Chore(deps): Bump eth-typing from 4.3.1 to 5.2.0#202
Chore(deps): Bump eth-typing from 4.3.1 to 5.2.0#202dependabot[bot] wants to merge 1 commit intomainaleph-im/aleph-sdk-python:mainfrom dependabot/pip/eth-typing-5.2.0aleph-im/aleph-sdk-python:dependabot/pip/eth-typing-5.2.0Copy head branch name to clipboard
Conversation
|
Failed to retrieve llama text: Invalid URL '/completion': No scheme supplied. Perhaps you meant https:///completion? |
Bumps [eth-typing](https://github.com/ethereum/eth-typing) from 4.3.1 to 5.2.0. - [Changelog](https://github.com/ethereum/eth-typing/blob/main/docs/release_notes.rst) - [Commits](ethereum/eth-typing@v4.3.1...v5.2.0) --- updated-dependencies: - dependency-name: eth-typing dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
3be82e8 to
cc276b8
Compare
foxpatch-aleph
left a comment
There was a problem hiding this comment.
This is a straightforward dependency bump of eth-typing from 4.3.1 to 5.2.0. Although this is a major version bump with breaking changes (notably replacing ABIFunctionInfo with ABIElementInfo and ABI component type changes in v5.0.0-beta.3/v5.0.1), the codebase only uses HexStr from eth_typing, which is unaffected by these changes. The update is safe. One minor pre-existing concern is that the dependency is pinned with == (exact version) rather than a compatible range like >=4.3.1,<6, which could create unnecessary friction for downstream consumers — but that's a pre-existing style issue, not introduced by this PR.
pyproject.toml (line 39): Pre-existing nit (not introduced by this PR): eth-typing==5.2.0 uses an exact pin. For a library, a range like >=5.2.0,<6 would be more flexible for downstream consumers without sacrificing compatibility guarantees. Worth addressing as a follow-up.
foxpatch-aleph
left a comment
There was a problem hiding this comment.
This is a straightforward major version bump of eth-typing from 4.3.1 to 5.2.0. The project's only usage of eth-typing is importing HexStr in src/aleph/sdk/wallets/ledger/ethereum.py, which is a stable primitive type unchanged across versions. The v5.x breaking changes (e.g., ABIFunctionInfo → ABIElementInfo, ABI type cleanup) are not used anywhere in the codebase. The change preserves the project's existing pattern of exact-version pinning for this dependency.
foxpatch-aleph
left a comment
There was a problem hiding this comment.
This is a straightforward major version bump of eth-typing from 4.3.1 to 5.2.0. The only usage in the codebase is from eth_typing import HexStr in src/aleph/sdk/wallets/ledger/ethereum.py, and HexStr is a stable primitive type unaffected by the breaking changes in 5.x (which focused on ABI types like ABIFunctionInfo → ABIElementInfo). The change is safe. One minor note about potential transitive compatibility with web3==6.3 is worth verifying, but not a blocker.
pyproject.toml (line 39): Worth verifying that web3==6.3 (also pinned in this file) is compatible with eth-typing==5.2.0. web3 6.3 was released before eth-typing 5.0 (Aug 2024), so it may declare a eth-typing<5 upper bound in its own dependencies. If so, this combination would fail to install. Running pip check or inspecting web3 6.3's declared dependency range for eth-typing would confirm compatibility.
Bumps eth-typing from 4.3.1 to 5.2.0.
Changelog
Sourced from eth-typing's changelog.
... (truncated)
Commits
33776fcBump version: 5.1.0 → 5.2.08e1ea48Compile release notes for v5.2.0755f617Add Prague fork name (#94)8fc6b0cBump version: 5.0.1 → 5.1.0061101fCompile release notes for v5.1.0b164e21Merge pull request #93 from pacrob/upgrade-templatee8247bbrefill template vars and add newsfragmentdc7e3dbmerge template4be68afPut python3.8 support back in:c6a24e4Update version update noteYou can trigger a rebase of this PR by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)