chore: Non-breaking portgraph & pyo3 version bump (#2069)

aborgna-q · web-flow · commit 7626797017c9 · 2025-04-08T16:23:21.000Z
`portgraph` is about to [make a breaking release](CQCL/portgraph#194), and `pyo3` recently did so. Normally bumping the dependencies would require us to make a breaking release of `hugr`, but since in both cases there are no code changes required for the update we can do a loose version requirement instead, and let downstream dependents update both dependencies at their own pace. drive-by: Setup the MSRV CI check to use the minimal dependency versions, to ensure we don't break things in the future. This has de added benefit that we no longer need to pin dependencies in `Cargo.lock` if their newer versions bumped their MSRV (it currently happens with `half` and `zerofrom`)
diff --git a/.github/workflows/ci-rs.yml b/.github/workflows/ci-rs.yml
@@ -190,7 +190,8 @@ jobs:
       matrix:
         # Stable is covered by `tests-stable-no-features` and `tests-stable-all-features`
         # Nightly is covered by `tests-nightly-coverage`
-        rust: ["1.75", beta]
+        # MSRV is covered by `tests-msrv`
+        rust: [beta]
     name: tests (Rust ${{ matrix.rust }})
     steps:
       - uses: actions/checkout@v4
@@ -220,6 +221,59 @@ jobs:
         if: ${{ needs.changes.outputs.llvm == 'true'}}
         run: cargo test -p hugr-llvm --verbose --features llvm${{ env.LLVM_FEATURE_NAME }}
 
+  # Run tests on the minimum supported rust version, with minimal dependency versions
+  tests-msrv:
+    needs: changes
+    if: ${{ needs.changes.outputs.rust == 'true' && github.event_name != 'merge_group' }}
+    runs-on: ubuntu-latest
+    name: tests (Rust MSRV, min dependencies)
+    steps:
+      - uses: actions/checkout@v4
+      - uses: mozilla-actions/sccache-action@v0.0.9
+      - name: Install MSRV toolchain
+        id: toolchain
+        uses: dtolnay/rust-toolchain@master
+        with:
+          toolchain: "1.75"
+      - name: Install nightly toolchain
+        uses: dtolnay/rust-toolchain@master
+        with:
+          # Nightly must be installed for `cargo-minimal-versions` to work
+          toolchain: "nightly"
+      - name: Configure default rust toolchain
+        run: rustup override set ${{steps.toolchain.outputs.name}}
+      - name: Install LLVM and Clang
+        uses: KyleMayes/install-llvm-action@v2
+        with:
+          version: ${{ env.LLVM_VERSION }}
+      - uses: cargo-bins/cargo-binstall@main
+      - name: Install cargo-minimal-versions
+        run: |
+          cargo binstall cargo-hack --force
+          cargo binstall cargo-minimal-versions --force
+      - name: Pin transitive dependencies not compatible with our MSRV
+        # Add new dependencies as needed if the check fails due to
+        # "package `XXX` cannot be built because it requires rustc YYY or newer, while the currently active rustc version is 1.75.0"
+        run: |
+          rm Cargo.lock
+          cargo add -p hugr half@2.4.1
+          cargo add -p hugr litemap@0.7.4
+          cargo add -p hugr zerofrom@0.1.5
+      - name: Build with no features
+        run: cargo minimal-versions --direct test --verbose  --no-default-features --no-run
+      - name: Tests with no features
+        run: cargo minimal-versions --direct test --verbose  --no-default-features
+      - name: Build with all features
+        run: cargo minimal-versions --direct test --verbose  --all-features --no-run
+      - name: Tests with all features
+        run: cargo minimal-versions --direct test --verbose  --all-features
+      - name: Build hugr-llvm
+        if: ${{ needs.changes.outputs.llvm == 'true'}}
+        run: cargo minimal-versions --direct test -p hugr-llvm --verbose --features llvm${{ env.LLVM_FEATURE_NAME }} --no-run
+      - name: Tests hugr-llvm
+        if: ${{ needs.changes.outputs.llvm == 'true'}}
+        run: cargo minimal-versions --direct test -p hugr-llvm --verbose --features llvm${{ env.LLVM_FEATURE_NAME }}
+
   # Ensure that serialized extensions match rust implementation
   std-extensions:
     needs: [changes, tests-stable-all-features]
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -37,7 +37,6 @@ missing_docs = "warn"
 debug_assert_with_mut_call = "warn"
 
 [workspace.dependencies]
-portgraph = { version = "0.13.3" }
 insta = { version = "1.42.2" }
 bitvec = "1.0.1"
 capnp = "0.20.6"
@@ -53,16 +52,15 @@ jsonschema = "0.29.1"
 lazy_static = "1.4.0"
 num-rational = "0.4.1"
 paste = "1.0"
-petgraph = { version = "0.7.1", default-features = false }
 proptest = "1.4.0"
 proptest-derive = "0.5.0"
-regex = "1.9.5"
+regex = "1.10.6"
 regex-syntax = "0.8.3"
 rstest = "0.24.0"
 semver = "1.0.26"
-serde = "1.0"
+serde = "1.0.195"
 serde_json = "1.0.140"
-serde_yaml = "0.9.19"
+serde_yaml = "0.9.34"
 smol_str = "0.3.1"
 static_assertions = "1.1.0"
 strum = "0.27.0"
@@ -85,7 +83,12 @@ pest_derive = "2.8.0"
 pretty = "0.12.4"
 pretty_assertions = "1.4.1"
 zstd = "0.13.2"
-pyo3 = "0.23.4"
+
+# These public dependencies usually require breaking changes downstream, so we
+# try to be as permissive as possible.
+pyo3 = ">= 0.23.4, < 0.25"
+portgraph = { version = ">= 0.13.3, < 0.15" }
+petgraph = { version = ">= 0.7.1, < 0.9", default-features = false }
 
 [profile.dev.package]
 insta.opt-level = 3
