Skip to content

chore(release): prepare v0.4.1#267

Merged
EffortlessSteven merged 4 commits into
mainfrom
prep/0.4.1
Mar 19, 2026
Merged

chore(release): prepare v0.4.1#267
EffortlessSteven merged 4 commits into
mainfrom
prep/0.4.1

Conversation

@EffortlessSteven

Copy link
Copy Markdown
Member

Summary

  • bump the release line to 0.4.1 across workspace manifests, lockfile, and versioned dependency snippets
  • add a publish-preflight doc-version check in xtask so stale uselesskey* README examples fail before publish
  • refresh the changelog, roadmap, and release/publishing docs for the 0.4.1 cut

Verification

  • cargo test -p xtask
  • cargo xtask gate --check
  • cargo xtask publish-preflight
  • cargo xtask publish-check

@coderabbitai

coderabbitai Bot commented Mar 17, 2026

Copy link
Copy Markdown

Warning

Rate limit exceeded

@EffortlessSteven has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 7 minutes and 17 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 31e20cf4-bfed-490b-b376-f40da104daa3

📥 Commits

Reviewing files that changed from the base of the PR and between 3d03520 and 43510f0.

📒 Files selected for processing (1)
  • xtask/src/main.rs

Walkthrough

Version bump from 0.4.0 to 0.4.1 across the entire workspace, including all crate manifests, documentation examples, CHANGELOG, and build infrastructure. Adds preflight validation to verify consistency of version numbers in documentation snippets against workspace versions.

Changes

Cohort / File(s) Summary
Workspace & Changelog
CHANGELOG.md, Cargo.toml, README.md
Added [0.4.1] release entry with Added/Changed/Fixed subsections; bumped workspace version and all dependency pins to 0.4.1; updated README example snippets.
Core Crates (Manifests)
crates/uselesskey-core*/Cargo.toml, crates/uselesskey-core/Cargo.toml
Version bumps from 0.4.0 to 0.4.1 for base62, cache, factory, hash, hmac-spec, id, jwk-builder, jwk-shape, jwk, jwks-order, keypair-material, keypair, kid, negative, negative-der, negative-pem, rustls-pki, seed, sink, token-shape, token, x509-derive, x509-negative, x509-spec, x509, and core facade crates; includes internal dependency version pins.
Algorithm & Adapter Crates (Manifests)
crates/uselesskey-{rsa,ecdsa,ed25519,hmac,ring,rustcrypto}/Cargo.toml
Version bumps to 0.4.1 with corresponding dependency updates to core and jwk crates.
Integration & Utility Crates (Manifests)
crates/uselesskey-{aws-lc-rs,bdd-steps,feature-grid,jsonwebtoken,jwk,pgp,rustls,test-grid,token,tonic,x509,jsonwebtoken,uselesskey}/Cargo.toml
Version bumps to 0.4.1; updates all internal and dev-dependency pins; includes workspace facade crate.
Documentation & Examples
crates/uselesskey*/README.md, README.md
Updated dev-dependency version snippets from 0.4.0 to 0.4.1 in code examples across AWS-LC-RS, jsonwebtoken, ring, rustcrypto, rustls, tonic, and root README.
Publishing & Release Documentation
docs/how-to/publishing.md, docs/how-to/release.md, docs/explanation/roadmap.md
Updated roadmap header and status (v0.4.0 shipped, v0.4.1 in progress); added publish-preflight validation for versioned dependency snippets; expanded dry-run and release workflow descriptions with new preflight and publish-check commands.
Test Configuration
tests/Cargo.toml
Version bumps to 0.4.1 for core, key types, JWK/JWKS, adapters, and facade crate dependencies.
Build Tooling (New Validation)
xtask/src/main.rs
Introduced preflight:doc-versions check in publish-preflight; added check_doc_dependency_versions, workspace_publish_versions, versioned_dependency_snippet_files, and collect_dependency_version_snippet_errors functions to validate documentation snippet versions against workspace crate versions using regex parsing and error reporting; integrated into publish flow with conditional skips.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

  • chore: publish-prep for v0.2.0 #229: Modifies xtask publish/preflight logic with related changes to version handling and publish workflow; shares code-level changes in xtask/src/main.rs and publish infrastructure.

