feat: agents release workflow #7194

paulbalaji · 2025-10-13T16:18:56Z

Description

feat: agents release workflow

the idea is to have a changesets-like experience, where commits to main automatically update an agent release PR. then when we want to do the release, we can simply approve/merge the release PR - which will then trigger the gh tag/release creation on the merge to main. the workflow can also be run manually for easier creation of beta/prelease versions

here's an agents release runbook describing the workflow + release process: https://www.notion.so/hyperlanexyz/Agents-Release-Process-28c6d35200d680fbb82ad663124b1f8e?source=copy_link

Drive-by changes

fix gh tag propagation to agent docker image
use cargo.toml to track versions
format hyperlane-merics cargo toml

Related issues

https://linear.app/hyperlane-xyz/issue/ENG-2446/automate-agents-release-workflow

Backward compatibility

Testing

temporarily adjusted the workflow triggers to get a temp release PR release: agents v1.6.0 #7192
temporarily adjusted publish conditions to trigger a rc tagging https://github.com/hyperlane-xyz/hyperlane-monorepo/actions/runs/18474978538
verified that this triggered an agent image build with the tag correctly propagated through https://github.com/hyperlane-xyz/hyperlane-monorepo/actions/runs/18474661595/job/52636396645#step:4:50

Summary by CodeRabbit

New Features
- Automated release pipeline: computes next semantic version, creates release PRs with workspace and per-workspace changelogs, and publishes tagged GitHub releases with prerelease support and contributor notes.
- Enhanced image tagging: derives and validates semver from tags, emits stable and preview semver image tags appropriately.
- New release utilities: scripts to determine next version, get latest release tag, read/update workspace version, and generate changelogs.
Chores
- Workspace version bumped to 1.5.0.
- Restored workspace dependency resolution flag.

changeset-bot · 2025-10-13T16:19:00Z

⚠️ No Changeset found

Latest commit: 844744d

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

codecov · 2025-10-13T16:20:41Z

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 0.00%. Comparing base (94f15e6) to head (844744d).
⚠️ Report is 2 commits behind head on main.

Additional details and impacted files

@@         Coverage Diff          @@
##           main   #7194   +/-   ##
====================================
  Coverage      0   0.00%           
====================================
  Files         0       1    +1     
  Lines         0      14   +14     
====================================
- Misses        0      14   +14

Components	Coverage Δ
core	`∅ <ø> (∅)`
hooks	`∅ <ø> (∅)`
isms	`∅ <ø> (∅)`
token	`∅ <ø> (∅)`
middlewares	`∅ <ø> (∅)`

🚀 New features to boost your workflow:

❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

.github/workflows/rust-release.yml

coderabbitai · 2025-10-14T12:08:09Z

Warning

Rate limit exceeded

@paulbalaji has exceeded the limit for the number of commits or files that can be reviewed per hour. Please wait 12 minutes and 45 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

📥 Commits

Reviewing files that changed from the base of the PR and between 791b9d4 and 844744d.

📒 Files selected for processing (1)

.github/workflows/rust-release.yml (1 hunks)

📝 Walkthrough

Walkthrough

This change adds a Rust release pipeline: a new GitHub Actions release workflow, enhances Docker tag SEMVER extraction for tag events, bumps workspace version and fixes a workspace dependency flag, and adds CI scripts to compute next versions and generate/update workspace changelogs.

Changes

Cohort / File(s)	Summary
GitHub Actions — Docker workflow `\.github/workflows/rust-docker\.yml`	Enhanced tag-data generation: strip `agents-`/`v`, validate three-part numeric semver, emit `SEMVER` and `IS_STABLE`, and add conditional Docker metadata semver tags for tag events (stable/unstable gating).
GitHub Actions — Release workflow `\.github/workflows/rust-release\.yml`	New "Rust Agent Release" workflow with jobs `check-release-status`, `release-pr`, and `publish`; detects changes, computes next version, generates changelogs, updates workspace version/lockfiles, opens/updates a release PR, and creates Git tags/releases with prerelease handling and contributor notes.
Workspace metadata `rust/main/Cargo.toml`, `rust/main/hyperlane-metric/Cargo.toml`	Bumped `workspace.package.version` from `0.1.0` to `1.5.0`; restored `url.workspace = true` for the `url` dependency.
Release orchestration scripts `rust/scripts/ci/determine-next-version\.sh`, `rust/scripts/ci/generate-workspace-changelog\.sh`, `rust/scripts/ci/get-latest-agents-tag\.sh`, `rust/scripts/ci/get-workspace-version\.sh`, `rust/scripts/ci/update-workspace-version\.sh`	Add scripts to compute next semver from commits (including BREAKING CHANGE), generate per-workspace changelogs and optionally write them, fetch latest `agents-v*` tag, read the workspace version from Cargo.toml, and update the workspace version in Cargo.toml.

Sequence Diagram(s)

sequenceDiagram
    participant GH as GitHub Actions
    participant Check as check-release-status
    participant PR as release-pr
    participant Pub as publish
    participant Git as Git
    participant GHCLI as gh

    GH->>Check: trigger (push / workflow_dispatch)
    Check->>Git: list tags (agents-v*)
    Check->>Git: read workspace version (get-workspace-version.sh)
    Check-->>GH: outputs has_changes, should_release

    alt has_changes == true
        GH->>PR: run release-pr
        PR->>PR: determine-next-version.sh (compute next semver)
        PR->>PR: generate-workspace-changelog.sh (per-workspace changelogs)
        PR->>Git: update Cargo.toml & Cargo.lock
        PR->>GHCLI: create/update release PR (release-agents-v<NEW_VERSION>)
    end

    alt should_release == true && on main
        GH->>Pub: run publish
        Pub->>PR: compute final version (prerelease handling)
        Pub->>Git: create & push tag agents-v<version>
        Pub->>GHCLI: create GitHub Release (notes + contributors)
    end

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Focus areas:

rust/scripts/ci/determine-next-version.sh (conventional-commit parsing, BREAKING CHANGE detection, bump logic)
rust/scripts/ci/generate-workspace-changelog.sh (mapping files to workspace members, safe file I/O and prepends)
Workflow conditionals/outputs (has_changes, should_release, prerelease logic) and Docker SEMVER extraction logic
Release tagging/creation steps (guardrails against existing tags/releases)

Suggested reviewers

kamiyaa
Mo-Hussain
yjamin

Poem

A tag, a script, a changelog cheer,
Versions climb and pranks appear,
Bumps and tags march in a row,
PRs dance, then releases go,
Pipeline hums — let's off we steer 🚜

Pre-merge checks and finishing touches

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'feat: agents release workflow' directly and clearly summarizes the main change—adding an automated release workflow for agents.
Description check	✅ Passed	The description covers all required template sections with meaningful content: Description explains the feature, Drive-by changes lists three improvements, Related issues links the linear ticket, and Testing details validation steps.

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

coderabbitai

Actionable comments posted: 1

♻️ Duplicate comments (1)

.github/workflows/rust-release.yml (1)

7-7: Remove testing branch from triggers before merge

Keep the porch tidy; drop pb/rust-release-cargo in final merge.

🧹 Nitpick comments (6)

rust/scripts/generate-workspace-changelog.sh (4)

83-83: Harden trap expansion

Quote expansion at signal time, not now.
-trap "rm -rf $TEMP_DIR" EXIT
+trap 'rm -rf "$TEMP_DIR"' EXIT
Based on shellcheck SC2064.

146-147: Avoid masking return values with inline assignment

Declare then assign for clarity.
-    local workspace_file=$(echo "$workspace" | tr '/' '_')
+    local workspace_file
+    workspace_file=$(echo "$workspace" | tr '/' '_')
As per shellcheck SC2155.

153-156: Drop unused field, simplify read

You don’t use the workspace field; read into a dummy and keep the message.
-        sort -u "$TEMP_DIR/$workspace_file" | while IFS='|' read -r ws msg; do
-            echo "* $msg"
-        done
+        sort -u "$TEMP_DIR/$workspace_file" | while IFS='|' read -r _ msg; do
+            echo "* $msg"
+        done
Based on shellcheck SC2034.

122-126: Prefer string prefix match over regex here

Safer if member names ever include regex meta; reads clearer.
-            if [[ "$file" =~ ^"$member"(/|$) ]]; then
+            if [[ "$file" == "$member" || "$file" == "$member/"* ]]; then

.github/workflows/rust-release.yml (2)

289-294: Don’t assume the “release” label exists

gh pr create fails if the label is missing. Either pre-create the label or omit the flag.

-            gh pr create \
-              --title "release: agents v${NEW_VERSION}" \
-              --body "$PR_BODY" \
-              --base main \
-              --head "$BRANCH_NAME" \
-              --label "release" \
-              --draft
+            gh pr create \
+              --title "release: agents v${NEW_VERSION}" \
+              --body "$PR_BODY" \
+              --base main \
+              --head "$BRANCH_NAME" \
+              --draft

362-376: Stable vs prerelease changelog base tag

git describe will pick the latest tag (including prereleases). For stable releases you likely want the last stable tag so notes cover the whole cycle, not just since the last beta.

-          PREV_TAG=$(git describe --tags --abbrev=0 --match "agents-v*" 2>/dev/null || echo "")
+          if [ "$IS_PRERELEASE" = "true" ]; then
+            # For prereleases, diff from latest prerelease or stable
+            PREV_TAG=$(git describe --tags --abbrev=0 --match "agents-v*" 2>/dev/null || echo "")
+          else
+            # For stable, diff from latest stable tag only
+            PREV_TAG=$(git tag -l "agents-v*" --sort=-version:refname | grep -E "^agents-v[0-9]+\.[0-9]+\.[0-9]+$" | head -1 || echo "")
+          fi

This keeps the swamp water clear for stable notes.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 6ef5f44 and 5f31821.

⛔ Files ignored due to path filters (2)

rust/main/Cargo.lock is excluded by !**/*.lock
rust/sealevel/Cargo.lock is excluded by !**/*.lock

📒 Files selected for processing (5)

.github/workflows/rust-docker.yml (1 hunks)
.github/workflows/rust-release.yml (1 hunks)
rust/main/Cargo.toml (1 hunks)
rust/main/hyperlane-metric/Cargo.toml (1 hunks)
rust/scripts/generate-workspace-changelog.sh (1 hunks)

🧰 Additional context used

🪛 actionlint (1.7.8)

.github/workflows/rust-release.yml

34-34: label "depot-ubuntu-latest" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2025", "windows-2022", "windows-11-arm", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-24.04-arm", "ubuntu-22.04", "ubuntu-22.04-arm", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-26-xlarge", "macos-26", "macos-15-intel", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

99-99: label "depot-ubuntu-latest" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2025", "windows-2022", "windows-11-arm", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-24.04-arm", "ubuntu-22.04", "ubuntu-22.04-arm", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-26-xlarge", "macos-26", "macos-15-intel", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

310-310: label "depot-ubuntu-latest" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2025", "windows-2022", "windows-11-arm", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-24.04-arm", "ubuntu-22.04", "ubuntu-22.04-arm", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-26-xlarge", "macos-26", "macos-15-intel", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

🪛 Shellcheck (0.11.0)

rust/scripts/generate-workspace-changelog.sh

[warning] 83-83: Use single quotes, otherwise this expands now rather than when signalled.

(SC2064)

[warning] 146-146: Declare and assign separately to avoid masking return values.

(SC2155)

[warning] 153-153: ws appears unused. Verify use (or export if used externally).

(SC2034)

🔇 Additional comments (3)

rust/main/hyperlane-metric/Cargo.toml (1)

18-18: Dependency key fix looks good

Shiny and simple. The workspace inheritance shorthand is valid here.

rust/main/Cargo.toml (1)

36-36: Workspace version bump acknowledged

Lines up with the release flow that keys off workspace.package.version.

Double-check sealevel or other sibling workspaces don’t hard-code versions that should track this bump.

.github/workflows/rust-release.yml (1)

34-34: Verify custom runner label availability

depot-ubuntu-latest isn’t a standard GitHub runner label. If it’s self-hosted, all good; if not, switch to ubuntu-latest.

Also applies to: 99-99, 310-310

.github/workflows/rust-docker.yml

coderabbitai

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 5f31821 and 96193a6.

