Conversation
Version bumps: - aptos-sdk: 0.3.0 -> 0.4.0 - aptos-sdk-macros: 0.1.0 -> 0.2.0 aptos-sdk 0.4.0 changelog highlights: - Security: Comprehensive audit remediating 21 findings, low-S ECDSA enforcement, hardened keyless JWT verification - Changed: reqwest v0.13, hex -> const-hex, removed async-trait - Performance: Reduced allocations and lock overhead in hot paths - Fixed: Rustdoc warnings, clippy warnings aptos-sdk-macros 0.2.0 changelog highlights: - Security: Non-bypassable path traversal check, identifier validation - Changed: Generated code uses const-hex instead of hex Co-authored-by: Greg Nazario <greg@gnazar.io>
|
Cursor Agent can help with this pull request. Just |
There was a problem hiding this comment.
Pull request overview
Prepares the repository for an SDK release by bumping crate versions and updating changelogs to document the aptos-sdk v0.4.0 and aptos-sdk-macros v0.2.0 release contents (security fixes, dependency updates, and breaking changes).
Changes:
- Bumped
aptos-sdkcrate version to0.4.0and updated its changelog with release notes and a release link. - Bumped
aptos-sdk-macroscrate version to0.2.0, updated workspace dependency version, and added a new changelog for the macros crate. - Updated
Cargo.lockto reflect the new crate versions.
Reviewed changes
Copilot reviewed 5 out of 6 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| crates/aptos-sdk/Cargo.toml | Bumps aptos-sdk version to 0.4.0 for release. |
| crates/aptos-sdk/CHANGELOG.md | Adds 0.4.0 release notes and a release link reference. |
| crates/aptos-sdk-macros/Cargo.toml | Bumps aptos-sdk-macros version to 0.2.0 for release. |
| crates/aptos-sdk-macros/CHANGELOG.md | Introduces changelog documenting 0.2.0 security and breaking changes. |
| Cargo.toml | Updates workspace dependency version for aptos-sdk-macros to 0.2.0. |
| Cargo.lock | Updates locked versions for aptos-sdk/aptos-sdk-macros. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
- Remove incorrect claim that futures dependency was removed (it is still used) - Fix 0.1.0 release link to use sdk-v0.1.0 tag prefix matching the release workflow convention Co-authored-by: Greg Nazario <greg@gnazar.io>
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 5 out of 6 changed files in this pull request and generated 1 comment.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
cargo publish rejects path-only workspace dependencies (including dev-deps), so aptos-sdk-macros publishing would fail. Adding version = "0.4.0" alongside the path ensures crates.io resolution works correctly. Co-authored-by: Greg Nazario <greg@gnazar.io>
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 5 out of 6 changed files in this pull request and generated 3 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
|
||
| [0.1.0]: https://github.com/aptos-labs/aptos-rust-sdk/releases/tag/v0.1.0 | ||
| [0.4.0]: https://github.com/aptos-labs/aptos-rust-sdk/releases/tag/sdk-v0.4.0 | ||
| [0.1.0]: https://github.com/aptos-labs/aptos-rust-sdk/releases/tag/sdk-v0.1.0 |
There was a problem hiding this comment.
The changelog link format for version 0.1.0 has been changed from "v0.1.0" to "sdk-v0.1.0". Ensure that this GitHub release tag actually exists or will be created with this exact format, otherwise the link will be broken.
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Bumps
aptos-sdkto v0.4.0 andaptos-sdk-macrosto v0.2.0, updating changelogs to reflect security fixes, dependency upgrades, and breaking changes for release.The
aptos-sdkv0.4.0 release includes comprehensive security audit remediations, ECDSA signature hardening, and migration fromhextoconst-hex.aptos-sdk-macrosv0.2.0 introduces breaking changes in generated code to align withconst-hexand adds security hardening for path traversal and identifier validation.