From c1003e257f075e1678964cad6d75335503721d8a Mon Sep 17 00:00:00 2001 From: Paul O'Fallon Date: Sat, 30 May 2026 13:00:15 +0000 Subject: [PATCH] build: raise MSRV to 1.95 and refresh lockfile to restore the MSRV gate The `MSRV (cargo check)` CI job was failing on `main`: direct and transitive dependencies now require a newer rustc than the declared 1.85 MSRV (e.g. sysinfo 0.39 -> 1.95, testcontainers 0.27 -> 1.88, etcetera 0.11 -> 1.87), and the MSRV-aware resolver can no longer keep Cargo.lock compatible with 1.85 without impractical downgrades. Raise the floor to match reality rather than pin a large set of deps backward: - Cargo.toml: rust-version 1.85 -> 1.95 (edition 2024 still only needs 1.85; the bump is dependency-driven). - .github/workflows/ci.yml: MSRV job toolchain dtolnay/rust-toolchain@1.85 -> @1.95. - Cargo.lock: regenerated under the new MSRV. This is required, not cosmetic: main's locked sysinfo 0.39.2 still fails under a 1.95 toolchain, while the refreshed 0.39.3 passes. Because the lint CI job runs clippy on `stable` (now 1.95), also allow the `clippy::collapsible_if` lint workspace-wide: clippy 1.95 newly raises it on `if cond { if let .. {} }` patterns (suggesting let-chains) in ~60 places. The nested form is intentional for readability; collapsing everywhere is a large, churny rewrite out of scope here. This keeps `cargo clippy -D warnings` green on 1.95 (pre-existing failure on main once runners ship 1.95). Verified locally: cargo +1.95 check --workspace --all-targets --all-features --locked passes; cargo fmt --all -- --check, cargo clippy --all-targets --all-features --locked -- -D warnings, make test-nextest-fast (2161 passed, 0 failed), and cargo deny check all pass. Co-Authored-By: Claude Opus 4.8 --- .github/workflows/ci.yml | 4 +-- CHANGELOG.md | 12 +++++++++ Cargo.lock | 56 ++++++++++++++++++++-------------------- Cargo.toml | 14 ++++++++-- 4 files changed, 54 insertions(+), 32 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index c3db2ce..f3d4283 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -83,8 +83,8 @@ jobs: # Pin to the declared MSRV (rust-version in [workspace.package]). If this # job fails, either fix the offending code or bump rust-version in lockstep. - - name: Install MSRV toolchain (1.85) - uses: dtolnay/rust-toolchain@1.85 + - name: Install MSRV toolchain (1.95) + uses: dtolnay/rust-toolchain@1.95 - name: Cache cargo registry and target uses: actions/cache@v5 diff --git a/CHANGELOG.md b/CHANGELOG.md index a515e53..fd3c47c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,6 +9,18 @@ The 1.0 release is being assembled across a series of PRs tracked in ## [Unreleased] +### Changed + +- Minimum Supported Rust Version (MSRV) raised from 1.85 to **1.95**. Direct and + transitive dependencies (e.g. `sysinfo` 0.39, `testcontainers` 0.27, `etcetera`) + now require a newer rustc than 1.85, and the MSRV-aware resolver could no longer + keep `Cargo.lock` compatible with 1.85 without impractical downgrades. The CI + `MSRV (cargo check)` job now pins `dtolnay/rust-toolchain@1.95`, and `Cargo.lock` + was regenerated. Restores the green MSRV gate (was failing on `main`). Also + allows the `clippy::collapsible_if` lint workspace-wide, which clippy 1.95 + newly raises on `if cond { if let .. {} }` (suggesting let-chains); the nested + form is kept for readability rather than churning ~60 call sites. + ### Added - `cargo-deny` security gate in CI (`.github/workflows/ci.yml` `security` job), running on PR/push plus a daily 07:00 UTC schedule. Policy defined in diff --git a/Cargo.lock b/Cargo.lock index 6a82702..ec077f8 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -417,9 +417,9 @@ dependencies = [ [[package]] name = "cc" -version = "1.2.62" +version = "1.2.63" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a1dce859f0832a7d088c4f1119888ab94ef4b5d6795d1ce05afb7fe159d79f98" +checksum = "556e016178bb5662a08681bbe0f00f8e17631781a4dfc8c45e466e4b185ec27f" dependencies = [ "find-msvc-tools", "jobserver", @@ -826,9 +826,9 @@ dependencies = [ [[package]] name = "displaydoc" -version = "0.2.5" +version = "0.2.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "97369cbbc041bc366949bc74d34658d6cda5621039731c6310521892a3a20ae0" +checksum = "1ac70aa55017e108007fbaf5aa0f54b021c98f92ff8af59d42eda9da96e3dd4f" dependencies = [ "proc-macro2", "quote", @@ -1192,9 +1192,9 @@ dependencies = [ [[package]] name = "http" -version = "1.4.0" +version = "1.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e3ba2a386d7f85a81f119ad7498ebe444d2e22c2af0b86b069416ace48b3311a" +checksum = "8be7462df143984c4598a256ef469b251d7d7f9e271135073e78fc535414f3d0" dependencies = [ "bytes", "itoa", @@ -1237,9 +1237,9 @@ checksum = "df3b46402a9d5adb4c86a0cf463f42e19994e3ee891101b1841f30a545cb49a9" [[package]] name = "hyper" -version = "1.9.0" +version = "1.10.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6299f016b246a94207e63da54dbe807655bf9e00044f73ded42c3ac5305fbcca" +checksum = "55281c53a1894c864990125767da440a4e630446785086f52523b20033b74498" dependencies = [ "atomic-waker", "bytes", @@ -1601,9 +1601,9 @@ checksum = "68ab91017fe16c622486840e4c83c9a37afeff978bd239b5293d61ece587de66" [[package]] name = "libredox" -version = "0.1.16" +version = "0.1.17" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e02f3bb43d335493c96bf3fd3a321600bf6bd07ed34bc64118e9293bdffea46c" +checksum = "f02ab6bace2054fb888a3c16f990117b579d14a3088e472d63c6011fa185c9d3" dependencies = [ "libc", ] @@ -1637,9 +1637,9 @@ dependencies = [ [[package]] name = "log" -version = "0.4.29" +version = "0.4.30" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5e5032e24019045c762d3c0f28f5b6b8bbf38563a65908389bf7978758920897" +checksum = "616ec5685824bcc94416c6d4a7a446eea774a31efd7062c8480ba6fd06d7a6e5" [[package]] name = "lru-slab" @@ -1685,9 +1685,9 @@ checksum = "47e1ffaa40ddd1f3ed91f717a33c8c0ee23fff369e3aa8772b9605cc1d22f4c3" [[package]] name = "memchr" -version = "2.8.0" +version = "2.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f8ca58f447f06ed17d5fc4043ce1b10dd205e060fb3ce5b979b8ed8e59ff3f79" +checksum = "6b947ae49db0d222b1dbc6b113ce7248a3fc3a6ca21b696717bfc000ba4484d8" [[package]] name = "mime" @@ -1707,9 +1707,9 @@ dependencies = [ [[package]] name = "mio" -version = "1.2.0" +version = "1.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "50b7e5b27aa02a74bac8c3f23f448f8d87ff11f92d3aac1a6ed369ee08cc56c1" +checksum = "02bd0af71c67b473010cbbc60715ee815645a4dc942899111f494b4b737d6fda" dependencies = [ "libc", "wasi", @@ -2651,9 +2651,9 @@ checksum = "dc6fe69c597f9c37bfeeeeeb33da3530379845f10be461a66d16d03eca2ded77" [[package]] name = "shlex" -version = "1.3.0" +version = "2.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0fda2ff0d084019ba4d7c6f371c95d8fd75ce3524c3cb8fb653a3023f6323e64" +checksum = "f8fadd59c855ef2080decdef8ff161eb6661b86933c9d82e5ba29dc602a55aba" [[package]] name = "signal-hook-registry" @@ -2685,9 +2685,9 @@ checksum = "67b1b7a3b5fe4f1376887184045fcf45c69e92af734b7aaddc05fb777b6fbd03" [[package]] name = "socket2" -version = "0.6.3" +version = "0.6.