📒 Files selected for processing (1)

.github/workflows/rust-docker.yml (2 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (52)

GitHub Check: cli-install-test
GitHub Check: infra-test
GitHub Check: env-test-matrix (mainnet3, arbitrum, core)
GitHub Check: env-test-matrix (mainnet3, inevm, igp)
GitHub Check: env-test-matrix (mainnet3, inevm, core)
GitHub Check: env-test-matrix (mainnet3, optimism, core)
GitHub Check: cli-evm-e2e-matrix (warp-init)
GitHub Check: env-test-matrix (mainnet3, ethereum, core)
GitHub Check: env-test-matrix (mainnet3, ethereum, igp)
GitHub Check: env-test-matrix (testnet4, sepolia, core)
GitHub Check: env-test-matrix (mainnet3, arbitrum, igp)
GitHub Check: cli-evm-e2e-matrix (warp-extend-recovery)
GitHub Check: env-test-matrix (mainnet3, optimism, igp)
GitHub Check: cli-evm-e2e-matrix (warp-read)
GitHub Check: cli-evm-e2e-matrix (warp-rebalancer)
GitHub Check: cli-evm-e2e-matrix (warp-send)
GitHub Check: cli-evm-e2e-matrix (warp-extend-basic)
GitHub Check: cli-evm-e2e-matrix (warp-deploy)
GitHub Check: cli-evm-e2e-matrix (warp-apply-2)
GitHub Check: cli-evm-e2e-matrix (warp-extend-config)
GitHub Check: cli-evm-e2e-matrix (warp-bridge-1)
GitHub Check: cli-evm-e2e-matrix (warp-check-3)
GitHub Check: cli-evm-e2e-matrix (warp-bridge-2)
GitHub Check: cli-evm-e2e-matrix (warp-check-1)
GitHub Check: cli-evm-e2e-matrix (relay)
GitHub Check: cli-evm-e2e-matrix (core-deploy)
GitHub Check: cli-evm-e2e-matrix (warp-check-2)
GitHub Check: cli-evm-e2e-matrix (warp-apply-submitters)
GitHub Check: cli-evm-e2e-matrix (core-read)
GitHub Check: cli-evm-e2e-matrix (core-init)
GitHub Check: cli-evm-e2e-matrix (warp-apply-1)
GitHub Check: cli-cosmos-e2e-matrix (core-read)
GitHub Check: cli-evm-e2e-matrix (core-check)
GitHub Check: cli-evm-e2e-matrix (core-apply)
GitHub Check: cli-cosmos-e2e-matrix (warp-read)
GitHub Check: cosmos-sdk-e2e-run
GitHub Check: cli-cross-chain-e2e-matrix (warp-apply)
GitHub Check: cli-cosmos-e2e-matrix (core-deploy)
GitHub Check: cli-cross-chain-e2e-matrix (warp-deploy)
GitHub Check: cli-cosmos-e2e-matrix (core-check)
GitHub Check: cli-cosmos-e2e-matrix (warp-deploy)
GitHub Check: cli-cosmos-e2e-matrix (core-apply)
GitHub Check: build-and-push-to-gcr
GitHub Check: e2e-matrix (starknet)
GitHub Check: e2e-matrix (sealevel)
GitHub Check: e2e-matrix (cosmwasm)
GitHub Check: e2e-matrix (radix)
GitHub Check: e2e-matrix (evm)
GitHub Check: e2e-matrix (cosmosnative)
GitHub Check: lander-coverage
GitHub Check: lint-rs
GitHub Check: test-rs

.github/workflows/rust-docker.yml

coderabbitai

Actionable comments posted: 2

🧹 Nitpick comments (2)

.github/workflows/rust-docker.yml (2)
49-53: Small hardening: fail fast in taggen

Add set -euo pipefail to catch script hiccups early. Saves you from stepping in muck later.
       - name: Generate tag data
         id: taggen
         run: |
-          echo "TAG_DATE=$(date +'%Y%m%d-%H%M%S')" >> $GITHUB_OUTPUT
+          set -euo pipefail
+          echo "TAG_DATE=$(date +'%Y%m%d-%H%M%S')" >> $GITHUB_OUTPUT
96-99: Confirm intent: pushing images on PRs

push: true applies to PRs too (when secrets available). Is that desired, or should PRs build only? If needed, condition push by event type.

Example tweak:
-          push: true
+          push: ${{ github.event_name != 'pull_request' || secrets.GCLOUD_SERVICE_KEY != '' }}

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 96193a6 and eac330b.

📒 Files selected for processing (1)

.github/workflows/rust-docker.yml (2 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (55)

GitHub Check: cli-evm-e2e-matrix (core-init)
GitHub Check: cli-evm-e2e-matrix (warp-check-1)
GitHub Check: cli-evm-e2e-matrix (warp-bridge-1)
GitHub Check: cli-evm-e2e-matrix (warp-rebalancer)
GitHub Check: cli-evm-e2e-matrix (warp-check-2)
GitHub Check: cli-evm-e2e-matrix (warp-extend-config)
GitHub Check: cli-evm-e2e-matrix (warp-init)
GitHub Check: cli-evm-e2e-matrix (warp-send)
GitHub Check: cli-evm-e2e-matrix (warp-read)
GitHub Check: cli-evm-e2e-matrix (warp-extend-recovery)
GitHub Check: cli-evm-e2e-matrix (warp-check-3)
GitHub Check: cli-evm-e2e-matrix (warp-apply-submitters)
GitHub Check: cli-evm-e2e-matrix (warp-deploy)
GitHub Check: cli-evm-e2e-matrix (warp-extend-basic)
GitHub Check: cli-evm-e2e-matrix (core-apply)
GitHub Check: cli-evm-e2e-matrix (warp-bridge-2)
GitHub Check: cli-evm-e2e-matrix (warp-apply-2)
GitHub Check: cli-evm-e2e-matrix (warp-apply-1)
GitHub Check: env-test-matrix (mainnet3, optimism, igp)
GitHub Check: cli-evm-e2e-matrix (relay)
GitHub Check: env-test-matrix (mainnet3, arbitrum, igp)
GitHub Check: cli-evm-e2e-matrix (core-read)
GitHub Check: cli-evm-e2e-matrix (core-check)
GitHub Check: env-test-matrix (testnet4, sepolia, core)
GitHub Check: cli-evm-e2e-matrix (core-deploy)
GitHub Check: env-test-matrix (mainnet3, ethereum, core)
GitHub Check: env-test-matrix (mainnet3, inevm, igp)
GitHub Check: env-test-matrix (mainnet3, inevm, core)
GitHub Check: env-test-matrix (mainnet3, optimism, core)
GitHub Check: cli-cosmos-e2e-matrix (core-deploy)
GitHub Check: env-test-matrix (mainnet3, ethereum, igp)
GitHub Check: env-test-matrix (mainnet3, arbitrum, core)
GitHub Check: cli-cosmos-e2e-matrix (core-check)
GitHub Check: cli-cosmos-e2e-matrix (core-read)
GitHub Check: cli-cosmos-e2e-matrix (warp-deploy)
GitHub Check: cli-cosmos-e2e-matrix (warp-read)
GitHub Check: cli-cosmos-e2e-matrix (core-apply)
GitHub Check: coverage-run
GitHub Check: cli-cross-chain-e2e-matrix (warp-apply)
GitHub Check: cli-cross-chain-e2e-matrix (warp-deploy)
GitHub Check: cosmos-sdk-e2e-run
GitHub Check: yarn-test-run
GitHub Check: cli-install-test-run
GitHub Check: e2e-matrix (starknet)
GitHub Check: e2e-matrix (evm)
GitHub Check: e2e-matrix (sealevel)
GitHub Check: e2e-matrix (radix)
GitHub Check: e2e-matrix (cosmwasm)
GitHub Check: e2e-matrix (cosmosnative)
GitHub Check: yarn-install
GitHub Check: build-and-push-to-gcr
GitHub Check: Socket Security: Pull Request Alerts
GitHub Check: lint-rs
GitHub Check: lander-coverage
GitHub Check: test-rs

.github/workflows/rust-docker.yml

coderabbitai

Actionable comments posted: 0

🧹 Nitpick comments (2)

.github/workflows/rust-docker.yml (2)
51-53: Good guard rails; tiny nit on consistency

Nice touch with the strict shell flags. Consider quoting $GITHUB_OUTPUT everywhere for consistency.
-echo "TAG_DATE=$(date +'%Y%m%d-%H%M%S')" >> $GITHUB_OUTPUT
-echo "TAG_SHA=$(echo '${{ github.event.pull_request.head.sha || github.sha }}' | cut -b 1-7)" >> $GITHUB_OUTPUT
+echo "TAG_DATE=$(date +'%Y%m%d-%H%M%S')" >> "$GITHUB_OUTPUT"
+echo "TAG_SHA=$(echo '${{ github.event.pull_request.head.sha || github.sha }}' | cut -b 1-7)" >> "$GITHUB_OUTPUT"
54-64: Tighten SEMVER validation to avoid accidental junk

Current regex will accept 1.2.3foo. Let’s bound it to valid semver with optional pre-release/build metadata.
-# Basic semver guard (allows prerelease/build metadata)
-if echo "$NAME" | grep -Eq '^[0-9]+\.[0-9]+\.[0-9]+'; then
-  echo "SEMVER=$NAME" >> $GITHUB_OUTPUT
-fi
+# Basic semver guard (allows prerelease/build metadata)
+# e.g. 1.2.3, 1.2.3-rc.1, 1.2.3+build.5, 1.2.3-rc.1+build.5
+if echo "$NAME" | grep -Eq '^[0-9]+(\.[0-9]+){2}(-[0-9A-Za-z.-]+)?(\+[0-9A-Za-z.-]+)?$'; then
+  echo "SEMVER=$NAME" >> "$GITHUB_OUTPUT"
+fi

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between eac330b and b04a112.

📒 Files selected for processing (1)

.github/workflows/rust-docker.yml (2 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (51)

GitHub Check: infra-test
GitHub Check: cli-evm-e2e-matrix (warp-extend-basic)
GitHub Check: cli-evm-e2e-matrix (warp-bridge-1)
GitHub Check: cli-evm-e2e-matrix (warp-check-1)
GitHub Check: cli-evm-e2e-matrix (warp-check-3)
GitHub Check: cli-evm-e2e-matrix (warp-read)
GitHub Check: cli-evm-e2e-matrix (warp-extend-config)
GitHub Check: cli-evm-e2e-matrix (warp-bridge-2)
GitHub Check: cli-evm-e2e-matrix (warp-rebalancer)
GitHub Check: cli-evm-e2e-matrix (warp-apply-2)
GitHub Check: cli-evm-e2e-matrix (warp-init)
GitHub Check: cli-evm-e2e-matrix (warp-check-2)
GitHub Check: cli-evm-e2e-matrix (warp-extend-recovery)
GitHub Check: cli-evm-e2e-matrix (warp-apply-submitters)
GitHub Check: cli-evm-e2e-matrix (warp-deploy)
GitHub Check: cli-evm-e2e-matrix (warp-send)
GitHub Check: cli-evm-e2e-matrix (core-read)
GitHub Check: cli-evm-e2e-matrix (core-check)
GitHub Check: cli-evm-e2e-matrix (relay)
GitHub Check: cli-evm-e2e-matrix (core-init)
GitHub Check: cli-evm-e2e-matrix (core-deploy)
GitHub Check: cli-evm-e2e-matrix (warp-apply-1)
GitHub Check: cli-evm-e2e-matrix (core-apply)
GitHub Check: env-test-matrix (testnet4, sepolia, core)
GitHub Check: env-test-matrix (mainnet3, optimism, igp)
GitHub Check: env-test-matrix (mainnet3, inevm, core)
GitHub Check: cli-cosmos-e2e-matrix (core-deploy)
GitHub Check: env-test-matrix (mainnet3, inevm, igp)
GitHub Check: cli-cosmos-e2e-matrix (warp-read)
GitHub Check: env-test-matrix (mainnet3, ethereum, igp)
GitHub Check: cli-cosmos-e2e-matrix (warp-deploy)
GitHub Check: env-test-matrix (mainnet3, arbitrum, core)
GitHub Check: env-test-matrix (mainnet3, arbitrum, igp)
GitHub Check: env-test-matrix (mainnet3, optimism, core)
GitHub Check: env-test-matrix (mainnet3, ethereum, core)
GitHub Check: cli-cosmos-e2e-matrix (core-apply)
GitHub Check: cli-cosmos-e2e-matrix (core-check)
GitHub Check: cosmos-sdk-e2e-run
GitHub Check: cli-cosmos-e2e-matrix (core-read)
GitHub Check: cli-cross-chain-e2e-matrix (warp-deploy)
GitHub Check: cli-cross-chain-e2e-matrix (warp-apply)
GitHub Check: build-and-push-to-gcr
GitHub Check: lander-coverage
GitHub Check: e2e-matrix (sealevel)
GitHub Check: lint-rs
GitHub Check: e2e-matrix (starknet)
GitHub Check: e2e-matrix (evm)
GitHub Check: e2e-matrix (radix)
GitHub Check: e2e-matrix (cosmwasm)
GitHub Check: e2e-matrix (cosmosnative)
GitHub Check: test-rs

🔇 Additional comments (1)

.github/workflows/rust-docker.yml (1)

76-78: Enable logic looks solid

Gating semver tags on tag events and a non-empty SEMVER keeps the swamp clean. LGTM.

coderabbitai

Actionable comments posted: 0

♻️ Duplicate comments (1)

.github/workflows/rust-release.yml (1)
7-7: Remove testing branch before merge

Keep main clean; drop the test branch trigger.
-      - pb/rust-release-cargo # for testing

🧹 Nitpick comments (11)

.github/workflows/rust-docker.yml (1)

51-70: Tiny hardening: quote outputs and vars

Looks solid, swamp’s drained. Add quotes for $GITHUB_OUTPUT and NAME to silence shellcheck and avoid odd edge cases.

