chore(deps): bump comrak from 0.39.0 to 0.45.0 in /backend by dependabot[bot] · Pull Request #184 · atuinsh/desktop

dependabot · 2025-10-27T11:44:22Z

Bumps comrak from 0.39.0 to 0.45.0.

Release notes

v0.45.0

Welcome to v0.45.0! This is a big update, much of them part of from rc.1 from last week. More context on the size of the update in the changelog there.

The biggest library user-facing changes are ergonomic: Node<'a> instead of &'a AstNode<'a>, is nice, and so likewise node.data() instead of node.data.borrow(). They're small, but I appreciate them a lot in my own work.

You'll also notice more bovine creatures in the Comrak pasture: there's a few Cow<str> instead of String, such as in NodeValue::Text. At most an extra .into() will be required; take note if you use any 'static str, as they'll no longer need to be heap-allocated. Some Boxes have been added, too, to reduce the size of every NodeValue. Let the types guide you.

Other than this, the options have been put in their own module (comrak::options), and a lot of things generally cleaned up. Read below for all the deets! Here's the final performance comparison to v0.44.0 on aarch64:
Benchmark 1: ./bench.sh ./comrak-0.44.0
  Time (mean ± σ):      88.1 ms ±   1.9 ms    [User: 71.2 ms, System: 17.8 ms]
  Range (min … max):    86.2 ms …  93.2 ms    31 runs
Benchmark 2: ./bench.sh ./comrak-0.45.0
Time (mean ± σ):      67.0 ms ±   1.2 ms    [User: 51.2 ms, System: 17.0 ms]
Range (min … max):    65.2 ms …  70.0 ms    42 runs
Summary
./bench.sh ./comrak-0.45.0 ran
1.32 ± 0.04 times faster than ./bench.sh ./comrak-0.44.0
Be well!

Parser changes:

Runs of more than two ~ are no longer recognised as valid delimiters, meaning they will not prevent strikethrough recognition when they occur within correct delimiters. See the PR for discussion. (by @miketheman in kivikakk/comrak#635)

This does not impact spec compatibility, matches cmark-gfm, and follows the intent of the original implementation and implementor (hi!).

Changed APIs:

r#unsafe is used instead of unsafe_. (by @kivikakk in kivikakk/comrak#640)

--gemojis is renamed to --gemoji. (by @kivikakk in kivikakk/comrak#641)

NodeValue::Text now contains a Cow<'static, str> instead of a String. This is a pretty major change, but means we can now create text nodes with static content without duplicating the string on the heap. This particularly benefits smart quotes and HTML entity resolution. (by @kivikakk in kivikakk/comrak#627)

Adapting to this change usually means nothing on the read-only side (you can use it as a &str without issues); to write in-place, use .to_mut() on the Cow to get a &mut String. To assign, use .into() on a &str or String, like NodeValue::Text("moo".into()).

NodeValue::text() now returns a &str. It used to return a &String (!).

NodeValue::text_mut() now returns a &mut Cow<'static, str>, instead of a &mut String. This permits writing a borrowed reference.

I am experimenting with parameterising the lifetime on the Cow; it'd be amazing to refer continuously to the input where possible.

NodeValue's CodeBlock, Table, Link, Image, ShortCode and Alert variants' payloads are now boxed. (by @kivikakk in kivikakk/comrak#632)

Adapting to this change usually means adding a Box::new call when constructing these nodes, and on matches, pulling the box out and then just dereferencing it directly (e.g. NodeValue::Table(nt) => &nt.alignments instead of NodeValue::Table(NodeTable { ref alignments }).

These payloads were larger than average, increasing the size of every node considerably. The changes reduce an Ast to 128 bytes, and a full AstNode<'_> to 176 bytes.

This produces a performance sweet spot: boxing the whole NodeValue results in worse performance than doing nothing at all. This change appreciably improves matters.