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3a766e1110788c36f4fa1c2b71b387a7815aa65f88ce0229841826633d93723e" +checksum = "52d1cfed4120b4d927bf7c0f86d2087a4a7d6027c906d9f9d525a80573b9be51" dependencies = [ "libc", "windows-sys 0.61.2", @@ -2767,9 +2767,9 @@ dependencies = [ [[package]] name = "sysinfo" -version = "0.39.2" +version = "0.39.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "14311e7e9a03114cd4b65eedd54e8fed2945e17f08586ae97ef53bc0669f9581" +checksum = "21d0d938c10fcda3e897e28aaddf4ab462375d411f4378cd63b1c945f69aba96" dependencies = [ "libc", "memchr", @@ -3199,9 +3199,9 @@ checksum = "e421abadd41a4225275504ea4d6566923418b7f05506fbc9c0fe86ba7396114b" [[package]] name = "typenum" -version = "1.20.0" +version = "1.20.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "40ce102ab67701b8526c123c1bab5cbe42d7040ccfd0f64af1a385808d2f43de" +checksum = "b6f5e870be6c3b371b77fe0ee0bafb859fa4964b4404c27de1d380043c4dda20" [[package]] name = "unicode-ident" @@ -3918,18 +3918,18 @@ dependencies = [ [[package]] name = "zerocopy" -version = "0.8.48" +version = "0.8.50" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "eed437bf9d6692032087e337407a86f04cd8d6a16a37199ed57949d415bd68e9" +checksum = "3b065d4f0e55f82fae73202e189638116a87c55ab6b8e6c2721e13dd9d854ad1" dependencies = [ "zerocopy-derive", ] [[package]] name = "zerocopy-derive" -version = "0.8.48" +version = "0.8.50" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "70e3cd084b1788766f53af483dd21f93881ff30d7320490ec3ef7526d203bad4" +checksum = "0b631b19d36a892ab55420c92dbc83ccd79274f25be714855d3074aa71cab639" dependencies = [ "proc-macro2", "quote", diff --git a/Cargo.toml b/Cargo.toml index d59f090..0517758 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -20,8 +20,10 @@ documentation = "https://github.com/get2knowio/deacon" keywords = ["devcontainer", "containers", "docker", "development", "cli"] categories = ["command-line-utilities", "development-tools"] # Minimum Supported Rust Version. Verified in CI by a dedicated job pinned to -# this exact toolchain. edition 2024 requires >= 1.85. -rust-version = "1.85" +# this exact toolchain. edition 2024 requires >= 1.85; raised to 1.95 because +# direct/transitive dependencies (e.g. sysinfo 0.39, testcontainers 0.27) now +# require a newer rustc than 1.85, and pinning them down is no longer practical. +rust-version = "1.95" [workspace.dependencies] # Pin a version alongside the path so cargo-deny does not flag it as a wildcard dep. @@ -61,6 +63,14 @@ temp-env = { version = "0.3.6", features = ["async_closure"] } # still turns any unguarded `unsafe` into a compile error. unsafe_code = "deny" +[workspace.lints.clippy] +# clippy 1.95 expanded `collapsible_if` to also flag `if cond { if let .. {} }` +# and suggest collapsing into a let-chain (`if cond && let .. {}`). The codebase +# deliberately keeps the nested form in many places for readability; adopting +# let-chains everywhere is a large, churny rewrite out of scope for the MSRV +# bump. Allow the lint so `cargo clippy -D warnings` stays green on 1.95. +collapsible_if = "allow" + [profile.dev] # Lighter debug info than the default (2) for faster incremental links. Was # previously a global `-C debuginfo=1` rustflag in .cargo/config.toml, which