Poem

🐰 Version hops from point-four-oh to point-four-one,
Snippets now sync'd in docs—validation, all done!
Each crate marches forward, dependencies aligned,
Preflight checks whisper, "All versions refined!"
Release polish glistens, ready to ship! ✨

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 38.46% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
✅ Passed checks (2 passed)
Check name Status Explanation
Title check ✅ Passed The title 'chore(release): prepare v0.4.1' directly and clearly describes the main purpose of the changeset: preparing the repository for the 0.4.1 release by bumping versions across manifests and documentation.
Description check ✅ Passed The description is well-related to the changeset, providing a clear summary of the three main activities: version bumping, adding doc-version checks, and refreshing documentation, with verification steps.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch prep/0.4.1
📝 Coding Plan
  • Generate coding plan for human review comments

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@gemini-code-assist

Copy link
Copy Markdown

Summary of Changes

Hello, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request prepares the repository for the v0.4.1 release. It primarily focuses on updating all package versions to 0.4.1 and enhancing the release process by adding a new xtask command to validate version consistency in documentation. This ensures that all examples and references in the project's documentation accurately reflect the current release, improving overall release hygiene and preventing stale information.

Highlights

  • Version Bump: Bumped the release line to 0.4.1 across all workspace manifests, the Cargo.lock file, and versioned dependency snippets in documentation.
  • New Pre-Publish Check: Introduced a publish-preflight doc-version check in xtask to ensure that uselesskey* README examples and other release-facing documentation snippets are up-to-date before publishing.
  • Documentation Updates: Refreshed the changelog, roadmap, and release/publishing documentation to reflect the 0.4.1 release and the updated publish flow.
Changelog
  • CHANGELOG.md
    • Added: Consistent label() / spec() accessors across various fixture types.
    • Added: cargo xtask publish-preflight now validates versioned uselesskey* dependency snippets in release-facing docs.
    • Changed: Workspace manifests and versioned dependency snippets now target 0.4.1.
    • Changed: Release and roadmap docs now reflect the shipped RNG-boundary work and the current publish flow.
    • Fixed: rustfmt.toml explicitly matches the workspace's Rust 2024 edition.
    • Fixed: uselesskey-interop-tests explicitly forbids unsafe code.
    • Fixed: Accessor mutation coverage is hardened, including Ed25519-spec equivalent-mutant exclusion and a fast HMAC kid() regression killer.
Activity
  • Verified changes by running cargo test -p xtask.
  • Verified changes by running cargo xtask gate --check.
  • Verified changes by running cargo xtask publish-preflight.
  • Verified changes by running cargo xtask publish-check.
Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature Command Description
Code Review /gemini review Performs a code review for the current pull request in its current state.
Pull Request Summary /gemini summary Provides a summary of the current pull request in its current state.
Comment @gemini-code-assist Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help /gemini help Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

  1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution.

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request prepares for the v0.4.1 release by bumping version numbers across the workspace, updating the changelog and documentation, and introducing a new publish-preflight check. The new check in xtask validates that versioned dependency snippets in documentation are up-to-date, which is a great addition for release hygiene. My review includes one suggestion to make this new check more robust and maintainable by recursively searching for relevant files instead of using a hardcoded list.

Comment thread xtask/src/main.rs
Comment on lines +987 to +1005
fn versioned_dependency_snippet_files() -> Result<Vec<PathBuf>> {
let mut files = vec![
PathBuf::from("README.md"),
PathBuf::from("crates/uselesskey/src/lib.rs"),
];

for entry in
fs::read_dir("crates").context("failed to read crates dir for doc version checks")?
{
let entry = entry.context("failed to read crates dir entry for doc version checks")?;
let readme = entry.path().join("README.md");
if readme.is_file() {
files.push(readme);
}
}

files.sort();
Ok(files)
}

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

The current implementation for finding files with version snippets is a bit brittle as it hardcodes crates/uselesskey/src/lib.rs and only looks for README.md files in the top-level of each crate directory. This could miss version snippets in other documentation files or library source files in the future.