We now assert the size of a node during build to ensure future payload changes don't increase the total size of an Ast.

Options now live in comrak::options. Structs have been renamed to remove Options from their name: comrak::RenderOptions is now comrak::options::Render, etc. The old names are marked deprecated. (@kivikakk in kivikakk/comrak#636)

Traits cannot be aliased yet :( URLRewriter and BrokenLinkCallback have been moved, without a deprecation period.

SyntaxHighlighterAdapter's attributes arguments now take HashMap<&'static str, Cow<'s, str>>; they used to take HashMap<String, String>. (by @kivikakk in kivikakk/comrak#633)

html::write_opening_tag can now take different AsRef<str> types for the attribute key and value.

parse_document_with_broken_link_callback has been removed! This entrypoint has been deprecated since 0.25.0. (by @kivikakk in kivikakk/comrak#623)

options.render.ignore_setext was moved to options.parse.ignore_setext, as its effect takes place only in the parse stage. (by @kivikakk in kivikakk/comrak#623)

... (truncated)

Changelog

Sourced from comrak's changelog.

[v0.45.0] - 2025-10-23

Welcome to v0.45.0! This is a big update, much of them part of from rc.1 from last week. More context on the size of the update in the changelog there.

The biggest library user-facing changes are ergonomic: Node<'a> instead of &'a AstNode<'a>, is nice, and so likewise node.data() instead of node.data.borrow(). They're small, but I appreciate them a lot in my own work.

You'll also notice more bovine creatures in the Comrak pasture: there's a few Cow<str> instead of String, such as in NodeValue::Text. At most an extra .into() will be required; take note if you use any 'static str, as they'll no longer need to be heap-allocated. Some Boxes have been added, too, to reduce the size of every NodeValue. Let the types guide you.

Other than this, the options have been put in their own module (comrak::options), and a lot of things generally cleaned up. Read below for all the deets! Here's the final performance comparison to v0.44.0 on aarch64:
Benchmark 1: ./bench.sh ./comrak-0.44.0
  Time (mean ± σ):      88.1 ms ±   1.9 ms    [User: 71.2 ms, System: 17.8 ms]
  Range (min … max):    86.2 ms …  93.2 ms    31 runs
Benchmark 2: ./bench.sh ./comrak-0.45.0
Time (mean ± σ):      67.0 ms ±   1.2 ms    [User: 51.2 ms, System: 17.0 ms]
Range (min … max):    65.2 ms …  70.0 ms    42 runs
Summary
./bench.sh ./comrak-0.45.0 ran
1.32 ± 0.04 times faster than ./bench.sh ./comrak-0.44.0
Be well!

Parser changes:

Runs of more than two ~ are no longer recognised as valid delimiters, meaning they will not prevent strikethrough recognition when they occur within correct delimiters. See the PR for discussion. (by @miketheman in kivikakk/comrak#635)

This does not impact spec compatibility, matches cmark-gfm, and follows the intent of the original implementation and implementor (hi!).

Changed APIs:

r#unsafe is used instead of unsafe_. (by @kivikakk in kivikakk/comrak#640)

--gemojis is renamed to --gemoji. (by @kivikakk in kivikakk/comrak#641)

NodeValue::Text now contains a Cow<'static, str> instead of a String. This is a pretty major change, but means we can now create text nodes with static content without duplicating the string on the heap. This particularly benefits smart quotes and HTML entity resolution. (by @kivikakk in kivikakk/comrak#627)

Adapting to this change usually means nothing on the read-only side (you can use it as a &str without issues); to write in-place, use .to_mut() on the Cow to get a &mut String. To assign, use .into() on a &str or String, like NodeValue::Text("moo".into()).

NodeValue::text() now returns a &str. It used to return a &String (!).

NodeValue::text_mut() now returns a &mut Cow<'static, str>, instead of a &mut String. This permits writing a borrowed reference.

