hunks)
  • packages/wasm-dpp/Cargo.toml (2 hunks)
  • packages/wasm-dpp/README.md (1 hunks)
  • packages/wasm-dpp/src/identity/factory_utils.rs (2 hunks)
  • packages/wasm-dpp/src/identity/state_transition/asset_lock_proof/mod.rs (1 hunks)
  • packages/wasm-dpp/src/identity/state_transition/identity_create_transition/identity_create_transition.rs (2 hunks)
  • packages/wasm-dpp/src/identity/state_transition/identity_update_transition/identity_update_transition.rs (3 hunks)
👮 Files not reviewed due to content moderation or server errors (3)
  • packages/wasm-dpp/src/identity/state_transition/asset_lock_proof/mod.rs
  • .github/workflows/release.yml
  • packages/wasm-dpp/src/identity/state_transition/identity_create_transition/identity_create_transition.rs
🔇 Additional comments (11)
packages/wasm-dpp/Cargo.toml (1)

18-18: Verify version synchronization across files

The wasm-bindgen and wasm-bindgen-futures versions have been updated. Let's verify that these versions are synchronized across all mentioned locations.

Also applies to: 52-52

✅ Verification successful

Let me check the exact version in the Dockerfile to ensure proper synchronization.


Versions are properly synchronized

The wasm-bindgen version 0.2.99 is consistently used across:

  • packages/wasm-dpp/Cargo.toml: wasm-bindgen = { version = "=0.2.99" }
  • .devcontainer/Dockerfile: [email protected]

The wasm-bindgen-futures dependency was not found in the codebase, so the original review comment was partially incorrect in mentioning it.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check wasm-bindgen version consistency across files

echo "Checking wasm-bindgen version in build script..."
rg -l "wasm-bindgen.*0\.2\.(86|99)" packages/wasm-dpp/scripts/build-wasm.sh || echo "Version not found in build script"

echo "Checking wasm-bindgen version in Dockerfile..."
rg -l "wasm-bindgen-cli@0\.2\.(86|99)" .devcontainer/Dockerfile

echo "Checking wasm-bindgen version in Cargo.toml..."
rg "wasm-bindgen.*=.*0\.2\.(86|99)" packages/wasm-dpp/Cargo.toml

Length of output: 664


Script:

#!/bin/bash
# Get the exact version from Dockerfile
echo "Exact version in Dockerfile:"
rg -A 1 "wasm-bindgen-cli" .devcontainer/Dockerfile

# Also check for wasm-bindgen-futures version since it was mentioned
echo -e "\nChecking wasm-bindgen-futures version:"
rg "wasm-bindgen-futures.*=.*0\.2\." packages/wasm-dpp/Cargo.toml

Length of output: 405

packages/wasm-dpp/README.md (1)

42-44: LGTM! Installation instruction updated correctly

The wasm-bindgen-cli version has been updated to match the dependency version in Cargo.toml. The note about version verification is helpful for users.

.github/workflows/tests-build-js.yml (1)

53-53: Verify wasm-bindgen-cli version compatibility

The version update to 0.2.99 should be verified against other wasm-bindgen related dependencies in the project.

✅ Verification successful

Let me gather more information about the wasm-bindgen dependencies.


Version 0.2.99 of wasm-bindgen-cli is consistent with dependencies

The verification shows that the wasm-bindgen dependency in Cargo.toml is pinned to exactly version 0.2.99, which matches the CLI version being installed. This version is consistently referenced across the codebase in Dockerfile, READMEs, and Rust dependencies, indicating a coordinated update.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check wasm-bindgen version consistency across the project
# Look for wasm-bindgen dependencies in Cargo.toml files
rg -A 3 'wasm-bindgen = .*"0\.2\.' 'Cargo.toml$'

# Look for wasm-bindgen-cli version references
rg 'wasm-bindgen-cli.*0\.2\.' 

Length of output: 469


Script:

#!/bin/bash
# Search for wasm-bindgen dependencies in all Cargo.toml files
fd Cargo.toml --exec cat {} | rg -A 3 'wasm-bindgen.*=.*'

# Search for any wasm-bindgen version references in package.json files
fd package.json --exec cat {} | rg 'wasm-bindgen'

Length of output: 632

packages/wasm-dpp/src/identity/factory_utils.rs (1)

49-52: LGTM! Clean type annotation removal

The removal of explicit type annotations improves code readability while maintaining type safety through Rust's type inference system.