-          set -euo pipefail
-          echo "TAG_DATE=$(date +'%Y%m%d-%H%M%S')" >> $GITHUB_OUTPUT
-          echo "TAG_SHA=$(echo '${{ github.event.pull_request.head.sha || github.sha }}' | cut -b 1-7)" >> $GITHUB_OUTPUT
+          set -euo pipefail
+          echo "TAG_DATE=$(date +'%Y%m%d-%H%M%S')" >> "$GITHUB_OUTPUT"
+          echo "TAG_SHA=$(echo '${{ github.event.pull_request.head.sha || github.sha }}' | cut -b 1-7)" >> "$GITHUB_OUTPUT"
           # For tag events, derive pure semver:
-          if [ "${{ github.ref_type }}" = "tag" ]; then
-            NAME="${{ github.ref_name }}"
+          if [ "${{ github.ref_type }}" = "tag" ]; then
+            NAME="${{ github.ref_name }}"
             # Strip agents- prefix and any leading v
-            NAME="${NAME#agents-}"
-            NAME="${NAME#v}"
+            NAME="${NAME#agents-}"
+            NAME="${NAME#v}"
             # Basic semver guard (allows prerelease/build metadata)
             if echo "$NAME" | grep -Eq '^[0-9]+\.[0-9]+\.[0-9]+'; then
-              echo "SEMVER=$NAME" >> $GITHUB_OUTPUT
+              echo "SEMVER=$NAME" >> "$GITHUB_OUTPUT"
               # Check if this is a stable release (no prerelease suffix like -beta, -rc, -alpha)
               if echo "$NAME" | grep -Eq '^[0-9]+\.[0-9]+\.[0-9]+$'; then
-                echo "IS_STABLE=true" >> $GITHUB_OUTPUT
+                echo "IS_STABLE=true" >> "$GITHUB_OUTPUT"
               else
-                echo "IS_STABLE=false" >> $GITHUB_OUTPUT
+                echo "IS_STABLE=false" >> "$GITHUB_OUTPUT"
               fi
             fi
           fi

rust/scripts/generate-workspace-changelog.sh (5)

82-84: Fix trap quoting to avoid early expansion

Quote the temp dir in trap; avoids hiccups if TMPDIR contains spaces and silences SC2064.
-TRAP_CMD="rm -rf $TEMP_DIR"
-trap "rm -rf $TEMP_DIR" EXIT
+trap 'rm -rf "$TEMP_DIR"' EXIT
Based on static analysis hints

108-115: Quote and use “--” consistently for pathspecs

Safer to quote the commit range and keep the path separator explicit. Also quote variables in subshells.
-git log --no-merges --format="%H" $COMMIT_RANGE -- rust/main | while read -r commit_hash; do
+git log --no-merges --format='%H' "$COMMIT_RANGE" -- rust/main | while read -r commit_hash; do
     # Get commit message
-    commit_msg=$(git log -1 --format="%s" "$commit_hash")
+    commit_msg="$(git log -1 --format='%s' "$commit_hash")"
Based on static analysis hints

146-156: Minor: avoid masking return values and unused var warning

Split declare/assign and drop the unused “ws” var to appease shellcheck; function behavior unchanged.
-generate_workspace_changelog() {
+generate_workspace_changelog() {
     local workspace="$1"
     local include_header="${2:-true}"  # Default to including header
-    local workspace_file=$(echo "$workspace" | tr '/' '_')
+    local workspace_file
+    workspace_file="$(echo "$workspace" | tr '/' '_')"
@@
-        sort -u "$TEMP_DIR/$workspace_file" | while IFS='|' read -r ws msg; do
-            echo "* $msg"
+        sort -u "$TEMP_DIR/$workspace_file" | while IFS='|' read -r _ msg; do
+            echo "* $msg"
         done
Based on static analysis hints

85-87: Parsing Cargo.toml is brittle; consider cargo metadata

Grepping the members array can drift if formatting changes. Using cargo metadata -Z unstable-options --format-version 1 is sturdier. Optional, but future‑proofs the bog.

130-140: Commit message delimiter risk

If a commit message contains “|”, the split will misbehave. Low risk, but you can use a NUL sep or serialize as JSON to dodge surprises.

.github/workflows/rust-release.yml (5)

136-139: Don’t bump minor on “chore”

Classifying “chore” as minor will over‑inflate versions. Suggest limiting minor to feat/refactor/perf, keep chore as patch.

-            elif echo "$commit" | grep -qE "^[a-f0-9]+ (feat|refactor|perf|chore)(\(.+\))?:"; then
+            elif echo "$commit" | grep -qE "^[a-f0-9]+ (feat|refactor|perf)(\(.+\))?:"; then
               HAS_MINOR=true

248-297: Ensure gh CLI and “release” label availability

On non‑standard runners, gh may be missing and the “release” label might not exist. Add a quick install/check and create the label if needed to avoid a muddy bog mid‑run.

       - name: Create or update release PR
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           NEW_VERSION: ${{ steps.next_version.outputs.new_version }}
           BUMP_TYPE: ${{ steps.next_version.outputs.bump_type }}
           CHANGELOG: ${{ steps.changelog.outputs.changelog }}
         run: |
+          if ! command -v gh >/dev/null 2>&1; then
+            echo "gh CLI not found"; exit 1
+          fi
+          # Ensure label exists
+          gh api repos/${{ github.repository }}/labels --method GET --jq '.[].name' | grep -qx 'release' || \
+            gh api repos/${{ github.repository }}/labels --method POST -f name='release' -f color='5319e7' -f description='Release PRs' >/dev/null 2>&1 || true

407-416: Make tag/release creation idempotent

Re‑runs will fail if the tag or release exists. Guard to skip gracefully.

-          # Create tag and GitHub release
-          git tag -a "$TAG_NAME" -m "$RELEASE_TYPE $TAG_NAME"
-          git push origin "$TAG_NAME"
-
-          gh release create "$TAG_NAME" \
-            --title "$TITLE" \
-            --notes "$CHANGELOG" \
-            $PRERELEASE_FLAG \
-            --repo "${{ github.repository }}"
+          # Create tag and GitHub release (idempotent)
+          if git rev-parse -q --verify "refs/tags/$TAG_NAME" >/dev/null; then
+            echo "Tag $TAG_NAME already exists, skipping tag creation"
+          else
+            git tag -a "$TAG_NAME" -m "$RELEASE_TYPE $TAG_NAME"
+            git push origin "$TAG_NAME"
+          fi
+          if gh release view "$TAG_NAME" --repo "${{ github.repository }}" >/dev/null 2>&1; then
+            echo "Release $TAG_NAME already exists, skipping"
+          else
+            gh release create "$TAG_NAME" \
+              --title "$TITLE" \
+              --notes "$CHANGELOG" \
+              $PRERELEASE_FLAG \
+              --repo "${{ github.repository }}"
+          fi

20-23: Consider cancel-in-progress=true

For rapid pushes, canceling in‑flight runs keeps the ogre’s hut tidy and avoids dueling PR updates.

72-75: Robust version parse from Cargo.toml

Grep/awk works, but if the stanza shifts, it’ll break. Optional: parse via tomlq (yq 4 + toml) or a tiny jq/toml python. Not a blocker.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 4a50585 and 076c37e.

⛔ Files ignored due to path filters (2)

rust/main/Cargo.lock is excluded by !**/*.lock
rust/sealevel/Cargo.lock is excluded by !**/*.lock

📒 Files selected for processing (5)

.github/workflows/rust-docker.yml (2 hunks)
.github/workflows/rust-release.yml (1 hunks)
rust/main/Cargo.toml (1 hunks)
rust/main/hyperlane-metric/Cargo.toml (1 hunks)
rust/scripts/generate-workspace-changelog.sh (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (2)

rust/main/Cargo.toml
rust/main/hyperlane-metric/Cargo.toml

🧰 Additional context used

🪛 actionlint (1.7.8)

.github/workflows/rust-release.yml

35-35: label "depot-ubuntu-latest" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2025", "windows-2022", "windows-11-arm", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-24.04-arm", "ubuntu-22.04", "ubuntu-22.04-arm", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-26-xlarge", "macos-26", "macos-15-intel", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

48-48: shellcheck reported issue in this script: SC2086:info:6:30: Double quote to prevent globbing and word splitting

(shellcheck)

48-48: shellcheck reported issue in this script: SC2086:info:14:32: Double quote to prevent globbing and word splitting

(shellcheck)

48-48: shellcheck reported issue in this script: SC2086:info:17:33: Double quote to prevent globbing and word splitting

(shellcheck)

71-71: shellcheck reported issue in this script: SC2086:info:3:44: Double quote to prevent globbing and word splitting

(shellcheck)

71-71: shellcheck reported issue in this script: SC2086:info:10:29: Double quote to prevent globbing and word splitting

(shellcheck)

71-71: shellcheck reported issue in this script: SC2086:info:12:33: Double quote to prevent globbing and word splitting

(shellcheck)

71-71: shellcheck reported issue in this script: SC2001:style:14:20: See if you can use ${variable//search/replace} instead

(shellcheck)

71-71: shellcheck reported issue in this script: SC2086:info:15:44: Double quote to prevent globbing and word splitting

(shellcheck)

71-71: shellcheck reported issue in this script: SC2086:info:20:35: Double quote to prevent globbing and word splitting

(shellcheck)

71-71: shellcheck reported issue in this script: SC2086:info:23:36: Double quote to prevent globbing and word splitting

(shellcheck)

100-100: label "depot-ubuntu-latest" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2025", "windows-2022", "windows-11-arm", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-24.04-arm", "ubuntu-22.04", "ubuntu-22.04-arm", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-26-xlarge", "macos-26", "macos-15-intel", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

115-115: shellcheck reported issue in this script: SC2086:info:54:36: Double quote to prevent globbing and word splitting

(shellcheck)

115-115: shellcheck reported issue in this script: SC2086:info:55:32: Double quote to prevent globbing and word splitting

(shellcheck)

176-176: shellcheck reported issue in this script: SC2086:info:25:6: Double quote to prevent globbing and word splitting

(shellcheck)

238-238: shellcheck reported issue in this script: SC2086:info:48:34: Double quote to prevent globbing and word splitting

(shellcheck)

303-303: shellcheck reported issue in this script: SC2129:style:1:1: Consider using { cmd1; cmd2; } >> file instead of individual redirects

(shellcheck)

303-303: shellcheck reported issue in this script: SC2086:info:1:53: Double quote to prevent globbing and word splitting

(shellcheck)

303-303: shellcheck reported issue in this script: SC2086:info:2:12: Double quote to prevent globbing and word splitting

(shellcheck)

303-303: shellcheck reported issue in this script: SC2086:info:3:52: Double quote to prevent globbing and word splitting

(shellcheck)

303-303: shellcheck reported issue in this script: SC2086:info:4:69: Double quote to prevent globbing and word splitting

(shellcheck)

311-311: label "depot-ubuntu-latest" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2025", "windows-2022", "windows-11-arm", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-24.04-arm", "ubuntu-22.04", "ubuntu-22.04-arm", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-26-xlarge", "macos-26", "macos-15-intel", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

327-327: shellcheck reported issue in this script: SC2001:style:16:18: See if you can use ${variable//search/replace} instead

(shellcheck)

327-327: shellcheck reported issue in this script: SC2086:info:90:59: Double quote to prevent globbing and word splitting

(shellcheck)

327-327: shellcheck reported issue in this script: SC2086:info:91:87: Double quote to prevent globbing and word splitting

(shellcheck)

327-327: shellcheck reported issue in this script: SC2086:info:92:12: Double quote to prevent globbing and word splitting

(shellcheck)

327-327: shellcheck reported issue in this script: SC2086:info:93:97: Double quote to prevent globbing and word splitting

(shellcheck)

🪛 Shellcheck (0.11.0)

rust/scripts/generate-workspace-changelog.sh

[warning] 83-83: Use single quotes, otherwise this expands now rather than when signalled.

