Skip to content

ci: address cargo-audit for ruint#2335

Merged
jonathanpwang merged 4 commits into
mainfrom
ci/cargo-audit-ruint
Dec 29, 2025
Merged

ci: address cargo-audit for ruint#2335
jonathanpwang merged 4 commits into
mainfrom
ci/cargo-audit-ruint

Conversation

@jonathanpwang

Copy link
Copy Markdown
Contributor

Updated ruint from revm dependencies to 1.17.1
Updated aws-sdk-s3 to address cargo audit warnings.

The guest library ruint patch cannot be updated until a future release, so we add an ignore for now.

Comment thread .cargo/audit.toml

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR addresses security vulnerabilities identified by cargo-audit for the ruint dependency and updates AWS SDK dependencies to address related audit warnings.

  • Updates host ruint dependencies from 1.16.0 to 1.17.2 to resolve RUSTSEC-2025-0137
  • Upgrades AWS SDK and related dependencies (aws-sdk-s3, aws-config, and associated smithy packages)
  • Adds cargo-audit ignore entry for guest library ruint patch that cannot be updated yet
  • Adjusts CI GPU machine type configuration to remove g5 instances from the family list

Reviewed changes

Copilot reviewed 3 out of 4 changed files in this pull request and generated 2 comments.

File Description
crates/cli/Cargo.toml Updates aws-sdk-s3 to 1.119.0 and aws-config to 1.8.12
Cargo.lock Reflects dependency updates including ruint 1.17.2 and AWS SDK dependency tree updates
.cargo/audit.toml Adds RUSTSEC-2025-0137 to ignore list for guest library ruint with explanatory comment
.github/workflows/extension-tests.cuda.yml Updates default GPU machine type to exclude g5 instances

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread .cargo/audit.toml
Comment thread .github/workflows/extension-tests.cuda.yml
@github-actions

This comment has been minimized.

@github-actions

Copy link
Copy Markdown
group app.proof_time_ms app.cycles app.cells_used leaf.proof_time_ms leaf.cycles leaf.cells_used
verify_fibair (-8 [-3.5%]) 221 322,610 2,058,654 - - -
fibonacci (-39 [-3.7%]) 1,020 1,500,209 2,100,402 - - -
regex (-24 [-1.0%]) 2,308 4,137,502 17,695,216 - - -
ecrecover (-1 [-0.1%]) 747 122,859 2,262,772 - - -
pairing (-32 [-2.2%]) 1,442 1,745,742 25,408,302 - - -

Commit: d15d499

Benchmark Workflow

@jonathanpwang jonathanpwang merged commit eba5535 into main Dec 29, 2025
33 checks passed
@jonathanpwang jonathanpwang deleted the ci/cargo-audit-ruint branch December 29, 2025 21:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants