Skip to content

Bump keccak from 0.1.5 to 0.1.6 in /arbitrator/wasm-libraries#11

Open
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/cargo/arbitrator/wasm-libraries/keccak-0.1.6
Open

Bump keccak from 0.1.5 to 0.1.6 in /arbitrator/wasm-libraries#11
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/cargo/arbitrator/wasm-libraries/keccak-0.1.6

Conversation

@dependabot
Copy link
Copy Markdown

@dependabot dependabot Bot commented on behalf of github Apr 8, 2026

Bumps keccak from 0.1.5 to 0.1.6.

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump keccak from 0.1.5 to 0.1.6 in /arbitrator/wasm-libraries
b306016 
Bumps [keccak](https://github.com/RustCrypto/sponges) from 0.1.5 to 0.1.6.
- [Commits](RustCrypto/sponges@keccak-v0.1.5...keccak-v0.1.6)

---
updated-dependencies:
- dependency-name: keccak
  dependency-version: 0.1.6
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file rust Pull requests that update rust code labels Apr 8, 2026
renlulu
renlulu suggested changes Apr 28, 2026
View reviewed changes
Copy link
Copy Markdown

@renlulu renlulu left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Codex batch review found one blocking compatibility issue on this head.

Finding 1

[P1] The wasm-libraries lockfile was regenerated as Cargo lockfile version 4, but the repo still declares older Rust/Cargo floors. The root arbitrator workspace declares rust-version = "1.67", and the required Wasmer submodule declares 1.73. Both cargo +1.67.1 metadata --locked and cargo +1.73.0 metadata --locked fail before dependency resolution with lock file version '4' was found, but this version of Cargo does not understand this lock file. Please regenerate the keccak bump preserving lockfile version 3, or explicitly raise the supported Rust/Cargo floor.

The keccak crate change itself looks low risk; the blocker is the lockfile format change.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@renlulu renlulu renlulu requested changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update rust code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@renlulu