(SC2064)

[warning] 146-146: Declare and assign separately to avoid masking return values.

(SC2155)

[warning] 153-153: ws appears unused. Verify use (or export if used externally).

(SC2034)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (53)

GitHub Check: cli-install-test
GitHub Check: infra-test
GitHub Check: Update Release PR
GitHub Check: cli-evm-e2e-matrix (core-read)
GitHub Check: cli-evm-e2e-matrix (warp-init)
GitHub Check: cli-evm-e2e-matrix (warp-send)
GitHub Check: cli-evm-e2e-matrix (warp-check-2)
GitHub Check: cli-evm-e2e-matrix (warp-extend-config)
GitHub Check: cli-evm-e2e-matrix (warp-check-3)
GitHub Check: cli-evm-e2e-matrix (warp-deploy)
GitHub Check: cli-evm-e2e-matrix (warp-rebalancer)
GitHub Check: cli-evm-e2e-matrix (warp-check-1)
GitHub Check: cli-evm-e2e-matrix (warp-extend-basic)
GitHub Check: cli-evm-e2e-matrix (warp-bridge-2)
GitHub Check: cli-evm-e2e-matrix (warp-read)
GitHub Check: cli-evm-e2e-matrix (warp-extend-recovery)
GitHub Check: cli-evm-e2e-matrix (relay)
GitHub Check: cli-evm-e2e-matrix (warp-apply-2)
GitHub Check: cli-evm-e2e-matrix (warp-apply-1)
GitHub Check: cli-evm-e2e-matrix (warp-bridge-1)
GitHub Check: cli-evm-e2e-matrix (warp-apply-submitters)
GitHub Check: cli-evm-e2e-matrix (core-deploy)
GitHub Check: cli-evm-e2e-matrix (core-check)
GitHub Check: cli-evm-e2e-matrix (core-init)
GitHub Check: cli-evm-e2e-matrix (core-apply)
GitHub Check: cli-cosmos-e2e-matrix (warp-read)
GitHub Check: cli-cosmos-e2e-matrix (core-read)
GitHub Check: cli-cosmos-e2e-matrix (warp-deploy)
GitHub Check: cli-cosmos-e2e-matrix (core-deploy)
GitHub Check: cli-cosmos-e2e-matrix (core-apply)
GitHub Check: env-test-matrix (mainnet3, inevm, igp)
GitHub Check: env-test-matrix (testnet4, sepolia, core)
GitHub Check: cli-cosmos-e2e-matrix (core-check)
GitHub Check: env-test-matrix (mainnet3, optimism, core)
GitHub Check: env-test-matrix (mainnet3, optimism, igp)
GitHub Check: env-test-matrix (mainnet3, arbitrum, core)
GitHub Check: env-test-matrix (mainnet3, arbitrum, igp)
GitHub Check: env-test-matrix (mainnet3, ethereum, core)
GitHub Check: env-test-matrix (mainnet3, inevm, core)
GitHub Check: env-test-matrix (mainnet3, ethereum, igp)
GitHub Check: cosmos-sdk-e2e-run
GitHub Check: cli-cross-chain-e2e-matrix (warp-deploy)
GitHub Check: cli-cross-chain-e2e-matrix (warp-apply)
GitHub Check: build-and-push-to-gcr
GitHub Check: e2e-matrix (cosmwasm)
GitHub Check: e2e-matrix (sealevel)
GitHub Check: e2e-matrix (starknet)
GitHub Check: e2e-matrix (radix)
GitHub Check: e2e-matrix (cosmosnative)
GitHub Check: e2e-matrix (evm)
GitHub Check: lint-rs
GitHub Check: lander-coverage
GitHub Check: test-rs

🔇 Additional comments (2)

.github/workflows/rust-docker.yml (1)

82-85: Enable guards look right; one small tweak for prereleases

Great gating. If you ever want prereleases to also publish full {{version}} (they do now) but not {{major}}.{{minor}} (already guarded), you’re set. No change needed—calling it out so it’s intentional.

.github/workflows/rust-release.yml (1)

35-35: Runner label verification

“depot-ubuntu-latest” isn’t a standard GitHub label. If it’s self‑hosted, all good; otherwise switch to ubuntu‑latest.

Would you like a patch to add a matrix or fallback to ubuntu-latest?

coderabbitai

Actionable comments posted: 1

♻️ Duplicate comments (1)

.github/workflows/rust-release.yml (1)
7-7: Remove test branch before merging.

Line 7 includes pb/rust-release-cargo for testing, with a past comment noting this should be removed. Strip this branch so the workflow only runs on main and manual dispatch.
  push:
    branches:
      - main
-     - pb/rust-release-cargo # for testing
    paths:

🧹 Nitpick comments (2)

rust/scripts/generate-workspace-changelog.sh (2)
82-83: Trap quoting style—prefer single quotes to defer expansion.

Shellcheck flags the double-quoted trap string (SC2064): "rm -rf $TEMP_DIR" expands $TEMP_DIR now, not when the trap fires. While not a functional issue here (variable's set before the trap), follow the pattern and use single quotes so the variable expands at trap-fire time:
-trap "rm -rf $TEMP_DIR" EXIT
+trap 'rm -rf "$TEMP_DIR"' EXIT
146-146: Separate local declaration and assignment for better error handling.

Shellcheck SC2155 flags combining local with assignment: if the command fails, local still succeeds and masks the error. Separate them (best practice):
-    local workspace_file=$(echo "$workspace" | tr '/' '_')
+    local workspace_file
+    workspace_file=$(echo "$workspace" | tr '/' '_')

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 076c37e and 79ac150.

⛔ Files ignored due to path filters (2)

rust/main/Cargo.lock is excluded by !**/*.lock
rust/sealevel/Cargo.lock is excluded by !**/*.lock

📒 Files selected for processing (5)

.github/workflows/rust-docker.yml (2 hunks)
.github/workflows/rust-release.yml (1 hunks)
rust/main/Cargo.toml (1 hunks)
rust/main/hyperlane-metric/Cargo.toml (1 hunks)
rust/scripts/generate-workspace-changelog.sh (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (2)

rust/main/Cargo.toml
rust/main/hyperlane-metric/Cargo.toml

🧰 Additional context used

🪛 actionlint (1.7.8)

.github/workflows/rust-release.yml

35-35: label "depot-ubuntu-latest" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2025", "windows-2022", "windows-11-arm", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-24.04-arm", "ubuntu-22.04", "ubuntu-22.04-arm", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-26-xlarge", "macos-26", "macos-15-intel", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

100-100: label "depot-ubuntu-latest" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2025", "windows-2022", "windows-11-arm", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-24.04-arm", "ubuntu-22.04", "ubuntu-22.04-arm", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-26-xlarge", "macos-26", "macos-15-intel", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

311-311: label "depot-ubuntu-latest" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2025", "windows-2022", "windows-11-arm", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-24.04-arm", "ubuntu-22.04", "ubuntu-22.04-arm", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-26-xlarge", "macos-26", "macos-15-intel", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

🪛 Shellcheck (0.11.0)

rust/scripts/generate-workspace-changelog.sh

[warning] 83-83: Use single quotes, otherwise this expands now rather than when signalled.

(SC2064)

[warning] 146-146: Declare and assign separately to avoid masking return values.

(SC2155)

[warning] 153-153: ws appears unused. Verify use (or export if used externally).

(SC2034)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (54)

GitHub Check: infra-test
GitHub Check: Update Release PR
GitHub Check: cli-evm-e2e-matrix (warp-init)
GitHub Check: cli-evm-e2e-matrix (warp-read)
GitHub Check: cli-evm-e2e-matrix (warp-extend-basic)
GitHub Check: cli-evm-e2e-matrix (warp-rebalancer)
GitHub Check: cli-evm-e2e-matrix (warp-extend-config)
GitHub Check: cli-evm-e2e-matrix (warp-extend-recovery)
GitHub Check: cli-evm-e2e-matrix (warp-send)
GitHub Check: cli-evm-e2e-matrix (warp-apply-1)
GitHub Check: cli-evm-e2e-matrix (warp-bridge-1)
GitHub Check: cli-evm-e2e-matrix (core-apply)
GitHub Check: env-test-matrix (mainnet3, inevm, igp)
GitHub Check: cli-evm-e2e-matrix (warp-check-1)
GitHub Check: cli-evm-e2e-matrix (core-deploy)
GitHub Check: cli-evm-e2e-matrix (warp-check-2)
GitHub Check: cli-evm-e2e-matrix (warp-deploy)
GitHub Check: cli-evm-e2e-matrix (warp-bridge-2)
GitHub Check: cli-evm-e2e-matrix (warp-check-3)
GitHub Check: cli-evm-e2e-matrix (warp-apply-ism-updates)
GitHub Check: cli-evm-e2e-matrix (core-read)
GitHub Check: cli-evm-e2e-matrix (warp-apply-submitters)
GitHub Check: cli-evm-e2e-matrix (relay)
GitHub Check: cli-evm-e2e-matrix (warp-apply-2)
GitHub Check: env-test-matrix (mainnet3, ethereum, igp)
GitHub Check: env-test-matrix (mainnet3, inevm, core)
GitHub Check: cli-evm-e2e-matrix (core-init)
GitHub Check: cli-evm-e2e-matrix (core-check)
GitHub Check: env-test-matrix (testnet4, sepolia, core)
GitHub Check: env-test-matrix (mainnet3, optimism, igp)
GitHub Check: env-test-matrix (mainnet3, optimism, core)
GitHub Check: env-test-matrix (mainnet3, arbitrum, igp)
GitHub Check: env-test-matrix (mainnet3, arbitrum, core)
GitHub Check: env-test-matrix (mainnet3, ethereum, core)
GitHub Check: cli-cosmos-e2e-matrix (warp-read)
GitHub Check: cli-cosmos-e2e-matrix (warp-deploy)
GitHub Check: cli-cosmos-e2e-matrix (core-check)
GitHub Check: cosmos-sdk-e2e-run
GitHub Check: cli-cosmos-e2e-matrix (core-deploy)
GitHub Check: cli-cosmos-e2e-matrix (core-read)
GitHub Check: cli-cross-chain-e2e-matrix (warp-deploy)
GitHub Check: cli-cross-chain-e2e-matrix (warp-apply)
GitHub Check: cli-cosmos-e2e-matrix (core-apply)
GitHub Check: cli-install-test-run
GitHub Check: build-and-push-to-gcr
GitHub Check: e2e-matrix (radix)
GitHub Check: e2e-matrix (evm)
GitHub Check: e2e-matrix (starknet)
GitHub Check: e2e-matrix (cosmosnative)
GitHub Check: e2e-matrix (sealevel)
GitHub Check: e2e-matrix (cosmwasm)
GitHub Check: lint-rs
GitHub Check: test-rs
GitHub Check: lander-coverage

🔇 Additional comments (5)

.github/workflows/rust-docker.yml (1)

51-85: Solid semver setup — tag data generation looks well-guarded.

The conditional SEMVER extraction (tag events only) and IS_STABLE derivation (exact three-part semver with no prerelease suffix) are properly scoped. The enable conditions correctly gate the semver tags to tag events with valid SEMVER and stability flags. Prior commits addressed the stripping and validation, and the current state reflects those fixes cleanly.

.github/workflows/rust-release.yml (4)

50-96: Check-release-status logic is solid.

Version comparison (current vs. latest tag) and commit detection are correct. The tag extraction pattern is repeated throughout the workflow—consider extracting it to a reusable variable or shared action in future refactors, but not required for this PR.

110-204: Release PR creation—conventional commit parsing and changelog flow look good.

Version bumping via conventional commits is implemented cleanly (breaking/feat/fix → major/minor/patch). The two-call pattern for changelog generation (unified for PR body, then per-workspace files) is sound. Cargo.lock updates and PR body construction are well-structured.

309-419: Publish logic handles pre-releases and stable releases cleanly.

Manual dispatch triggers pre-release with optional suffix or auto-incrementing beta.N. The commit range handling (HEAD~1 for stable to exclude version bump) is thoughtful. New contributors extraction via GitHub API and release creation via gh CLI are solid patterns.

35-36: Runner label flagged by linter—verify it's configured.

Actionlint flags depot-ubuntu-latest as an unknown GitHub runner label. This is expected if it's a custom self-hosted runner (e.g., via Depot). Ensure your actionlint config (if present) or CI knows about this label; otherwise, the workflow may fail at runtime. If not intentional, switch to a standard label like ubuntu-latest.

