chore: Upgrading alloy and alloy-dyn-abi

[NicoMolinaOZ]

Summary

• Upgrading alloy and alloy-dyn-abi

Testing Process

Checklist

• Add a reference to related issues in the PR description.
• Add unit tests if applicable.
• Add integration tests if applicable.
• Add property-based tests if applicable.
• Update documentation if applicable.

Summary by CodeRabbit

• Chores
  • Updated core dependencies to their latest stable versions.

[coderabbitai]

Walkthrough

The pull request updates the alloy dependency from version 1.0.36 to 1.0.41 and adds alloy-dyn-abi version 1.4.1 as a new dependency to address a GHSA vulnerability. No code logic changes or behavioral modifications are introduced.

Changes

Cohort / File(s)	Summary
Dependency Updates Cargo.toml	Bumped alloy from 1.0.36 to 1.0.41; added alloy-dyn-abi = "1.4.1" with comment noting GHSA vulnerability fix

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Poem

🐰 A little bump, a version rise,
Dependencies tuned to be more wise,
Alloy and its kin, now patched with care,
Security matters, we're aware! 🛡️✨

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Description Check	⚠️ Warning	The pull request description follows the template structure with all required sections present (Summary, Testing Process, and Checklist); however, the Testing Process section is completely blank with no information provided about how the changes were tested. Additionally, the Summary is minimal and lacks important context about why these upgrades are necessary, such as the GHSA vulnerability mentioned in the raw summary. While the checklist items are present, the description is largely incomplete for required sections that should contain substantive information.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title Check	✅ Passed	The pull request title "chore: Upgrading alloy and alloy-dyn-abi" is clear, concise, and directly summarizes the main change in the changeset. It uses the appropriate "chore" prefix for a dependency upgrade, mentions both libraries being upgraded, and avoids vague terminology. The title accurately reflects the content of the changes shown in the raw summary.
Docstring Coverage	✅ Passed	No functions found in the changes. Docstring coverage check skipped.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch upgrade-alloy-dyn-abi

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between a61701e and 0700d3e.

⛔ Files ignored due to path filters (1)

• Cargo.lock is excluded by !**/*.lock

📒 Files selected for processing (1)

• Cargo.toml (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)

• GitHub Check: test
• GitHub Check: Analyze (rust)

🔇 Additional comments (2)

Cargo.toml (2)

21-22: Verify the security vulnerability is addressed by these specific versions.

The comment references GHSA-pgp9-98jm-wwq2, but I cannot verify this GHSA identifier or confirm that alloy 1.0.41 and alloy-dyn-abi 1.4.1 address it through public sources. Additionally, the PR description lacks a reference to the related issue or advisory, making it difficult to validate the fix.

Please:

1. Confirm the GHSA identifier and link to the advisory (or create/reference an issue).
2. Verify that upgrading to alloy 1.0.41 and adding alloy-dyn-abi 1.4.1 resolves the vulnerability.
3. Update the PR description to reference the issue/advisory per the unchecked PR checklist item.

---

21-22: Confirm MSRV compatibility for upgraded and new dependencies.

Ensure that alloy 1.0.41 and alloy-dyn-abi 1.4.1 are compatible with the project's MSRV of Rust 1.86. If either dependency increases the MSRV, update line 5 accordingly.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 96.5%. Comparing base (a61701e) to head (0700d3e).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files

@@          Coverage Diff          @@
##            main    #383   +/-   ##
=====================================
  Coverage   96.5%   96.5%           
=====================================
  Files         76      76           
  Lines      27116   27116           
=====================================
  Hits       26177   26177           
  Misses       939     939           

Flag	Coverage Δ
integration	60.9% <ø> (ø)
properties	29.6% <ø> (+<0.1%)	⬆️
unittests	87.0% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.