Skip to content

build: bump melior from 0.26.4 to 0.26.7#280

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/cargo/melior-0.26.7
Closed

build: bump melior from 0.26.4 to 0.26.7#280
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/cargo/melior-0.26.7

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 16, 2026
edited
Loading

Bumps melior from 0.26.4 to 0.26.7.

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added dependencies Pull requests that update a dependency file rust Pull requests that update rust code labels Mar 16, 2026
@socket-security
Copy link

socket-security bot commented Mar 16, 2026
edited
Loading

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Updatedmelior@​0.26.4 ⏵ 0.26.710010093100100

View full report

@dependabot dependabot bot force-pushed the dependabot/cargo/melior-0.26.7 branch 6 times, most recently from a5b875e to b1d7b36 Compare March 20, 2026 10:00
@nebasuke nebasuke requested a review from hedgar2017 March 20, 2026 10:49
@nebasuke
Copy link
Member

nebasuke commented Mar 20, 2026

@hedgar2017 This one is more for you to review as it seems high impact. Not sure if we should do this bump, as it seems quite high impact. (It's still blocked on cooldown at the moment regardless, so no rush.)

@dependabot dependabot bot force-pushed the dependabot/cargo/melior-0.26.7 branch 3 times, most recently from 0ed7438 to 2a37f8f Compare March 20, 2026 11:42
@nebasuke nebasuke mentioned this pull request Mar 20, 2026
Closed
@dependabot dependabot bot force-pushed the dependabot/cargo/melior-0.26.7 branch 3 times, most recently from b43947d to c2bed0d Compare March 20, 2026 17:22
@hedgar2017
Copy link
Contributor

hedgar2017 commented Mar 22, 2026
edited
Loading

@hedgar2017 This one is more for you to review as it seems high impact. Not sure if we should do this bump, as it seems quite high impact. (It's still blocked on cooldown at the moment regardless, so no rush.)

Thanks! We should be targeting the latest melior, as it is apparently missing a couple of minor features and I'll probably contribute there or fork it eventually.

MLIR crates are gated with a feature and not present in non-MLIR builds that we ship in releases.

@nebasuke what happens if I merge it now and override the cooldown?

@nebasuke
Copy link
Member

nebasuke commented Mar 22, 2026

I'd say we should not do normal exceptions for cooldown, unless it's a security risk and you've spent some time vetting the upgrade (which is not really the scope of this upgrade).

Regardless, might be worth waiting a bit as melior is having quite a few releases at the moment including even newer ones, see https://crates.io/crates/melior/versions.

@dependabot dependabot bot force-pushed the dependabot/cargo/melior-0.26.7 branch 2 times, most recently from 1062a67 to 75f4884 Compare March 22, 2026 21:13
@hedgar2017
Copy link
Contributor

hedgar2017 commented Mar 23, 2026

@nebasuke in fact, we have to switch to main (or some kind of dev or forked branch) of melior and slang-solidity, so the solx integration can move along with its MLIR and Slang counterparts. It's the same process we have had with inkwell and llvm-sys.rs crates.
If you have another process in mind, please elaborate. Otherwise I'll start vetting melior, and AFAIU you're doing this for slang-solidity now so it must be fine too.

@dependabot dependabot bot force-pushed the dependabot/cargo/melior-0.26.7 branch from 75f4884 to de1abfb Compare March 24, 2026 15:01
@dependabot
build: bump melior from 0.26.4 to 0.26.7
089d612 
Bumps [melior](https://github.com/mlir-rs/melior) from 0.26.4 to 0.26.7.
- [Commits](https://github.com/mlir-rs/melior/commits)

---
updated-dependencies:
- dependency-name: melior
  dependency-version: 0.26.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/cargo/melior-0.26.7 branch from de1abfb to 089d612 Compare March 24, 2026 19:53
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Mar 25, 2026

Superseded by #306.

@dependabot dependabot bot closed this Mar 25, 2026
@dependabot dependabot bot deleted the dependabot/cargo/melior-0.26.7 branch March 25, 2026 03:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@hedgar2017 hedgar2017 hedgar2017 approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update rust code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@nebasuke @hedgar2017