Also applies to: 100-101, 311-312

rust/scripts/generate-workspace-changelog.sh

coderabbitai

Actionable comments posted: 0

♻️ Duplicate comments (1)

.github/workflows/rust-release.yml (1)

7-7: 🛑 Remove test branch before merging. Line 7 includes pb/rust-release-cargo as a trigger branch—this was flagged in a past comment as a temporary testing branch that should be removed before the PR is merged.

🧹 Nitpick comments (2)

rust/scripts/ci/generate-workspace-changelog.sh (1)
142-157: Minor: Separate declaration and assignment for cleaner style. Line 146 declares and assigns workspace_file in one go—nothing wrong with it functionally, but shellcheck (SC2155) prefers separating declaration from assignment to catch return value issues in command substitutions. You could do:
  generate_workspace_changelog() {
      local workspace="$1"
      local include_header="${2:-true}"
-     local workspace_file=$(echo "$workspace" | tr '/' '_')
+     local workspace_file
+     workspace_file=$(echo "$workspace" | tr '/' '_')
Since this is inside a function, the risk is low, but it's a reasonable refactor for consistency.
.github/workflows/rust-release.yml (1)
98-247: release-pr job: solid flow, one note on scripting. The job flow is logical—determine next version, generate changelog, update version/locks, create/update PR. A few observations:

Line 165–166: You're trying cargo update --offline and falling back to online. That's defensive, but in a CI environment with fresh containers, offline mode typically won't work. Consider simplifying to just cargo update --workspace (the offline flag is an optimization you can explore later if lock sync becomes slow).

Line 189: The glob pattern rust/main/*/CHANGELOG.md rust/main/*/*/CHANGELOG.md covers all workspace members (confirmed in past review). That's correct.

PR naming & body (lines 219–238): Nice use of gh CLI to check for existing PRs and update vs. create. The draft PR + auto-messaging is clean.
- cargo update --workspace --offline 2>/dev/null || cargo update --workspace
+ cargo update --workspace
Repeated twice (lines 165, 170). This removes the offline fallback, which almost never works in ephemeral CI runners and just adds noise. You can drop it.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 322c54b and 957dfee.

⛔ Files ignored due to path filters (2)

rust/main/Cargo.lock is excluded by !**/*.lock
rust/sealevel/Cargo.lock is excluded by !**/*.lock

📒 Files selected for processing (9)

.github/workflows/rust-docker.yml (2 hunks)
.github/workflows/rust-release.yml (1 hunks)
rust/main/Cargo.toml (1 hunks)
rust/main/hyperlane-metric/Cargo.toml (1 hunks)
rust/scripts/ci/determine-next-version.sh (1 hunks)
rust/scripts/ci/generate-workspace-changelog.sh (1 hunks)
rust/scripts/ci/get-latest-agents-tag.sh (1 hunks)
rust/scripts/ci/get-workspace-version.sh (1 hunks)
rust/scripts/ci/update-workspace-version.sh (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (4)

rust/scripts/ci/get-latest-agents-tag.sh
rust/main/Cargo.toml
rust/scripts/ci/get-workspace-version.sh
.github/workflows/rust-docker.yml

🧰 Additional context used

🧠 Learnings (10)

📓 Common learnings

Learnt from: paulbalaji
Repo: hyperlane-xyz/hyperlane-monorepo PR: 6943
File: rust/main/config/mainnet_config.json:965-965
Timestamp: 2025-08-26T13:46:37.695Z
Learning: In the repository hyperlane-xyz/hyperlane-monorepo, skip reviewing the file rust/main/config/testnet_config.json in future code reviews as requested by paulbalaji.

Learnt from: paulbalaji
Repo: hyperlane-xyz/hyperlane-monorepo PR: 6943
File: rust/main/config/mainnet_config.json:965-965
Timestamp: 2025-08-26T13:46:37.695Z
Learning: In the repository hyperlane-xyz/hyperlane-monorepo, skip reviewing the file rust/main/config/mainnet_config.json in future code reviews as requested by paulbalaji.

📚 Learning: 2025-09-02T18:44:06.598Z

Learnt from: CR
Repo: hyperlane-xyz/hyperlane-monorepo PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-09-02T18:44:06.598Z
Learning: Applies to rust/main/agents/scraper/**/src/**/*.rs : Maintain scraper agent Rust sources under rust/main/agents/scraper

Applied to files:

rust/scripts/ci/generate-workspace-changelog.sh
.github/workflows/rust-release.yml

📚 Learning: 2025-09-02T18:44:06.598Z

Learnt from: CR
Repo: hyperlane-xyz/hyperlane-monorepo PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-09-02T18:44:06.598Z
Learning: Applies to rust/main/agents/relayer/**/src/**/*.rs : Maintain relayer agent Rust sources under rust/main/agents/relayer

Applied to files:

rust/scripts/ci/generate-workspace-changelog.sh
.github/workflows/rust-release.yml

📚 Learning: 2025-09-02T18:44:06.598Z

Learnt from: CR
Repo: hyperlane-xyz/hyperlane-monorepo PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-09-02T18:44:06.598Z
Learning: Applies to rust/main/agents/validator/**/src/**/*.rs : Maintain validator agent Rust sources under rust/main/agents/validator

Applied to files:

rust/scripts/ci/generate-workspace-changelog.sh
.github/workflows/rust-release.yml

📚 Learning: 2025-08-26T13:46:37.695Z

Learnt from: paulbalaji
Repo: hyperlane-xyz/hyperlane-monorepo PR: 6943
File: rust/main/config/mainnet_config.json:965-965
Timestamp: 2025-08-26T13:46:37.695Z
Learning: In the repository hyperlane-xyz/hyperlane-monorepo, skip reviewing the file rust/main/config/mainnet_config.json in future code reviews as requested by paulbalaji.

Applied to files:

rust/scripts/ci/generate-workspace-changelog.sh
.github/workflows/rust-release.yml

📚 Learning: 2025-08-26T13:46:37.695Z

Learnt from: paulbalaji
Repo: hyperlane-xyz/hyperlane-monorepo PR: 6943
File: rust/main/config/mainnet_config.json:965-965
Timestamp: 2025-08-26T13:46:37.695Z
Learning: In the repository hyperlane-xyz/hyperlane-monorepo, skip reviewing the file rust/main/config/testnet_config.json in future code reviews as requested by paulbalaji.

Applied to files:

rust/scripts/ci/generate-workspace-changelog.sh
.github/workflows/rust-release.yml

📚 Learning: 2025-09-02T18:44:06.598Z

Learnt from: CR
Repo: hyperlane-xyz/hyperlane-monorepo PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-09-02T18:44:06.598Z
Learning: Applies to rust/main/chains/{hyperlane-ethereum,hyperlane-cosmos,hyperlane-sealevel,hyperlane-fuel}/**/src/**/*.rs : Keep chain support implementations within rust/main/chains/{hyperlane-ethereum,hyperlane-cosmos,hyperlane-sealevel,hyperlane-fuel}

Applied to files:

.github/workflows/rust-release.yml
rust/main/hyperlane-metric/Cargo.toml

📚 Learning: 2025-09-02T18:44:06.598Z

Learnt from: CR
Repo: hyperlane-xyz/hyperlane-monorepo PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-09-02T18:44:06.598Z
Learning: Applies to rust/main/config/** : Store all chain configuration files under rust/main/config so agents can auto-discover them

Applied to files:

.github/workflows/rust-release.yml

📚 Learning: 2025-08-26T13:45:52.227Z

Learnt from: paulbalaji
Repo: hyperlane-xyz/hyperlane-monorepo PR: 6943
File: rust/main/config/testnet_config.json:34-35
Timestamp: 2025-08-26T13:45:52.227Z
Learning: Skip reviewing mainnet_config.json and testnet_config.json configuration files in typescript/infra/config/ and rust/main/config/ directories as requested by paulbalaji to reduce review noise.

Applied to files:

.github/workflows/rust-release.yml

📚 Learning: 2025-09-02T18:44:06.598Z

Learnt from: CR
Repo: hyperlane-xyz/hyperlane-monorepo PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-09-02T18:44:06.598Z
Learning: Applies to rust/main/{hyperlane-core,hyperlane-base}/**/src/**/*.rs : Keep shared Rust core crates in rust/main/{hyperlane-core,hyperlane-base}

Applied to files:

.github/workflows/rust-release.yml
rust/main/hyperlane-metric/Cargo.toml

🪛 actionlint (1.7.8)

.github/workflows/rust-release.yml

35-35: label "depot-ubuntu-latest" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2025", "windows-2022", "windows-11-arm", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-24.04-arm", "ubuntu-22.04", "ubuntu-22.04-arm", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-26-xlarge", "macos-26", "macos-15-intel", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

48-48: shellcheck reported issue in this script: SC2086:info:6:30: Double quote to prevent globbing and word splitting

(shellcheck)

48-48: shellcheck reported issue in this script: SC2086:info:14:32: Double quote to prevent globbing and word splitting

(shellcheck)

48-48: shellcheck reported issue in this script: SC2086:info:17:33: Double quote to prevent globbing and word splitting

(shellcheck)

71-71: shellcheck reported issue in this script: SC2086:info:3:44: Double quote to prevent globbing and word splitting

(shellcheck)

71-71: shellcheck reported issue in this script: SC2086:info:10:29: Double quote to prevent globbing and word splitting

(shellcheck)

71-71: shellcheck reported issue in this script: SC2086:info:12:33: Double quote to prevent globbing and word splitting

(shellcheck)

71-71: shellcheck reported issue in this script: SC2001:style:14:20: See if you can use ${variable//search/replace} instead

(shellcheck)

71-71: shellcheck reported issue in this script: SC2086:info:15:44: Double quote to prevent globbing and word splitting

(shellcheck)

71-71: shellcheck reported issue in this script: SC2086:info:20:35: Double quote to prevent globbing and word splitting

(shellcheck)

71-71: shellcheck reported issue in this script: SC2086:info:23:36: Double quote to prevent globbing and word splitting

(shellcheck)

100-100: label "depot-ubuntu-latest" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2025", "windows-2022", "windows-11-arm", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-24.04-arm", "ubuntu-22.04", "ubuntu-22.04-arm", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-26-xlarge", "macos-26", "macos-15-intel", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

114-114: shellcheck reported issue in this script: SC2086:info:6:36: Double quote to prevent globbing and word splitting

(shellcheck)

114-114: shellcheck reported issue in this script: SC2086:info:7:32: Double quote to prevent globbing and word splitting

(shellcheck)

127-127: shellcheck reported issue in this script: SC2086:info:25:6: Double quote to prevent globbing and word splitting

(shellcheck)

178-178: shellcheck reported issue in this script: SC2086:info:48:34: Double quote to prevent globbing and word splitting

(shellcheck)

243-243: shellcheck reported issue in this script: SC2129:style:1:1: Consider using { cmd1; cmd2; } >> file instead of individual redirects

(shellcheck)

243-243: shellcheck reported issue in this script: SC2086:info:1:53: Double quote to prevent globbing and word splitting

(shellcheck)

243-243: shellcheck reported issue in this script: SC2086:info:2:12: Double quote to prevent globbing and word splitting

(shellcheck)

243-243: shellcheck reported issue in this script: SC2086:info:3:52: Double quote to prevent globbing and word splitting

(shellcheck)

243-243: shellcheck reported issue in this script: SC2086:info:4:69: Double quote to prevent globbing and word splitting

(shellcheck)

251-251: label "depot-ubuntu-latest" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2025", "windows-2022", "windows-11-arm", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-24.04-arm", "ubuntu-22.04", "ubuntu-22.04-arm", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-26-xlarge", "macos-26", "macos-15-intel", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

267-267: shellcheck reported issue in this script: SC2001:style:16:21: See if you can use ${variable//search/replace} instead

(shellcheck)

267-267: shellcheck reported issue in this script: SC2086:info:104:59: Double quote to prevent globbing and word splitting

(shellcheck)

267-267: shellcheck reported issue in this script: SC2086:info:105:87: Double quote to prevent globbing and word splitting

(shellcheck)

267-267: shellcheck reported issue in this script: SC2086:info:106:12: Double quote to prevent globbing and word splitting

(shellcheck)

267-267: shellcheck reported issue in this script: SC2086:info:107:97: Double quote to prevent globbing and word splitting

(shellcheck)

🪛 Shellcheck (0.11.0)

rust/scripts/ci/generate-workspace-changelog.sh

[warning] 146-146: Declare and assign separately to avoid masking return values.