I am experimenting with parameterising the lifetime on the Cow; it'd be amazing to refer continuously to the input where possible.

NodeValue's CodeBlock, Table, Link, Image, ShortCode and Alert variants' payloads are now boxed. (by @kivikakk in kivikakk/comrak#632)

Adapting to this change usually means adding a Box::new call when constructing these nodes, and on matches, pulling the box out and then just dereferencing it directly (e.g. NodeValue::Table(nt) => &nt.alignments instead of NodeValue::Table(NodeTable { ref alignments }).

These payloads were larger than average, increasing the size of every node considerably. The changes reduce an Ast to 128 bytes, and a full AstNode<'_> to 176 bytes.

This produces a performance sweet spot: boxing the whole NodeValue results in worse performance than doing nothing at all. This change appreciably improves matters.

We now assert the size of a node during build to ensure future payload changes don't increase the total size of an Ast.

Options now live in comrak::options. Structs have been renamed to remove Options from their name: comrak::RenderOptions is now comrak::options::Render, etc. The old names are marked deprecated. (@kivikakk in kivikakk/comrak#636)

Traits cannot be aliased yet :( URLRewriter and BrokenLinkCallback have been moved, without a deprecation period.

SyntaxHighlighterAdapter's attributes arguments now take HashMap<&'static str, Cow<'s, str>>; they used to take HashMap<String, String>. (by @kivikakk in kivikakk/comrak#633)

html::write_opening_tag can now take different AsRef<str> types for the attribute key and value.

parse_document_with_broken_link_callback has been removed! This entrypoint has been deprecated since 0.25.0. (by @kivikakk in kivikakk/comrak#623)

... (truncated)

Commits

fdb17fc Merge pull request #645 from kivikakk/release/v0.45.0
ed71669 CHANGELOG.md: finish 0.45.0.
ea897a3 CHANGELOG.md: add generated portion.
623ca6c Cargo.toml: v0.45.0.
7d8c2ef refactor.
adafaa1 Merge pull request #644 from kivikakk/push-uqpuzrsoptql
d9d0f81 clean up a little more.
a8698d5 Merge pull request #643 from kivikakk/push-pmwrmnmrspym
2b48d2e whoops! uncomment const.
9f12a78 flake.nix: modernise, add wasm32-unknown-unknown.
Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

Bumps [comrak](https://github.com/kivikakk/comrak) from 0.39.0 to 0.45.0. - [Release notes](https://github.com/kivikakk/comrak/releases) - [Changelog](https://github.com/kivikakk/comrak/blob/main/CHANGELOG.md) - [Commits](kivikakk/comrak@v0.39.0...v0.45.0) --- updated-dependencies: - dependency-name: comrak dependency-version: 0.45.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

greptile-apps

Greptile Overview

Greptile Summary

Dependency update for comrak from 0.39.0 to 0.45.0. This is a significant version jump (6 minor versions) with substantial breaking API changes documented in the comrak release notes, including:

NodeValue::Text now uses Cow<'static, str> instead of String
Options module reorganized to comrak::options
Several NodeValue variants now boxed
SyntaxHighlighterAdapter signature changes

Key Finding: comrak is declared as a direct dependency in Cargo.toml but appears to be unused in the codebase - no imports or usage found in any Rust source files.

Recommendation: Consider removing this dependency entirely if it's not being used. If it's intended for future use, the current update should be safe since there's no existing code to break.

Important Files Changed

File Analysis

Filename	Score	Overview
backend/Cargo.toml	5/5	Updated comrak dependency from 0.39.0 to 0.45.0 - version bump only
backend/Cargo.lock	5/5	Lock file updated with comrak 0.45.0 and its new transitive dependencies (emojis, fmt2io, jetscii), removed unused dependencies (deunicode, slug)

_{1 file reviewed, no comments}

_{Edit Code Review Agent Settings | Greptile}

dependabot · 2025-11-19T20:40:03Z