A more robust approach would be to recursively search for all .md and .rs files in the workspace, which would make this check more maintainable. This can be done with a recursive inner function to avoid adding new dependencies.

fn versioned_dependency_snippet_files() -> Result<Vec<PathBuf>> {
    fn walk(dir: &Path, files: &mut Vec<PathBuf>) -> Result<()> {
        let name = dir.file_name().and_then(|s| s.to_str()).unwrap_or("");
        if matches!(name, ".git" | "target" | ".cargo") {
            return Ok(());
        }

        for entry in fs::read_dir(dir).with_context(|| format!("read_dir failed for {dir:?}"))? {
            let entry = entry.context("failed to read dir entry")?;
            let path = entry.path();
            if path.is_dir() {
                walk(&path, files)?;
            } else if path.is_file() {
                if let Some(ext) = path.extension().and_then(|s| s.to_str()) {
                    if ext == "md" || ext == "rs" {
                        files.push(path);
                    }
                }
            }
        }
        Ok(())
    }

    let mut files = Vec::new();
    walk(Path::new("."), &mut files)?;
    files.sort();
    Ok(files)
}

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)
xtask/src/main.rs (1)

1308-1313: ⚠️ Potential issue | 🟡 Minor

Record preflight:doc-versions in the docs-only fast path too.

This branch skips the new step when there are no Cargo changes, but the earlier plan.docs_only early return still never records it. After adding preflight:doc-versions, docs-only xtask pr receipts will now have a different preflight step set than every other path.

Suggested fix
     if plan.docs_only {
         let reason = Some("docs-only".to_string());
         runner.skip("fmt", reason.clone());
         runner.skip("clippy", reason.clone());
         runner.skip("tests", reason.clone());
@@
         runner.skip("coverage", reason.clone());
         runner.skip("coverage:report", reason.clone());
         runner.skip("root-tests", reason.clone());
         runner.skip("xtask-tests", reason.clone());
         runner.skip("preflight:metadata", reason.clone());
+        runner.skip("preflight:doc-versions", reason.clone());
         for name in PUBLISH_CRATES {
             runner.skip(&format!("preflight:package:{name}"), reason.clone());
         }
         return Ok(());
     }
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In `@xtask/src/main.rs` around lines 1308 - 1313, The docs-only early-return path
(check of plan.docs_only) never records the "preflight:doc-versions" step; add
the same recording used in the no-Cargo-changes path so receipts are consistent.
Modify the docs-only branch to call runner.skip("preflight:doc-versions",
Some("docs-only".into())) (or the same message used elsewhere, e.g. "no cargo
changes") alongside the other preflight skips, ensuring the symbol
plan.docs_only and method runner.skip are used so the "preflight:doc-versions"
step is recorded for the docs-only fast path.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@xtask/src/main.rs`:
- Around line 987-1005: versioned_dependency_snippet_files() currently uses
cwd-relative paths which breaks when the process is started from a subdirectory;
change it to resolve everything from the repo workspace root via the existing
workspace_path() helper: replace PathBuf::from("README.md") and
PathBuf::from("crates/uselesskey/src/lib.rs") with
workspace_path().join("README.md") and
workspace_path().join("crates/uselesskey/src/lib.rs"), call
fs::read_dir(workspace_path().join("crates")) instead of fs::read_dir("crates"),
and when building per-crate readme paths use entry.path().join("README.md") or
workspace_path().join(...) as appropriate before checking is_file() and pushing
to files so all lookups are workspace-root relative.

---

Outside diff comments:
In `@xtask/src/main.rs`:
- Around line 1308-1313: The docs-only early-return path (check of
plan.docs_only) never records the "preflight:doc-versions" step; add the same
recording used in the no-Cargo-changes path so receipts are consistent. Modify
the docs-only branch to call runner.skip("preflight:doc-versions",
Some("docs-only".into())) (or the same message used elsewhere, e.g. "no cargo
changes") alongside the other preflight skips, ensuring the symbol
plan.docs_only and method runner.skip are used so the "preflight:doc-versions"
step is recorded for the docs-only fast path.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: e253ee62-fc4b-4e31-95ce-a66daa0c77f4

📥 Commits

Reviewing files that changed from the base of the PR and between 660cf42 and 3d03520.