(SC2155)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (59)

GitHub Check: yarn-test
GitHub Check: infra-test
GitHub Check: Update Release PR
GitHub Check: cli-evm-e2e-matrix (warp-extend-config)
GitHub Check: cli-evm-e2e-matrix (warp-send)
GitHub Check: cli-evm-e2e-matrix (warp-check-1)
GitHub Check: cli-evm-e2e-matrix (warp-check-5)
GitHub Check: cli-evm-e2e-matrix (warp-read)
GitHub Check: cli-evm-e2e-matrix (warp-rebalancer)
GitHub Check: cli-evm-e2e-matrix (warp-extend-basic)
GitHub Check: cli-evm-e2e-matrix (warp-deploy-1)
GitHub Check: cli-evm-e2e-matrix (warp-apply-2)
GitHub Check: cli-evm-e2e-matrix (warp-deploy-2)
GitHub Check: cli-evm-e2e-matrix (warp-init)
GitHub Check: cli-evm-e2e-matrix (warp-apply-submitters)
GitHub Check: cli-evm-e2e-matrix (warp-check-2)
GitHub Check: cli-evm-e2e-matrix (warp-extend-recovery)
GitHub Check: cli-evm-e2e-matrix (warp-bridge-1)
GitHub Check: cli-evm-e2e-matrix (relay)
GitHub Check: cli-evm-e2e-matrix (warp-check-4)
GitHub Check: cli-evm-e2e-matrix (warp-bridge-2)
GitHub Check: cli-evm-e2e-matrix (warp-check-3)
GitHub Check: cli-evm-e2e-matrix (core-init)
GitHub Check: cli-evm-e2e-matrix (warp-apply-1)
GitHub Check: cli-evm-e2e-matrix (core-deploy)
GitHub Check: cli-evm-e2e-matrix (warp-apply-ism-updates)
GitHub Check: cli-evm-e2e-matrix (core-check)
GitHub Check: cli-evm-e2e-matrix (core-read)
GitHub Check: cli-evm-e2e-matrix (core-apply)
GitHub Check: env-test-matrix (mainnet3, optimism, igp)
GitHub Check: env-test-matrix (testnet4, sepolia, core)
GitHub Check: env-test-matrix (mainnet3, inevm, igp)
GitHub Check: env-test-matrix (mainnet3, inevm, core)
GitHub Check: cosmos-sdk-e2e-run
GitHub Check: env-test-matrix (mainnet3, arbitrum, core)
GitHub Check: env-test-matrix (mainnet3, optimism, core)
GitHub Check: env-test-matrix (mainnet3, arbitrum, igp)
GitHub Check: env-test-matrix (mainnet3, ethereum, core)
GitHub Check: cli-cosmos-e2e-matrix (warp-read)
GitHub Check: env-test-matrix (mainnet3, ethereum, igp)
GitHub Check: cli-cosmos-e2e-matrix (core-check)
GitHub Check: cli-cross-chain-e2e-matrix (warp-deploy)
GitHub Check: cli-cosmos-e2e-matrix (core-deploy)
GitHub Check: cli-cosmos-e2e-matrix (core-apply)
GitHub Check: cli-install-test-run
GitHub Check: cli-cosmos-e2e-matrix (core-read)
GitHub Check: cli-cosmos-e2e-matrix (warp-deploy)
GitHub Check: cli-cross-chain-e2e-matrix (warp-apply)
GitHub Check: cli-radix-e2e-matrix (core-deploy)
GitHub Check: build-and-push-to-gcr
GitHub Check: lander-coverage
GitHub Check: lint-rs
GitHub Check: test-rs
GitHub Check: e2e-matrix (starknet)
GitHub Check: e2e-matrix (evm)
GitHub Check: e2e-matrix (sealevel)
GitHub Check: e2e-matrix (cosmosnative)
GitHub Check: e2e-matrix (radix)
GitHub Check: e2e-matrix (cosmwasm)

🔇 Additional comments (6)

rust/main/hyperlane-metric/Cargo.toml (1)

18-18: Looks good—workspace dependency alignment.

This brings url in line with the rest of your dependencies, using the workspace-managed version instead of keeping it separate. Keeps things tidy in one place, yeah? Consistent with how the rest of the crate handles its deps.

rust/scripts/ci/update-workspace-version.sh (1)

1-41: LGTM! This script is straightforward and solid—validates its single argument, computes paths cleanly, and uses an awk state machine to find the [workspace.package] section and replace the version. The error handling is in place, and the temp file + move pattern is the right approach to avoid partial writes.

rust/scripts/ci/determine-next-version.sh (1)

1-105: Logic looks solid. Parses conventional commits reasonably—breaking changes bump major, features/refactors bump minor, fixes bump patch. The commit body check for "BREAKING CHANGE:" is nice for catching footer-style breaking declarations. One minor note: you're classifying "chore" as a minor bump, which is a design choice; some projects treat chores as patch-only, but this is a policy call that's clearly documented in your comments.

rust/scripts/ci/generate-workspace-changelog.sh (1)

1-251: Overall: Well-structured and thoughtful. The script handles workspace filtering, commit categorization, and both display and file-write modes nicely. The state machine for commit range defaults (lines 64-72) is clean, and the categorization logic—mapping changed files to workspace members—is the right approach. The prepend-and-preserve pattern for CHANGELOG.md updates (lines 203-211) is solid. One thought: you're using sort -u to deduplicate commit messages, which assumes messages are unique; that's reasonable for conventional commits, but if you ever have duplicates, they'll be silently squashed.

.github/workflows/rust-release.yml (2)

33-97: check-release-status job is well-reasoned. It cleanly separates change detection from version-changed detection, which lets the release-pr job always run on changes (to keep the PR fresh) while publish only fires if the version actually bumped. The script invocations are clean, and fallback logic for "first release" (no prior tag) is handled.

249-374: publish job: logic is sound, prerelease handling is thoughtful. The job correctly gates on main + either push with version bump or manual dispatch. The prerelease logic auto-generates preview.N when invoked manually without a suffix, which is nice UX. The commit range adjustment (lines 321–325) to exclude the version-bump commit for stable releases makes sense.

Two small observations:

Line 317: git describe --tags --abbrev=0 --match "agents-v*" 2>/dev/null || echo "" will find the most recent tag. If you have other tags, consider being more explicit (e.g., ensuring no non-agent tags sneak in), but for a focused agents release, this is fine.

Lines 337–350: Using GitHub's auto-generated release notes to extract new contributors is clever and saves manual effort. The regex to extract the section (line 345) assumes a standard format; if GitHub's format changes, this could break silently. Consider adding a comment or logging if the extraction fails (though it's gracefully optional).

Overall, the workflow orchestrates well and covers the main release scenarios.

Can you confirm that the custom runner label depot-ubuntu-latest on lines 35, 100, and 251 is intentional? Actionlint flags it as unknown, but it's likely a custom self-hosted runner label that's defined in your GitHub organization settings.

coderabbitai

Actionable comments posted: 0

♻️ Duplicate comments (1)

.github/workflows/rust-release.yml (1)
7-7: Remove test branch before merging.

Line 7 includes pb/rust-release-cargo with a testing comment. There's already a past review note flagging this for removal before merge.

Remove the test branch from the triggers:
  push:
    branches:
      - main
-     - pb/rust-release-cargo # for testing
    paths:

🧹 Nitpick comments (4)

.github/workflows/rust-release.yml (4)
156-171: Cargo.lock updates are overly broad; consider workspace-scoped updates.

The job updates both rust/main/Cargo.lock and rust/sealevel/Cargo.lock unconditionally. If only rust/main agents changed, updating sealevel unnecessarily can create spurious diffs.

Consider only updating the workspace that changed, or document why both must always be updated together.

219-225: Consider error handling for gh CLI failures.

If gh pr list or gh pr create fails (network issues, auth problems), the workflow continues silently. The 2>/dev/null suppression hides real errors.

Consider logging failures and explicitly handling them, or at minimum validate $EXISTING_PR is non-empty before attempting edit.

Apply this safety check:
  # Check if PR already exists
  EXISTING_PR=$(gh pr list --head "$BRANCH_NAME" --json number --jq '.[0].number' 2>/dev/null || echo "")

  if [ -n "$EXISTING_PR" ]; then
    echo "Updating existing PR #$EXISTING_PR"
    gh pr edit "$EXISTING_PR" \
      --title "release: agents v${NEW_VERSION}" \
      --body "$PR_BODY"
+   if [ $? -ne 0 ]; then
+     echo "Error updating PR #$EXISTING_PR" >&2
+     exit 1
+   fi
286-292: Fragile preview counter extraction could fail on unexpected tag formats.

Line 290's sed pattern extracts the preview number from tags like agents-v1.2.3-preview.5. If tag format ever changes or there's an outlier, the pattern breaks silently.

Consider adding validation:
  PREVIEW_NUM=$(echo "$LAST_PREVIEW" | sed 's/.*preview\.$[0-9]*$/\1/')
+ if ! [[ "$PREVIEW_NUM" =~ ^[0-9]+$ ]]; then
+   echo "Error: Could not parse preview number from $LAST_PREVIEW" >&2
+   exit 1
+ fi
342-357: GitHub API error silenced; release notes incomplete if API fails.

The gh api call to generate release notes suppresses errors with 2>/dev/null. If this fails due to network or auth issues, the release will have no "New Contributors" section but the job continues.

For a user-facing release, consider:
  AUTO_NOTES=$(gh api --method POST "/repos/${{ github.repository }}/releases/generate-notes" \
    -f tag_name="$TAG_NAME" \
    -f target_commitish="$COMMIT_RANGE_END" \
    -f previous_tag_name="$PREV_TAG" \
+   --jq '.body' 2>&1 || echo "API_FAILED")
-   --jq '.body' 2>/dev/null || echo "")
+
+ if [ "$AUTO_NOTES" = "API_FAILED" ]; then
+   echo "Warning: Could not generate auto release notes, continuing without new contributors section" >&2
+ fi
This makes the failure visible in logs.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 957dfee and af5206e.

📒 Files selected for processing (1)

.github/workflows/rust-release.yml (1 hunks)

🧰 Additional context used

🧠 Learnings (10)

📓 Common learnings

Learnt from: paulbalaji
Repo: hyperlane-xyz/hyperlane-monorepo PR: 6943
File: rust/main/config/mainnet_config.json:965-965
Timestamp: 2025-08-26T13:46:37.695Z
Learning: In the repository hyperlane-xyz/hyperlane-monorepo, skip reviewing the file rust/main/config/testnet_config.json in future code reviews as requested by paulbalaji.

Learnt from: paulbalaji
Repo: hyperlane-xyz/hyperlane-monorepo PR: 6943
File: rust/main/config/mainnet_config.json:965-965
Timestamp: 2025-08-26T13:46:37.695Z
Learning: In the repository hyperlane-xyz/hyperlane-monorepo, skip reviewing the file rust/main/config/mainnet_config.json in future code reviews as requested by paulbalaji.

📚 Learning: 2025-09-02T18:44:06.598Z

Learnt from: CR
Repo: hyperlane-xyz/hyperlane-monorepo PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-09-02T18:44:06.598Z
Learning: Applies to rust/main/agents/relayer/**/src/**/*.rs : Maintain relayer agent Rust sources under rust/main/agents/relayer

Applied to files:

.github/workflows/rust-release.yml

📚 Learning: 2025-09-02T18:44:06.598Z

Learnt from: CR
Repo: hyperlane-xyz/hyperlane-monorepo PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-09-02T18:44:06.598Z
Learning: Applies to rust/main/agents/validator/**/src/**/*.rs : Maintain validator agent Rust sources under rust/main/agents/validator

Applied to files:

.github/workflows/rust-release.yml

📚 Learning: 2025-09-02T18:44:06.598Z

Learnt from: CR
Repo: hyperlane-xyz/hyperlane-monorepo PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-09-02T18:44:06.598Z
Learning: Applies to rust/main/agents/scraper/**/src/**/*.rs : Maintain scraper agent Rust sources under rust/main/agents/scraper

Applied to files:

.github/workflows/rust-release.yml

📚 Learning: 2025-09-02T18:44:06.598Z

Learnt from: CR
Repo: hyperlane-xyz/hyperlane-monorepo PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-09-02T18:44:06.598Z
Learning: Applies to rust/main/chains/{hyperlane-ethereum,hyperlane-cosmos,hyperlane-sealevel,hyperlane-fuel}/**/src/**/*.rs : Keep chain support implementations within rust/main/chains/{hyperlane-ethereum,hyperlane-cosmos,hyperlane-sealevel,hyperlane-fuel}

Applied to files:

.github/workflows/rust-release.yml

📚 Learning: 2025-09-02T18:44:06.598Z

Learnt from: CR
Repo: hyperlane-xyz/hyperlane-monorepo PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-09-02T18:44:06.598Z
Learning: Applies to rust/main/config/** : Store all chain configuration files under rust/main/config so agents can auto-discover them

Applied to files:

.github/workflows/rust-release.yml

📚 Learning: 2025-08-26T13:46:37.695Z

Learnt from: paulbalaji
Repo: hyperlane-xyz/hyperlane-monorepo PR: 6943
File: rust/main/config/mainnet_config.json:965-965
Timestamp: 2025-08-26T13:46:37.695Z
Learning: In the repository hyperlane-xyz/hyperlane-monorepo, skip reviewing the file rust/main/config/mainnet_config.json in future code reviews as requested by paulbalaji.

