Revert accidental rand 0.9.3 -> 0.10.1 bump#978
Merged
Conversation
Commit 58e2cfe (dependabot: bump rustls-webpki 0.103.10 -> 0.103.12) also bumped the direct rand dependency from 0.9.3 to 0.10.1. rand 0.10 moved random_range / random_bool / seed_from_u64 into a separate RngExt trait that is not imported anywhere in the crate, so main fails to compile with ~160 errors. This change keeps the intended rustls-webpki bump and restores rand to 0.9.3, which the existing code is written against.
Contributor
There was a problem hiding this comment.
Pull request overview
Reverts an unintended direct dependency upgrade of rand to restore compatibility with the crate’s existing RNG API usage, while keeping the previously intended rustls-webpki bump intact.
Changes:
- Downgrade direct
randdependency from0.10.1back to0.9.3(allowing patch updates within0.9.x). - Regenerate
Cargo.lockto removerand 0.10.1and its transitive dependencies (e.g.,rand_core 0.10.1,chacha20 0.10.0).
Reviewed changes
Copilot reviewed 1 out of 2 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| Cargo.toml | Restores rand to 0.9.3 to match existing code expectations. |
| Cargo.lock | Updates the resolved dependency graph to align with rand 0.9.x (while retaining rustls-webpki 0.103.12). |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
⏱️ Benchmark run finished in 0m 51s 📈 Compared against baseline: 27s 🟢 Generation time is unchanged. 📅 Last benchmark: 2026-04-24 00:17:57 UTC You can retrigger the benchmark by commenting |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Commit 58e2cfe (dependabot: bump rustls-webpki 0.103.10 -> 0.103.12) also bumped the direct rand dependency from 0.9.3 to 0.10.1. rand 0.10 moved random_range / random_bool / seed_from_u64 into a separate RngExt trait that is not imported anywhere in the crate, so main fails to compile with ~160 errors.
This change keeps the intended rustls-webpki bump and restores rand to 0.9.3, which the existing code is written against.