Update stellar-strkey to 0.0.18#1913
Open
leighmcculloch wants to merge 4 commits into
Open
Conversation
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01XiSfu2MM5xbdGjxj7oXys8
0.0.18 includes the strkey CLI fix (accept owned variant keys for Decoded<Strkey>). It is not yet on crates.io, so temporarily patch stellar-strkey to the release/v0.0.18 branch to validate ahead of the release. Remove the patch once 0.0.18 is published.
leighmcculloch
changed the title
0.0.18 is now published to crates.io, so drop the temporary [patch.crates-io] that pointed stellar-strkey at the release/v0.0.18 git branch (and the matching stellar-cli deny.toml allow-git entry). The dependency now resolves from crates.io.
Contributor
There was a problem hiding this comment.
Pull request overview
Bumps the workspace stellar-strkey dependency to the latest 0.0.18 release line (Protocol 28 track) and refreshes lockfiles to capture the resulting transitive dependency updates (including heapless 0.9.x, crate-git-revision 0.0.9, and zeroize).
Changes:
- Update workspace dependency pin for
stellar-strkeyfrom=0.0.16to=0.0.18. - Regenerate the root
Cargo.lockto reflect updated transitive dependencies. - Regenerate the fuzz sub-workspace lockfile (
tests/fuzz/fuzz/Cargo.lock) to keep it in sync.
Reviewed changes
Copilot reviewed 1 out of 3 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| Cargo.toml | Pins workspace stellar-strkey to =0.0.18. |
| Cargo.lock | Updates resolved dependency graph for the workspace (incl. heapless 0.9.3, crate-git-revision 0.0.9, zeroize). |
| tests/fuzz/fuzz/Cargo.lock | Mirrors the lockfile updates for the fuzz workspace. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What
Bump the workspace
stellar-strkeydependency from=0.0.16to=0.0.18and updateCargo.lock(and the fuzztests/fuzz/fuzz/Cargo.lock) accordingly. The transitivestellar-strkey 0.0.13brought in via publishedstellar-xdr 27.0.0is unaffected and remains. The lockfile update also pulls in the transitive dependency changes required by 0.0.17+ (heapless0.8.0 to 0.9.3,crate-git-revision, andzeroize).Why
This adopts the latest
stellar-strkeyrelease, which targets the stellar-strkey release line for protocol 28.cargo check -p soroban-sdkcompiles cleanly against 0.0.18 with no API changes required.This supersedes the earlier 0.0.17 bump: 0.0.17 contained a CLI bug (
Decoded<Strkey>rejected owned JSON keys, breakingstrkey encode), fixed in 0.0.18 by stellar/rs-stellar-strkey#125.Known limitations
N/A
Protocol 28 coordination
This is one of a coordinated set of PRs bumping
stellar-strkeyto 0.0.18 across the Protocol 28 component stack. It is preferred that all Protocol 28 releases of these components depend on the same version ofstellar-strkey:stellar-strkey0.0.18 raises the minimum supported Rust version to 1.87 and updates/adds transitive dependencies (heapless0.9,zeroize), so MSRV and supply-chain policy (cargo-deny / cackle) updates may be required in some repositories before CI is green.