Applied to files:

.github/workflows/rust-release.yml

📚 Learning: 2025-08-26T13:46:37.695Z

Learnt from: paulbalaji
Repo: hyperlane-xyz/hyperlane-monorepo PR: 6943
File: rust/main/config/mainnet_config.json:965-965
Timestamp: 2025-08-26T13:46:37.695Z
Learning: In the repository hyperlane-xyz/hyperlane-monorepo, skip reviewing the file rust/main/config/testnet_config.json in future code reviews as requested by paulbalaji.

Applied to files:

.github/workflows/rust-release.yml

📚 Learning: 2025-08-26T13:45:52.227Z

Learnt from: paulbalaji
Repo: hyperlane-xyz/hyperlane-monorepo PR: 6943
File: rust/main/config/testnet_config.json:34-35
Timestamp: 2025-08-26T13:45:52.227Z
Learning: Skip reviewing mainnet_config.json and testnet_config.json configuration files in typescript/infra/config/ and rust/main/config/ directories as requested by paulbalaji to reduce review noise.

Applied to files:

.github/workflows/rust-release.yml

📚 Learning: 2025-09-02T18:44:06.598Z

Learnt from: CR
Repo: hyperlane-xyz/hyperlane-monorepo PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-09-02T18:44:06.598Z
Learning: Applies to rust/main/{hyperlane-core,hyperlane-base}/**/src/**/*.rs : Keep shared Rust core crates in rust/main/{hyperlane-core,hyperlane-base}

Applied to files:

.github/workflows/rust-release.yml

🪛 actionlint (1.7.8)

.github/workflows/rust-release.yml

35-35: label "depot-ubuntu-latest" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2025", "windows-2022", "windows-11-arm", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-24.04-arm", "ubuntu-22.04", "ubuntu-22.04-arm", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-26-xlarge", "macos-26", "macos-15-intel", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

100-100: label "depot-ubuntu-latest" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2025", "windows-2022", "windows-11-arm", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-24.04-arm", "ubuntu-22.04", "ubuntu-22.04-arm", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-26-xlarge", "macos-26", "macos-15-intel", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

251-251: label "depot-ubuntu-latest" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2025", "windows-2022", "windows-11-arm", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-24.04-arm", "ubuntu-22.04", "ubuntu-22.04-arm", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-26-xlarge", "macos-26", "macos-15-intel", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (59)

GitHub Check: infra-test
GitHub Check: yarn-test
GitHub Check: Update Release PR
GitHub Check: cli-evm-e2e-matrix (warp-send)
GitHub Check: cli-evm-e2e-matrix (warp-extend-recovery)
GitHub Check: cli-evm-e2e-matrix (warp-extend-basic)
GitHub Check: cli-evm-e2e-matrix (warp-deploy-2)
GitHub Check: cli-evm-e2e-matrix (warp-deploy-1)
GitHub Check: cli-evm-e2e-matrix (warp-read)
GitHub Check: cli-evm-e2e-matrix (warp-rebalancer)
GitHub Check: cli-evm-e2e-matrix (warp-init)
GitHub Check: cli-evm-e2e-matrix (warp-check-5)
GitHub Check: cli-evm-e2e-matrix (warp-bridge-1)
GitHub Check: cli-evm-e2e-matrix (warp-extend-config)
GitHub Check: cli-evm-e2e-matrix (warp-check-4)
GitHub Check: cli-evm-e2e-matrix (warp-check-1)
GitHub Check: cli-evm-e2e-matrix (core-read)
GitHub Check: cli-evm-e2e-matrix (warp-apply-ism-updates)
GitHub Check: cli-evm-e2e-matrix (warp-check-3)
GitHub Check: cli-evm-e2e-matrix (core-apply)
GitHub Check: cli-evm-e2e-matrix (warp-bridge-2)
GitHub Check: cli-evm-e2e-matrix (warp-check-2)
GitHub Check: cli-evm-e2e-matrix (warp-apply-1)
GitHub Check: cli-evm-e2e-matrix (core-deploy)
GitHub Check: cli-evm-e2e-matrix (warp-apply-submitters)
GitHub Check: env-test-matrix (mainnet3, inevm, core)
GitHub Check: env-test-matrix (mainnet3, optimism, core)
GitHub Check: cli-evm-e2e-matrix (relay)
GitHub Check: cli-evm-e2e-matrix (warp-apply-2)
GitHub Check: env-test-matrix (mainnet3, inevm, igp)
GitHub Check: cli-evm-e2e-matrix (core-init)
GitHub Check: cli-evm-e2e-matrix (core-check)
GitHub Check: env-test-matrix (mainnet3, arbitrum, igp)
GitHub Check: env-test-matrix (mainnet3, arbitrum, core)
GitHub Check: env-test-matrix (mainnet3, optimism, igp)
GitHub Check: env-test-matrix (testnet4, sepolia, core)
GitHub Check: env-test-matrix (mainnet3, ethereum, core)
GitHub Check: env-test-matrix (mainnet3, ethereum, igp)
GitHub Check: cosmos-sdk-e2e-run
GitHub Check: cli-cosmos-e2e-matrix (core-read)
GitHub Check: cli-cosmos-e2e-matrix (core-check)
GitHub Check: cli-cosmos-e2e-matrix (warp-deploy)
GitHub Check: cli-cosmos-e2e-matrix (warp-read)
GitHub Check: cli-cosmos-e2e-matrix (core-deploy)
GitHub Check: cli-cosmos-e2e-matrix (core-apply)
GitHub Check: cli-install-test-run
GitHub Check: cli-cross-chain-e2e-matrix (warp-apply)
GitHub Check: cli-cross-chain-e2e-matrix (warp-deploy)
GitHub Check: cli-radix-e2e-matrix (core-deploy)
GitHub Check: build-and-push-to-gcr
GitHub Check: e2e-matrix (radix)
GitHub Check: e2e-matrix (evm)
GitHub Check: e2e-matrix (starknet)
GitHub Check: e2e-matrix (cosmwasm)
GitHub Check: e2e-matrix (cosmosnative)
GitHub Check: e2e-matrix (sealevel)
GitHub Check: lint-rs
GitHub Check: lander-coverage
GitHub Check: test-rs

🔇 Additional comments (2)

.github/workflows/rust-release.yml (2)

35-35: Verify custom runner label.

The runner label depot-ubuntu-latest is flagged by actionlint as unknown. If this is a custom label for a self-hosted runner or internal Depot service, it's fine; otherwise, consider switching to ubuntu-latest.

Can you confirm depot-ubuntu-latest is configured in your GitHub Actions environment (either as a custom label in actionlint.yaml or as an internal runner)?

1-31: Well-structured release workflow with clear job orchestration.

The three-job pipeline (check → release-pr → publish) provides good separation of concerns. Outputs flow appropriately between jobs, and conditionals prevent unnecessary execution. Nice touch supporting both automated pushes and manual workflow_dispatch for prerelease testing.

paulbalaji · 2025-11-05T16:51:10Z

stable releases:

PR update logic works here: https://github.com/hyperlane-xyz/hyperlane-monorepo/actions/runs/19109411718/job/54602249541
generated PR here: release: agents v1.6.0 #7192

preview releases:

test draft publish works here: https://github.com/hyperlane-xyz/hyperlane-monorepo/actions/runs/19109435009
example preview release here: https://github.com/hyperlane-xyz/hyperlane-monorepo/releases/tag/agents-v1.5.0-test.1

… rust changes

coderabbitai

Actionable comments posted: 1

🧹 Nitpick comments (1)

.github/workflows/rust-release.yml (1)

164-170: Cargo lock updates use fallback logic that could cause inconsistency.

The workflow tries cargo update --offline first, then falls back to online mode. This defensive approach is thoughtful, but it means the lock files could differ depending on network conditions—if offline mode works one time and fails the next, you get different results.

This isn't broken, just worth knowing. If consistency is critical, consider being explicit about the mode you want, or at least logging which mode was used so you know what to expect.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between af5206e and 791b9d4.

📒 Files selected for processing (1)

.github/workflows/rust-release.yml (1 hunks)

🧰 Additional context used

🧠 Learnings (9)

📚 Learning: 2025-09-02T18:44:06.598Z

Learnt from: CR
Repo: hyperlane-xyz/hyperlane-monorepo PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-09-02T18:44:06.598Z
Learning: Applies to rust/main/agents/relayer/**/src/**/*.rs : Maintain relayer agent Rust sources under rust/main/agents/relayer

Applied to files:

.github/workflows/rust-release.yml

📚 Learning: 2025-09-02T18:44:06.598Z

Learnt from: CR
Repo: hyperlane-xyz/hyperlane-monorepo PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-09-02T18:44:06.598Z
Learning: Applies to rust/main/agents/validator/**/src/**/*.rs : Maintain validator agent Rust sources under rust/main/agents/validator

Applied to files:

.github/workflows/rust-release.yml

📚 Learning: 2025-09-02T18:44:06.598Z

Learnt from: CR
Repo: hyperlane-xyz/hyperlane-monorepo PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-09-02T18:44:06.598Z
Learning: Applies to rust/main/agents/scraper/**/src/**/*.rs : Maintain scraper agent Rust sources under rust/main/agents/scraper

Applied to files:

.github/workflows/rust-release.yml

📚 Learning: 2025-09-02T18:44:06.598Z

Learnt from: CR
Repo: hyperlane-xyz/hyperlane-monorepo PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-09-02T18:44:06.598Z
Learning: Applies to rust/main/chains/{hyperlane-ethereum,hyperlane-cosmos,hyperlane-sealevel,hyperlane-fuel}/**/src/**/*.rs : Keep chain support implementations within rust/main/chains/{hyperlane-ethereum,hyperlane-cosmos,hyperlane-sealevel,hyperlane-fuel}

Applied to files:

.github/workflows/rust-release.yml

📚 Learning: 2025-09-02T18:44:06.598Z

Learnt from: CR
Repo: hyperlane-xyz/hyperlane-monorepo PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-09-02T18:44:06.598Z
Learning: Applies to rust/main/config/** : Store all chain configuration files under rust/main/config so agents can auto-discover them

Applied to files:

.github/workflows/rust-release.yml

📚 Learning: 2025-08-26T13:46:37.695Z

Learnt from: paulbalaji
Repo: hyperlane-xyz/hyperlane-monorepo PR: 6943
File: rust/main/config/mainnet_config.json:965-965
Timestamp: 2025-08-26T13:46:37.695Z
Learning: In the repository hyperlane-xyz/hyperlane-monorepo, skip reviewing the file rust/main/config/mainnet_config.json in future code reviews as requested by paulbalaji.

Applied to files:

.github/workflows/rust-release.yml

📚 Learning: 2025-08-26T13:46:37.695Z

Learnt from: paulbalaji
Repo: hyperlane-xyz/hyperlane-monorepo PR: 6943
File: rust/main/config/mainnet_config.json:965-965
Timestamp: 2025-08-26T13:46:37.695Z
Learning: In the repository hyperlane-xyz/hyperlane-monorepo, skip reviewing the file rust/main/config/testnet_config.json in future code reviews as requested by paulbalaji.

Applied to files:

.github/workflows/rust-release.yml

📚 Learning: 2025-08-26T13:45:52.227Z

Learnt from: paulbalaji
Repo: hyperlane-xyz/hyperlane-monorepo PR: 6943
File: rust/main/config/testnet_config.json:34-35
Timestamp: 2025-08-26T13:45:52.227Z
Learning: Skip reviewing mainnet_config.json and testnet_config.json configuration files in typescript/infra/config/ and rust/main/config/ directories as requested by paulbalaji to reduce review noise.