⛔ Files ignored due to path filters (1)
  • Cargo.lock is excluded by !**/*.lock
📒 Files selected for processing (62)
  • CHANGELOG.md
  • Cargo.toml
  • README.md
  • crates/uselesskey-aws-lc-rs/Cargo.toml
  • crates/uselesskey-aws-lc-rs/README.md
  • crates/uselesskey-bdd-steps/Cargo.toml
  • crates/uselesskey-core-base62/Cargo.toml
  • crates/uselesskey-core-cache/Cargo.toml
  • crates/uselesskey-core-factory/Cargo.toml
  • crates/uselesskey-core-hash/Cargo.toml
  • crates/uselesskey-core-hmac-spec/Cargo.toml
  • crates/uselesskey-core-id/Cargo.toml
  • crates/uselesskey-core-jwk-builder/Cargo.toml
  • crates/uselesskey-core-jwk-shape/Cargo.toml
  • crates/uselesskey-core-jwk/Cargo.toml
  • crates/uselesskey-core-jwks-order/Cargo.toml
  • crates/uselesskey-core-keypair-material/Cargo.toml
  • crates/uselesskey-core-keypair/Cargo.toml
  • crates/uselesskey-core-kid/Cargo.toml
  • crates/uselesskey-core-negative-der/Cargo.toml
  • crates/uselesskey-core-negative-pem/Cargo.toml
  • crates/uselesskey-core-negative/Cargo.toml
  • crates/uselesskey-core-rustls-pki/Cargo.toml
  • crates/uselesskey-core-seed/Cargo.toml
  • crates/uselesskey-core-sink/Cargo.toml
  • crates/uselesskey-core-token-shape/Cargo.toml
  • crates/uselesskey-core-token/Cargo.toml
  • crates/uselesskey-core-x509-chain-negative/Cargo.toml
  • crates/uselesskey-core-x509-derive/Cargo.toml
  • crates/uselesskey-core-x509-negative/Cargo.toml
  • crates/uselesskey-core-x509-spec/Cargo.toml
  • crates/uselesskey-core-x509/Cargo.toml
  • crates/uselesskey-core/Cargo.toml
  • crates/uselesskey-ecdsa/Cargo.toml
  • crates/uselesskey-ed25519/Cargo.toml
  • crates/uselesskey-feature-grid/Cargo.toml
  • crates/uselesskey-hmac/Cargo.toml
  • crates/uselesskey-jsonwebtoken/Cargo.toml
  • crates/uselesskey-jsonwebtoken/README.md
  • crates/uselesskey-jwk/Cargo.toml
  • crates/uselesskey-pgp/Cargo.toml
  • crates/uselesskey-ring/Cargo.toml
  • crates/uselesskey-ring/README.md
  • crates/uselesskey-rsa/Cargo.toml
  • crates/uselesskey-rustcrypto/Cargo.toml
  • crates/uselesskey-rustcrypto/README.md
  • crates/uselesskey-rustls/Cargo.toml
  • crates/uselesskey-rustls/README.md
  • crates/uselesskey-test-grid/Cargo.toml
  • crates/uselesskey-token-spec/Cargo.toml
  • crates/uselesskey-token/Cargo.toml
  • crates/uselesskey-tonic/Cargo.toml
  • crates/uselesskey-tonic/README.md
  • crates/uselesskey-x509/Cargo.toml
  • crates/uselesskey/Cargo.toml
  • crates/uselesskey/README.md
  • crates/uselesskey/src/lib.rs
  • docs/explanation/roadmap.md
  • docs/how-to/publishing.md
  • docs/how-to/release.md
  • tests/Cargo.toml
  • xtask/src/main.rs

Comment thread xtask/src/main.rs
@EffortlessSteven EffortlessSteven merged commit a398bec into main Mar 19, 2026
4 checks passed
@EffortlessSteven EffortlessSteven deleted the prep/0.4.1 branch April 3, 2026 04:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant