Skip to content

chore(deps): update rust crate prost to 0.14 #114

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 27 commits into
base: main
Choose a base branch
from
Open

chore(deps): update rust crate prost to 0.14 #114

wants to merge 27 commits into from

Conversation

@red-hat-konflux
Copy link

@red-hat-konflux red-hat-konflux bot commented Sep 17, 2025
edited
Loading

This PR contains the following updates:

Package Type Update Change
prost workspace.dependencies minor 0.13 -> 0.14

Release Notes

tokio-rs/prost (prost)

v0.14.1

Compare Source

PROST! is a Protocol Buffers implementation for the Rust Language. prost generates simple, idiomatic Rust code from proto2 and proto3 files.

⚠️ Revert emission of rerun commands

Version 0.14.1 reverts the emission of rerun commands. Other than this change, it is identical to 0.14.0.

In version 0.14.0, prost-build began emitting rerun commands. While intended to improve build correctness, this change caused regressions for some users—for example, those generating protos from an includes directory. These edge cases are difficult to address reliably, so the change has been rolled back in 0.14.1.

For more details, see issue #​1296.

Breaking changes

  • prost: Relax Message Debug trait bound (#​1147)

    BREAKING CHANGE: trait Debug was a supertrait of trait Message. This is no longer required by prost. If your code relies on trait Debug being implemented for every impl Message, you must now explicitly state that you require both Debug and Message. For example: where M: Debug + Message

  • prost: Remove prost-derive feature (#​1247)

    BREAKING CHANGE: Feature flag prost-derive is renamed to derive. Please rename any usage of prost-derive feature in your Cargo.toml.

  • prost-build: Prevent repeated fields to be boxed (#​1237)

    BREAKING CHANGE: A repeated field that is manually marked as boxed was typed as Vec<Box<T>>. Those fields are now simply typed as Vec<T> to prevent double indirection. The boxed configuration is effectively ignored for repeated fields.

  • prost-build: Make type_name_domain cumulative (#​1228)

    BREAKING CHANGE: The configuration for domain names of messages is now cumulative. All calls to prost_build::Config::type_name_domain are now concatenated. The previous behavior was that only the arguments of the last call were used. If you do multiple calls to type_name_domain, you need to remove all but the last call to maintain the same behavior.

  • prost-build: Derive Eq and Hash trait for messages where possible (#​1175)

    BREAKING CHANGE: prost-build will automatically derive trait Eq and trait Hash for types where all field support those as well. If you manually impl Eq and/or impl Hash for generated types, then you need to remove the manual implementation. If you use type_attribute to derive(Eq) and/or derive(Hash), then you need to remove those.

Features

  • prost-types: Implement conversion Duration to/from chrono::TimeDelta (#​1236)
  • prost-build: Prepare for 2024 keyword gen (#​1257)

Dependencies

  • (deps) Update pulldown-cmark to 0.13 (#​1259)
  • (deps) update criterion requirement from 0.5 to 0.6 (#​1280)

Documentation

  • Update dead link LICENSE in prost-types/README.md (#​1262)

Styling

Testing

  • Run tests using edition 2024 (#​1254)
  • Run clippy with edition 2024 enabled (#​1256)

v0.14.0

Compare Source

PROST! is a Protocol Buffers implementation for the Rust Language. prost generates simple, idiomatic Rust code from proto2 and proto3 files.

Breaking changes

  • prost: Relax Message Debug trait bound (#​1147)

    BREAKING CHANGE: trait Debug was a supertrait of trait Message. This is no longer required by prost. If your code relies on trait Debug being implemented for every impl Message, you must now explicitly state that you require both Debug and Message. For example: where M: Debug + Message

  • prost: Remove prost-derive feature (#​1247)

    BREAKING CHANGE: Feature flag prost-derive is renamed to derive. Please rename any usage of prost-derive feature in your Cargo.toml.

  • prost-build: Emit rerun commands (#​1140)

    BREAKING CHANGE: Previously cargo assumed it had to rerun build.rs if any files in the project changed. prost-build will now emit rerun commands, which means only the explicitly marked files cause a rerun. If your build.rs is dependent on any other file paths than those given to prost-build, then your build.rs needs to emit rerun commands as well.

  • prost-build: Prevent repeated fields to be boxed (#​1237)

    BREAKING CHANGE: A repeated field that is manually marked as boxed was typed as Vec<Box<T>>. Those fields are now simply typed as Vec<T> to prevent double indirection. The boxed configuration is effectively ignored for repeated fields.

  • prost-build: Make type_name_domain cumulative (#​1228)

    BREAKING CHANGE: The configuration for domain names of messages is now cumulative. All calls to prost_build::Config::type_name_domain are now concatenated. The previous behavior was that only the arguments of the last call were used. If you do multiple calls to type_name_domain, you need to remove all but the last call to maintain the same behavior.