Applied to files:

.github/workflows/rust-release.yml

📚 Learning: 2025-09-02T18:44:06.598Z

Learnt from: CR
Repo: hyperlane-xyz/hyperlane-monorepo PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-09-02T18:44:06.598Z
Learning: Applies to rust/main/{hyperlane-core,hyperlane-base}/**/src/**/*.rs : Keep shared Rust core crates in rust/main/{hyperlane-core,hyperlane-base}

Applied to files:

.github/workflows/rust-release.yml

🪛 actionlint (1.7.8)

.github/workflows/rust-release.yml

34-34: label "depot-ubuntu-latest" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2025", "windows-2022", "windows-11-arm", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-24.04-arm", "ubuntu-22.04", "ubuntu-22.04-arm", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-26-xlarge", "macos-26", "macos-15-intel", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

99-99: label "depot-ubuntu-latest" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2025", "windows-2022", "windows-11-arm", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-24.04-arm", "ubuntu-22.04", "ubuntu-22.04-arm", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-26-xlarge", "macos-26", "macos-15-intel", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

250-250: label "depot-ubuntu-latest" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2025", "windows-2022", "windows-11-arm", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-24.04-arm", "ubuntu-22.04", "ubuntu-22.04-arm", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-26-xlarge", "macos-26", "macos-15-intel", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (59)

GitHub Check: infra-test
GitHub Check: yarn-test
GitHub Check: cli-evm-e2e-matrix (warp-extend-basic)
GitHub Check: cli-evm-e2e-matrix (warp-read)
GitHub Check: cli-evm-e2e-matrix (warp-extend-recovery)
GitHub Check: cli-evm-e2e-matrix (warp-rebalancer)
GitHub Check: cli-evm-e2e-matrix (warp-init)
GitHub Check: cli-evm-e2e-matrix (warp-send)
GitHub Check: cli-evm-e2e-matrix (warp-check-5)
GitHub Check: cli-evm-e2e-matrix (warp-deploy-1)
GitHub Check: cli-evm-e2e-matrix (warp-check-4)
GitHub Check: cli-evm-e2e-matrix (warp-extend-config)
GitHub Check: cli-evm-e2e-matrix (warp-deploy-2)
GitHub Check: cli-evm-e2e-matrix (warp-apply-submitters)
GitHub Check: cli-evm-e2e-matrix (warp-bridge-1)
GitHub Check: cli-evm-e2e-matrix (warp-bridge-2)
GitHub Check: cli-evm-e2e-matrix (warp-check-3)
GitHub Check: cli-evm-e2e-matrix (warp-check-1)
GitHub Check: cli-evm-e2e-matrix (warp-check-2)
GitHub Check: cli-evm-e2e-matrix (warp-apply-ism-updates)
GitHub Check: cli-evm-e2e-matrix (warp-apply-2)
GitHub Check: cli-evm-e2e-matrix (warp-apply-1)
GitHub Check: cli-evm-e2e-matrix (core-init)
GitHub Check: cli-evm-e2e-matrix (relay)
GitHub Check: cli-evm-e2e-matrix (core-check)
GitHub Check: cli-evm-e2e-matrix (core-read)
GitHub Check: cli-evm-e2e-matrix (core-deploy)
GitHub Check: cli-evm-e2e-matrix (core-apply)
GitHub Check: cli-cosmos-e2e-matrix (core-deploy)
GitHub Check: cli-cosmos-e2e-matrix (warp-read)
GitHub Check: cli-cosmos-e2e-matrix (warp-deploy)
GitHub Check: cli-cosmos-e2e-matrix (core-read)
GitHub Check: cli-cosmos-e2e-matrix (core-check)
GitHub Check: cli-cosmos-e2e-matrix (core-apply)
GitHub Check: env-test-matrix (testnet4, sepolia, core)
GitHub Check: cli-cross-chain-e2e-matrix (warp-deploy)
GitHub Check: cli-cross-chain-e2e-matrix (warp-apply)
GitHub Check: env-test-matrix (mainnet3, optimism, igp)
GitHub Check: env-test-matrix (mainnet3, inevm, core)
GitHub Check: env-test-matrix (mainnet3, ethereum, core)
GitHub Check: env-test-matrix (mainnet3, inevm, igp)
GitHub Check: env-test-matrix (mainnet3, optimism, core)
GitHub Check: env-test-matrix (mainnet3, ethereum, igp)
GitHub Check: env-test-matrix (mainnet3, arbitrum, igp)
GitHub Check: env-test-matrix (mainnet3, arbitrum, core)
GitHub Check: coverage-run
GitHub Check: cosmos-sdk-e2e-run
GitHub Check: cli-radix-e2e-matrix (core-deploy)
GitHub Check: cli-install-test-run
GitHub Check: e2e-matrix (radix)
GitHub Check: e2e-matrix (sealevel)
GitHub Check: e2e-matrix (evm)
GitHub Check: e2e-matrix (starknet)
GitHub Check: e2e-matrix (cosmosnative)
GitHub Check: e2e-matrix (cosmwasm)
GitHub Check: lander-coverage
GitHub Check: test-rs
GitHub Check: lint-rs
GitHub Check: build-and-push-to-gcr

🔇 Additional comments (5)

.github/workflows/rust-release.yml (5)
1-30: Workflow structure looks solid, but there's a guardian standing in the way.

The permissions, concurrency controls, and job orchestration are well laid out. The trigger paths are sensible too—keeps things focused on the agents territory. Just need to address a few things lurking in the swamp below.

278-303: Version logic for prerelease is well defended.

The prerelease suffix handling is solid—auto-generates preview.N when no suffix is provided, checks for existing preview tags to increment correctly, and doesn't let you accidentally overwrite a version. Good attention to detail.

308-320: Tag and release conflict checks are thorough.

The workflow refuses to overwrite existing tags or releases (lines 309–312 and 316–319). That's the right move—no silent failures that would corrupt your release history. The error messages are clear too.

325-337: Commit range logic for changelog generation is thoughtful.

Using HEAD~1 for stable releases (line 330) to exclude the version bump commit itself, and HEAD for prereleases (line 328) where there's no automatic version bump, shows good understanding of the release flow. The changelog won't include its own release commit.

108-121: Fix error handling gaps: validate outputs and remove silent failure suppressors.

The scripts have solid foundations with set -euo pipefail, but there are three critical issues:

get-latest-agents-tag.sh masks errors with || true — If git tag fails for any reason (repo issues, network problems), the script returns empty silently instead of failing. The workflow should fail fast here, not quietly proceed with a missing tag.

Workflow lacks output validation — After extracting NEW_VERSION and BUMP_TYPE (lines 116–117), there's no check that these are non-empty or valid. If determine-next-version.sh outputs fewer than 2 lines or malformed data, the variables could be empty. They're then used directly in git commands, PR creation, and release tag creation without validation.

Workflow has no set -e in shell blocks — Without set -e at the top of each shell run block, individual script failures may not halt workflow progression.

Recommendations:
Remove || true from get-latest-agents-tag.sh (line with git tag command) so errors bubble up.
Add output validation in the workflow after line 117:
[ -n "$NEW_VERSION" ] || { echo "Error: Failed to determine new version" >&2; exit 1; }
[ -n "$BUMP_TYPE" ] || { echo "Error: Failed to determine bump type" >&2; exit 1; }
Add set -e at the start of each shell run block in the workflow to fail fast on any error.

.github/workflows/rust-release.yml

Signed-off-by: pbio <[email protected]>

github-project-automation bot added this to Hyperlane Tasks Oct 13, 2025

github-project-automation bot moved this to In Review in Hyperlane Tasks Oct 13, 2025

paulbalaji changed the title ~~feat: agents release workflow (alt cargo.toml way)~~ feat: agents release workflow Oct 13, 2025

paulbalaji force-pushed the pb/rust-release-cargo branch 10 times, most recently from 72c77a4 to 3b46cf3 Compare October 13, 2025 20:07

paulbalaji commented Oct 14, 2025

View reviewed changes

.github/workflows/rust-release.yml Outdated Show resolved Hide resolved

paulbalaji marked this pull request as ready for review October 14, 2025 11:59

paulbalaji requested review from ameten, kamiyaa and yjamin as code owners October 14, 2025 11:59

coderabbitai bot reviewed Oct 14, 2025

View reviewed changes

.github/workflows/rust-docker.yml Outdated Show resolved Hide resolved

coderabbitai bot reviewed Oct 14, 2025

View reviewed changes

.github/workflows/rust-docker.yml Show resolved Hide resolved

coderabbitai bot reviewed Oct 14, 2025

View reviewed changes

.github/workflows/rust-docker.yml Outdated Show resolved Hide resolved

.github/workflows/rust-docker.yml Outdated Show resolved Hide resolved

coderabbitai bot reviewed Oct 14, 2025

View reviewed changes

paulbalaji force-pushed the pb/rust-release-cargo branch from 4a50585 to 076c37e Compare October 14, 2025 16:19

coderabbitai bot reviewed Oct 14, 2025

View reviewed changes

paulbalaji force-pushed the pb/rust-release-cargo branch from 076c37e to 79ac150 Compare October 29, 2025 15:36

coderabbitai bot reviewed Oct 29, 2025

View reviewed changes

rust/scripts/generate-workspace-changelog.sh Outdated Show resolved Hide resolved

paulbalaji requested a review from xeno097 October 29, 2025 15:47

paulbalaji added 12 commits November 5, 2025 11:15

don't need short hash since messages already contain PR number

a38b110

manual runs are prerelease only

c561e84

improved semver tagging

431471c

coderabbit

009d725

save major.minor for stable releases only

af5e324

update actions versions

79d06b7

add pb/rust-release just for testing

2f010d4

refactor with helper scripts

d22fbe6

coderabbit

66e8695

move utils from rust/scripts --> rust/scripts/ci

2899175

coderabbit

0b433c2

beta --> preview, and check if tag/release already exists

957dfee

paulbalaji force-pushed the pb/rust-release-cargo branch from 322c54b to 957dfee Compare November 5, 2025 16:15

coderabbitai bot reviewed Nov 5, 2025

View reviewed changes

paulbalaji added 2 commits November 5, 2025 11:44

fix publish condition

af5206e

remove testing branch config

80665e5

coderabbitai bot reviewed Nov 5, 2025

View reviewed changes

remove "new contributors" because github api doesn't restrict to only…

791b9d4

… rust changes

coderabbitai bot reviewed Nov 5, 2025

View reviewed changes

.github/workflows/rust-release.yml Outdated Show resolved Hide resolved

coderabbit fix

844744d

Signed-off-by: pbio <[email protected]>

paulbalaji added this pull request to the merge queue Nov 5, 2025

Merged via the queue into main with commit 901cb5a Nov 5, 2025
86 checks passed

paulbalaji deleted the pb/rust-release-cargo branch November 5, 2025 17:36

github-project-automation bot moved this from In Review to Done in Hyperlane Tasks Nov 5, 2025

github-actions bot mentioned this pull request Nov 5, 2025

release: agents v1.6.0 #7329

Merged

yorhodes mentioned this pull request Nov 5, 2025

fix: improve cctp v2 offchain lookup service #7334

Open

github-actions bot mentioned this pull request Nov 6, 2025

release: agents v1.7.0 #7338

Draft

coderabbitai bot mentioned this pull request Nov 6, 2025

fix(ci): rust release nits #7339

Open

feat: agents release workflow #7194

feat: agents release workflow #7194

Uh oh!

Conversation

paulbalaji commented Oct 13, 2025 • edited by coderabbitai bot Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Description

Drive-by changes

Related issues

Backward compatibility

Testing

Summary by CodeRabbit

Uh oh!

changeset-bot bot commented Oct 13, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

⚠️ No Changeset found

Uh oh!

codecov bot commented Oct 13, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Codecov Report

Uh oh!

Uh oh!

coderabbitai bot commented Oct 14, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Rate limit exceeded

Walkthrough

Changes

Sequence Diagram(s)

Estimated code review effort

Suggested reviewers

Poem

Pre-merge checks and finishing touches

Uh oh!

coderabbitai bot left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

coderabbitai bot left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

coderabbitai bot left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

coderabbitai bot left a comment

Choose a reason for hiding this comment

Uh oh!

coderabbitai bot left a comment

Choose a reason for hiding this comment

Uh oh!

coderabbitai bot left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

coderabbitai bot left a comment

Choose a reason for hiding this comment

Uh oh!

coderabbitai bot left a comment

Choose a reason for hiding this comment

Uh oh!

paulbalaji commented Nov 5, 2025

Uh oh!

coderabbitai bot left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

paulbalaji commented Oct 13, 2025 •

edited by coderabbitai bot

Loading

changeset-bot bot commented Oct 13, 2025 •

edited

Loading

codecov bot commented Oct 13, 2025 •

edited

Loading

coderabbitai bot commented Oct 14, 2025 •

edited

Loading