Plan: Define maturin and PyO3 validation contracts#16
Draft
leynos wants to merge 3 commits into
Draft
Conversation
Document the validation contract for generated Rust-extension projects, including maturin pin synchronisation, wheel snapshots, CI release routing, and PyO3 bridge escalation paths.
Incorporate expert review feedback by defining version canonicalisation, skip semantics, focused wheel assertions, and generated Rust-extension runbook requirements. Clarify CI cost and release-routing expectations, and make the negative broad-range maturin case an explicit template regression guard.
|
Important Review skippedDraft detected. Please check the settings in the CodeRabbit UI or the ⚙️ Run configurationConfiguration used: Organization UI Review profile: ASSERTIVE Plan: Pro Plus Run ID: You can disable this status message by setting the Use the checkbox below for a quick retry:
✨ Finishing Touches🧪 Generate unit tests (beta)
Comment |
Point the generated Rust cache step at `rust_extension` so `rust-cache` runs `cargo metadata` where the rendered `Cargo.toml` exists. Bump the starter PyO3 dependency to `0.29.0` so generated Rust projects pass `cargo audit` after the current RustSec advisories against `0.28.3`.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This branch adds a design document for maturin and PyO3 validation because Rust-extension template renders need an explicit packaging contract before implementation work changes generated tests, CI, and release workflows. The design is captured in docs/maturin-pyo3-validation-design.md and is based on the observed approaches in Prosidy Darn, Cuprum, TEI Rapporteur, Stilyagi, and femtologging, plus upstream maturin, PyO3, and wheel-specification guidance.
It also repairs the generated Rust act-validation path that surfaced on this pull request: template/.github/workflows/ci.yml.jinja now points
rust-cacheatrust_extension, template/{% if use_rust %}rust_extension{% endif %}/Cargo.toml.jinja now uses PyO30.29.0, and tests/helpers/ci_contracts.py asserts the cache workspace contract.There is no linked issue, roadmap task, or execplan for this branch. This is primarily a design branch that authorizes the next implementation pass, with a narrow generated-CI repair needed to keep the branch green.
Review walkthrough
Validation
make check-fmt: passedmake lint: passedmake typecheck: passedmake test: passed,32 passed, 2 skipped,3 snapshots passedmake test WITH_ACT=1: passed,32 passed, 2 xfailed,3 snapshots passedgit diff --check: passedNotes
The design deliberately keeps pure-Python renders free of maturin, PyO3, Cargo, and wheel-action dependencies. It also treats femtologging as a negative case by requiring future template tests to reject broad maturin ranges and bare
maturin developvalidation as sufficient upgrade coverage.The act-specific fix addresses two generated Rust workflow failures observed while validating this pull request:
rust-cacherunningcargo metadatafrom a directory withoutCargo.toml, andcargo auditrejecting PyO30.28.3forRUSTSEC-2026-0176andRUSTSEC-2026-0177.