  • prost-build: Derive Eq and Hash trait for messages where possible (#​1175)

    BREAKING CHANGE: prost-build will automatically derive trait Eq and trait Hash for types where all field support those as well. If you manually impl Eq and/or impl Hash for generated types, then you need to remove the manual implementation. If you use type_attribute to derive(Eq) and/or derive(Hash), then you need to remove those.

Features

  • prost-types: Implement conversion Duration to/from chrono::TimeDelta (#​1236)
  • prost-build: Prepare for 2024 keyword gen (#​1257)

Dependencies

  • (deps) Update pulldown-cmark to 0.13 (#​1259)
  • (deps) update criterion requirement from 0.5 to 0.6 (#​1280)

Documentation

  • Update dead link LICENSE in prost-types/README.md (#​1262)

Styling

Testing

  • Run tests using edition 2024 (#​1254)
  • Run clippy with edition 2024 enabled (#​1256)

v0.13.5

Compare Source

PROST! is a Protocol Buffers implementation for the Rust Language. prost generates simple, idiomatic Rust code from proto2 and proto3 files.

Features

  • prost-types: Derive Arbitrary (#​1188)

Documentation

  • Use intra doc links instead of HTML tags (#​1219)

Dependencies

  • Update pulldown-cmark-to-cmark requirement from >=16, <=19 to >=16, <=20 (#​1206)
  • Update itertools requirement from >=0.10, <=0.13 to >=0.10, <=0.14 (#​1222)
  • Update petgraph requirement to include 0.7 (#​1226)
  • Update rand requirement from 0.8 to 0.9 (#​1233)
  • Bump clippy to 1.83 (#​1220)
  • Update flake.lock (#​1216)

Styling

Testing

  • default_enum_value: Move tests to separate module (#​1198)
  • nesting: Move tests to separate module (#​1218)
  • recursive_oneof: Move tests to separate module (#​1225)
  • boxed_field: Box an oneof field (#​1235)
  • groups: Move tests to separate module (#​1234)
  • default_string_escape: Move tests to separate module (#​1239)
  • Move DecodeError tests closer to the implementation (#​1227)

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

To execute skipped test pipelines write comment /ok-to-test.

This PR has been generated by MintMaker (powered by Renovate Bot).

lmilleri and others added 15 commits August 26, 2025 11:57
@lmilleri
Incorporated upstream v0.13.0 changes and re-applied downstream features
88b526b 
Git history will be rewritten to a fresh start
Next backport will be done as a rebase operation
(with "git push --force-with-lease" on the main downstream branch)

Note: Prometheus first PR has been cherry-picked

Signed-off-by: Leonardo Milleri <[email protected]>
@red-hat-konflux
chore(deps): update konflux references
0c1526e 
Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com>
@red-hat-konflux
chore(deps): update konflux references
155535f 
Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com>
@red-hat-konflux
chore(deps): update module golang.org/x/sys to v0.36.0
adb3648 
Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com>
@DGonzalezVillal @lmilleri
Add support for new EPYC generations and update VIRTEE SEV dependency
c10d4de 
Updated the VIRTEE SEV crate dependency in the verifier to version 6.1.0.
This release adds support for newer versions of the AMD attestation report.
Starting with version 3 of the report, we can identify the EPYC processor generation used by the host, allowing us to select the correct certificate chain for attestation verification.

Additional TCB fields introduced with the Turin generation are now supported.
We’ve also added logic to request the VCEK from the KDS for all supported generations.

To prevent ambiguity during attestation, we have bumped the minimum supported attestation report version to 3. Reports from earlier versions lack the necessary information to determine the correct certificate chain.

We removed some of the previous custom verification logic and now use the built-in verification methods provided by the SEV crate. This allows us to offload maintenance of verification logic and simplifies future updates—just a dependency bump should suffice.

Lastly, we refactored the certificate chain logic. Previously, we carried two chains—one from stored certs and another from user-provided input. We’ve now simplified this to use a single chain: if the user provides certs via extended attestation, those are used; otherwise, the verifier defaults to the stored certificates. Vendored Certs are still being loaded using a static lazylock as a hashmap when SNP is initialized, that way the verifier can grab the appropriate cert chain when needed for attestation without the need of additional memory copies. Can just reference it whenever it's needed.

Signed-off-by: DGonzalezVillal <[email protected]>
@DGonzalezVillal @lmilleri
Patch az_snp_vtpm to work with the SNP update.
52c0537 
Since the az_snp_vtpm verifier depends on both the az_snp_vtpm crate and the VIRTEE SEV crate, bumping the VIRTEE SEV version introduces a mismatch between the attestation report types generated by the Azure crate and the SEV crate. This commit updates the az_snp_vtpm verifier to rely solely on the report and certificates provided by the Azure SNP crate to avoid this mismatch.

Note: This change restores compatibility between az_snp_vtpm and the updated SEV crate, but does not add support for newer processor generations. To support those, the az_snp_vtpm crate will need to be updated to handle the newer attestation reports and integrate with the latest VIRTEE SEV release.

Signed-off-by: DGonzalezVillal <[email protected]>
@DGonzalezVillal @lmilleri
Bumping Dependencies for Guest-Components
c61bc6c 
Bumping the guest components dependency to support the latest snp
attestation. Also fixed async dependency issue between latest guest
components and Trustee.

Fixed attestation-service evidence.json for Generate Evidence
Dynamically=False test.

Added a rust test for that json evidence to confirm it's working without
having to launch e2e testing.

Also updated the test VLEK report and the test VLEK certificate to a supported
version.

Signed-off-by: DGonzalezVillal <[email protected]>
@yafu-1 @lmilleri
fix(verifier): Update az-vtpm crates and fix report verification
2c67803 
Update `az-snp-vtpm` and `az-tdx-vtpm` from `0.7.1` to `0.7.4` and fix
attestation report verification.

The key changes include:
- Replaced the signature verification logic that used `offset_of` and `bincode::serialize`
  with the new `report.write_bytes()` method provided by sev 6.2.1.
- Fixed report.chip_id usage by dereferencing array

Signed-off-by: Yan Fu <[email protected]>
@yafu-1 @mkulke @lmilleri
Update deps/verifier/src/az_snp_vtpm/mod.rs
a5e6661 
Co-authored-by: Magnus Kulke <[email protected]>
Signed-off-by: Yan Fu <[email protected]>
@red-hat-konflux
chore(deps): update konflux references
9ad245e 
Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com>
@lmilleri
Fix amd genoa attestation
4b6e735 
Bumped sev version to 6.2.1.
guest-components uses crate https://github.com/virtee/sev for interacting with the snp HW.
guest-components v0.12.0 and v0.13.0 use sev version = "4.0.0"
guest-components v0.14.0 uses sev version = "6.2.1"
sev 6.2.1 introduces a fix for attestation report version >=3

Signed-off-by: Leonardo Milleri <[email protected]>
@lmilleri
Merge pull request #108 from lmilleri/amd-processors-certs
cde8eb9 
Backport SNP upstream PRs and fix attestation genoa cpu
@lmilleri
update dependency go to v1.25.0
88a8bda 
Signed-off-by: Leonardo Milleri <[email protected]>
@lmilleri
Merge pull request #102 from openshift/konflux/mintmaker/main/go-1.x
fcb088d 
chore(deps): update dependency go to v1.25.0
@lmilleri
Merge pull request #107 from openshift/konflux/mintmaker/main/golang.…
9a91a9d 
…org-x-sys-0.x

chore(deps): update module golang.org/x/sys to v0.36.0
@lmilleri
Copy link

lmilleri commented Sep 18, 2025

/retest

red-hat-konflux bot and others added 12 commits September 18, 2025 08:36
@red-hat-konflux @lmilleri
chore(deps): update rust crate serde_qs to 0.15.0
abccdd3 
Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com>
@lmilleri
Merge pull request #117 from openshift/konflux/mintmaker/main/serde_q…
73815ff 
…s-0.x

chore(deps): update rust crate serde_qs to 0.15.0
@red-hat-konflux @lmilleri
chore(deps): update rust crate rstest to 0.26.0
f577ac8 
Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com>
@lmilleri
Merge pull request #116 from openshift/konflux/mintmaker/main/rstest-0.x
a85b878 
chore(deps): update rust crate rstest to 0.26.0
@lmilleri
Merge pull request #109 from openshift/konflux/references/main
d1ad634 
chore(deps): update konflux references
@lmilleri
Update regorus version
abd4f16 
Restored a Pr from mintmaker

Signed-off-by: Leonardo Milleri <[email protected]>
@lmilleri
Merge pull request #118 from openshift/konflux/mintmaker/main/regorus…
13fde96 
…-0.x

Update regorus version
@red-hat-konflux @lmilleri
chore(deps): update rust crate env_logger to 0.11.0
9c9610a 
Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com>
@lmilleri
Merge pull request #112 from openshift/konflux/mintmaker/main/env_log…
a2991c8 
…ger-0.x

chore(deps): update rust crate env_logger to 0.11.0
@red-hat-konflux @lmilleri
chore(deps): update rust crate config to 0.15.0
19596c6 
Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com>
@lmilleri
Merge pull request #111 from openshift/konflux/mintmaker/main/config-0.x
5518195 
chore(deps): update rust crate config to 0.15.0
@red-hat-konflux
chore(deps): update rust crate prost to 0.14
6f5e127 
Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com>
@red-hat-konflux red-hat-konflux bot force-pushed the konflux/mintmaker/main/tokio-prost-monorepo branch from f77c015 to 6f5e127 Compare September 18, 2025 12:23
@red-hat-konflux
Copy link
Author

red-hat-konflux bot commented Oct 16, 2025

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.

@openshift-merge-robot openshift-merge-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Oct 16, 2025
@openshift-merge-robot
Copy link

openshift-merge-robot commented Oct 16, 2025

PR needs rebase.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@lmilleri @openshift-merge-robot @DGonzalezVillal @yafu-1