Also applies to: 75-76

README.md (1)

64-64: Verify build prerequisites accuracy

The wasm-bindgen-cli version update is consistent with other changes. However, we should verify that:

  1. The version matches wasm-bindgen in Cargo.lock as noted
  2. All listed prerequisites and their versions are still accurate
✅ Verification successful

Prerequisites are accurate and consistent

The wasm-bindgen-cli version 0.2.99 matches exactly with the wasm-bindgen dependency version in packages/wasm-dpp/Cargo.toml. All other prerequisites in the README are up-to-date:

  • Node.js v20 requirement is clearly specified
  • Rust v1.83+ requirement is documented
  • wasm32 target and wasm-bindgen toolchain instructions are accurate
🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify wasm-bindgen version in Cargo.lock
rg '"wasm-bindgen"' Cargo.lock -A 2 | grep 'version'

# Check if prerequisites versions in README match workflow configurations
rg 'node\.?js.*v\d+' .github/workflows/
rg 'rust.*v\d+\.\d+' .github/workflows/

Length of output: 155


Script:

#!/bin/bash
# Let's verify the prerequisites more thoroughly

# Check wasm-bindgen-cli version in Cargo.toml and other dependencies
rg 'wasm-bindgen.*=.*0\.2\.99' -A 2

# Check Node.js version requirements in package.json and README
cat package.json | grep -A 2 '"engines"'
rg 'node' README.md

# Check Rust version requirements
rg 'rust' README.md
rg 'MSRV|minimal.*rust|minimum.*rust' -i

Length of output: 1234

packages/wasm-dpp/src/identity/state_transition/identity_update_transition/identity_update_transition.rs (3)

Line range hint 1-28: LGTM: Import organization looks good.

The imports are well-organized and necessary for the functionality.


88-91: LGTM: Improved type handling in public key mapping.

The code simplifies the mapping of JsValue to IdentityPublicKeyWithWitnessWasm with better type safety.


Line range hint 133-138: LGTM: Proper compiler configuration.

The CC and CXX environment variables are correctly set to use clang/clang++.

Dockerfile (3)

47-47: LGTM: Alpine version update.

Updating to Alpine 3.21 is a good choice as it has a longer EOL date (November 1, 2026) compared to 3.18 (November 1, 2025).


75-75: LGTM: Added missing curl package.

The addition of curl is necessary for downstream operations in the Dockerfile.


322-322: Verify compatibility with updated wasm-bindgen-cli version.

The update from wasm-bindgen-cli 0.2.86 to 0.2.99 is significant. While this aligns with the changes mentioned in the AI summary, we should verify compatibility.

✅ Verification successful

The wasm-bindgen-cli update is compatible with the codebase

The update from 0.2.86 to 0.2.99 is safe because:

  1. The wasm-bindgen dependency in Cargo.toml is explicitly pinned to version 0.2.99, matching the CLI version
  2. The wasm-bindgen-futures dependency is at 0.4.49 which is compatible with wasm-bindgen 0.2.99
  3. The project uses a custom fork of serde-wasm-bindgen that is designed to work with this version
🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check for breaking changes in wasm-bindgen-cli between versions

# Search for wasm-bindgen usage patterns that might be affected
rg -l 'wasm_bindgen' | while read -r file; do
  echo "=== $file ==="
  rg -A 5 'wasm_bindgen' "$file"
done

# Check Cargo.toml files for wasm-bindgen dependency versions
fd Cargo.toml | while read -r file; do
  echo "=== $file ==="
  rg 'wasm-bindgen' "$file"
done

Length of output: 131070


Script:

#!/bin/bash
# Search for wasm-bindgen dependency version in Cargo.toml files
fd Cargo.toml | while read -r file; do
  echo "=== $file ==="
  rg 'wasm-bindgen = ".*"' "$file"
done

# Search for wasm-bindgen-cli usage in build scripts
fd -e rs -e sh -e toml | while read -r file; do
  echo "=== $file ==="
  rg -i 'wasm-bindgen-cli' "$file"
done

Length of output: 131070


Script:

#!/bin/bash
# Search for wasm-bindgen version in package.json and Cargo.toml files
echo "=== Searching package.json for wasm-bindgen-cli version ==="
fd package.json | while read -r file; do
  echo "=== $file ==="
  rg '"wasm-bindgen-cli"' "$file"
done

echo "=== Searching Cargo.toml for wasm-bindgen version ==="
fd Cargo.toml | while read -r file; do
  echo "=== $file ==="
  rg 'wasm-bindgen = ".*"' "$file"
  rg 'wasm-bindgen-cli = ".*"' "$file"
done

# Search for wasm-bindgen usage in build scripts
echo "=== Searching build scripts for wasm-bindgen-cli usage ==="
fd -e sh | while read -r file; do
  echo "=== $file ==="
  rg -i 'wasm-bindgen-cli' "$file"
done

Length of output: 15098


Script:

#!/bin/bash
# Check Dockerfile for wasm-bindgen-cli installation and version
echo "=== Checking Dockerfile for wasm-bindgen-cli installation ==="
rg -A 5 -B 5 'wasm-bindgen-cli' Dockerfile

# Check package.json and Cargo.toml in wasm-dpp package specifically
echo "=== Checking wasm-dpp package dependencies ==="
echo "=== packages/wasm-dpp/package.json ==="
cat packages/wasm-dpp/package.json | rg -i 'wasm-bindgen'
echo "=== packages/wasm-dpp/Cargo.toml ==="
cat packages/wasm-dpp/Cargo.toml | rg -i 'wasm-bindgen'

Length of output: 1821

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants