chore: Consolidate dependency updates from Dependabot PRs #1-#6 #7
Conversation
Consolidates all 6 open Dependabot PRs into a single update: Cargo Dependencies: - rand: 0.8.5 -> 0.9.2 (with API migration: thread_rng -> rng, gen_range -> random_range, SliceRandom -> IndexedRandom) GitHub Actions: - actions/checkout: v4 -> v6 - actions/cache: v4 -> v5 - actions/upload-artifact: v4 -> v6 - actions/download-artifact: v4 -> v7 - softprops/action-gh-release: v1 -> v2 All updates are Node.js 24 compatible and require Actions Runner v2.327.1+. Closes #1, #2, #3, #4, #5, #6 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Summary of ChangesHello @doublegate, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request centralizes and applies multiple pending dependency updates, primarily focusing on the Highlights
Ignored Files
Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here. You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension. Footnotes
|
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request is a great consolidation of multiple dependency updates, including a major update for the rand crate and several GitHub Actions. The code changes correctly migrate to the new rand v0.9 API for the most part. My review includes a couple of suggestions to replace the use of an unstable rand API function with its stable (though deprecated) predecessor to improve long-term stability.
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
This PR consolidates 6 Dependabot dependency updates into a single tested update, addressing both Cargo dependencies and GitHub Actions versions.
Changes:
- Upgraded
randfrom 0.8.5 to 0.9.2 with corresponding API migrations (rng(), random_range(), prelude imports) - Updated 5 GitHub Actions to Node.js 20/24 compatible versions requiring minimum runner v2.327.1
Reviewed changes
Copilot reviewed 4 out of 5 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| Cargo.toml | Updated rand dependency from 0.8 to 0.9 |
| Cargo.lock | Updated rand and related transitive dependencies to 0.9.x versions |
| src/game/mod.rs | Migrated to rand 0.9 API: thread_rng() → rng(), gen_range() → random_range(), imports via prelude |
| .github/workflows/ci.yml | Updated actions/checkout (v4→v6) and actions/cache (v4→v5) to Node.js 24 versions |
| .github/workflows/release.yml | Updated all actions to latest major versions (checkout v6, cache v5, upload-artifact v6, download-artifact v7, action-gh-release v2) |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
|
||
| - name: Create GitHub Release | ||
| uses: softprops/action-gh-release@v1 | ||
| uses: softprops/action-gh-release@v2 |
There was a problem hiding this comment.
The PR description states "All GitHub Actions updates are Node.js 24 compatible", but softprops/action-gh-release@v2 actually uses Node.js 20, not Node.js 24. While this doesn't affect functionality (both are supported by runner v2.327.1), the description should be corrected for accuracy. Consider changing it to "All GitHub Actions updates are compatible with Node.js 20+ and minimum runner v2.327.1" or similar.
There was a problem hiding this comment.
@copilot open a new pull request to apply changes based on this feedback
Migrate remaining `gen_range` calls to `random_range` for rand 0.9 compatibility. The previous commits missed two occurrences at lines 1223 and 1958 that caused CI failures with -D warnings. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Summary
Consolidates all 6 open Dependabot PRs into a single, tested update:
Cargo Dependencies
0.8.5->0.9.2thread_rng()->rng()gen_range()->random_range()SliceRandom->IndexedRandom(via prelude)GitHub Actions
actions/checkoutactions/cacheactions/upload-artifactactions/download-artifactsoftprops/action-gh-releaseNotes
Test Plan
cargo fmt --check- formatting verifiedcargo clippy --all-targets -- -D warnings- no warningscargo build --release- release build successfulcargo check --all-targets- all targets compileCloses
Closes #1, #2, #3, #4, #5, #6
Generated with Claude Code