Skip to content

Build(deps): bump alloy from 2.0.4 to 2.0.5#18

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/cargo/alloy-2.0.5
Open

Build(deps): bump alloy from 2.0.4 to 2.0.5#18
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/cargo/alloy-2.0.5

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 21, 2026
edited
Loading

Bumps alloy from 2.0.4 to 2.0.5.

Release notes

Sourced from alloy's releases.

v2.0.5

What's Changed

New Contributors

Full Changelog: alloy-rs/alloy@v2.0.4...v2.0.5

Changelog

Sourced from alloy's changelog.

2.0.5 - 2026-05-18

Bug Fixes

  • [ci] Satisfy zepter secp256k1 propagation (#3993)
  • [network] Preserve transaction request extra fields
  • [consensus] Correct recovered transaction docs (#3984)
  • [signer-ledger] Reject invalid derivation paths (#3960)
  • [consensus-any] Saturate baseFeePerGas above u64::MAX on deser (#3741) (#3976)
  • [eips] Avoid panic in 7594 match_versioned_hashes (#3975)
  • [signer-trezor] Reject unsupported tx types (#3959)
  • [transport] Make retry queue count cancel-safe (#3956)
  • [signer-trezor] Dispatch EIP-1559 by tx type (#3958)
  • [rpc-types-trace] Default missing/null CallOutput.output to empty bytes (#3931)
  • [eip1559] Prevent divide-by-zero in next base fee calculation
  • [provider] Clean up failed impersonated sends (#3944)
  • Deduplicate AnyRpcTransaction conversion helpers (#3947)
  • [ci] Stabilize main red tests (#3942)

Dependencies

  • [deps] Bump github/codeql-action from 4.35.2 to 4.35.4 (#3990)
  • [deps] Bump taiki-e/install-action from 2.75.27 to 2.77.1
  • [deps] Bump crate-ci/typos from 1.45.0 to 1.46.0 (#3965)
  • [deps] Bump taiki-e/install-action from 2.75.20 to 2.75.27 (#3964)
  • [deps] Bump taiki-e/install-action from 2.75.15 to 2.75.20 (#3946)
  • [deps] Bump foundry-rs/foundry-toolchain from 1.7.0 to 1.8.0 (#3945)

Documentation

  • [rpc-types-eth] Correct sealed_header docs (#3995)
  • [node-bindings] Clarify Reth genesis behavior (#3994)
  • [eips] Document blob cell selection invariants (#3973)
  • [signer-tempo] Add changelog (#3962)

Features

  • [rpc-types-engine] Add payload attributes builders (#3985)
  • [rpc-types-beacon] Add builder validation request v6 (#3981)
  • [eips] Add EIP-7594 matching cell computation (#3974)
  • [rpc-types-engine] Add SSZ codecs for engine types (#3970)
  • [pubsub] Typed terminal-error channel (#3963)
  • [signer-tempo] Add Tempo wallet keystore reader (#3936)
  • [rpc-types-engine] Add sealed block execution data conversions (#3955)

Miscellaneous Tasks

  • Release 2.0.5
  • Release 2.0.5
  • Release 2.0.5

... (truncated)

Commits
  • 653989f chore: release 2.0.5
  • ee8c72f chore: release 2.0.5
  • a90ea92 chore: release 2.0.5
  • 51090d3 chore: release 2.0.5
  • 2d3a3fb docs(rpc-types-eth): correct sealed_header docs (#3995)
  • a019321 fix(ci): satisfy zepter secp256k1 propagation (#3993)
  • a51afc1 docs(node-bindings): clarify Reth genesis behavior (#3994)
  • 2aa6712 chore(deps): bump github/codeql-action from 4.35.2 to 4.35.4 (#3990)
  • f97b3cb fix(network): preserve transaction request extra fields
  • 51cb51d chore(deps): bump taiki-e/install-action from 2.75.27 to 2.77.1
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file rust Pull requests that update rust code labels May 21, 2026
@cloudflare-workers-and-pages
Copy link
Copy Markdown

cloudflare-workers-and-pages Bot commented May 21, 2026
edited
Loading

Deploying with  Cloudflare Workers  Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status Name Latest Commit Updated (UTC)
❌ Deployment failed
View logs		 hyperliquid-feedback 052164c May 26 2026, 02:17 AM

@kilo-code-bot
Copy link
Copy Markdown

kilo-code-bot Bot commented May 21, 2026
edited
Loading

Code Review Summary

Status: No Blocking Issues | Recommendation: Merge

Overview

Severity Count
CRITICAL 0
WARNING 0
SUGGESTION 1
Other Observations (not in diff)

Issues found in unchanged code that cannot receive inline comments:

File Line Issue
Cargo.toml 23 alloy-signer-local still specifies version = "2.0.4" while alloy was bumped to 2.0.5. Works fine due to Cargo semver caret resolution (>=2.0.4, <3.0.0 resolves to 2.0.5 in lockfile), but updating to "2.0.5" would be more consistent and explicit.
Notes
  • This is a standard Dependabot dependency bump (alloy 2.0.4 → 2.0.5) with no source code changes.
  • Only Cargo.toml (1 line) and Cargo.lock are affected.
  • The alloy 2.0.5 release includes beneficial bug fixes: divide-by-zero prevention in base fee calculation, cancel-safe retry queue, invalid derivation path rejection (Ledger), unsupported tx type rejection (Trezor), and baseFeePerGas saturation above u64::MAX.
  • Transitive dependency updates (alloy-core 1.5.7→1.6.0, alloy-primitives 1.5.7→1.6.0, new secp256k1 0.31.1, hashbrown 0.17.0) are all correctly resolved in the lockfile.
  • No breaking API changes detected that would affect the CLI's usage of alloy types.
  • Incremental review (commit 052164c3): No new changes since previous review. All findings carried forward.
Files Reviewed (2 files)
  • Cargo.toml - 0 issues in diff, 1 observation outside diff
  • Cargo.lock - 0 issues (generated lockfile)

Fix these issues in Kilo Cloud

Reviewed by glm-5.1 · 181,816 tokens

@dependabot
Build(deps): bump alloy from 2.0.4 to 2.0.5
052164c 
Bumps [alloy](https://github.com/alloy-rs/alloy) from 2.0.4 to 2.0.5.
- [Release notes](https://github.com/alloy-rs/alloy/releases)
- [Changelog](https://github.com/alloy-rs/alloy/blob/main/CHANGELOG.md)
- [Commits](alloy-rs/alloy@v2.0.4...v2.0.5)

---
updated-dependencies:
- dependency-name: alloy
  dependency-version: 2.0.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/cargo/alloy-2.0.5 branch from 54fce87 to 052164c Compare May 26, 2026 02:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update rust code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants