Skip to content

deps: fix cargo-deny bans failure from duplicate crate versions#288

Merged
ooloth merged 2 commits into
mainfrom
agent/TASK-0010
Jun 14, 2026
Merged

deps: fix cargo-deny bans failure from duplicate crate versions#288
ooloth merged 2 commits into
mainfrom
agent/TASK-0010

Conversation

@ooloth

@ooloth ooloth commented Jun 6, 2026
edited
Loading

Copy link
Copy Markdown
Owner

✅ What

  • Fixes the failing check / deny CI job by removing two duplicate crate versions that cargo deny check bans rejected
  • itertools now resolves to a single version (0.13): the direct hub-tui dependency is pinned down to match what ratatui already pulls in — only with_position()/Position are used, an API identical across both versions
  • unicode-width joins the documented skip list: its 0.1.14/0.2.0 split lives entirely inside ratatui's transitive tree and can't be unified without an upstream change
  • Drops the now-unnecessary crossterm skip, which had collapsed to a single version and was triggering a cargo-deny warning
  • Drive-by fix found while completing this task: the completion steps injected into every dispatched agent session told agents to run hub task link <ID> <path>, but the CLI requires the path via --value. Corrected the injected command and added a test so it can't drift from the CLI again

🤔 Why

  • A red CI run blocks merges; this gets the deny gate green again so dependency-policy violations stay meaningful instead of being a standing failure
  • The dispatch fix removes a guaranteed first-attempt error every agent hit when registering its session log

👩‍🔬 How to validate

  • Check out this branch
  • Run cargo deny check bans advisories sources
  • Expect to see advisories ok, bans ok, sources ok and a clean exit (no duplicate-entry errors, no unnecessary-skip warning)
  • Run cargo clippy -- -D warnings and cargo nextest run
  • Expect both to pass — the itertools downgrade compiles cleanly and all tests stay green
  • Confirm the dispatch fix: the test build_task_prompt_includes_task_id_in_completion_steps now asserts the hub task link ... --value ... form

🔖 Related links

@ooloth
deps: fix cargo-deny bans failure from duplicate crate versions
7dae095 
Task: TASK-0010

The CI deny job (cargo deny check bans) failed with exit code 2 because
two crates resolved to two versions each, which the bans config denies.

itertools resolved to both 0.13 (via ratatui 0.29) and 0.14 (a direct
hub-tui dependency). Only with_position()/Position are used here, an API
identical in both versions, so the direct dependency is pinned down to
0.13 to unify on a single version.

unicode-width resolved to both 0.1.14 (via unicode-truncate) and 0.2.0
(via ratatui and tui-textarea). This split lives entirely inside
ratatui's transitive tree and is not controllable without an upstream
change, so it joins the documented skip list.

The crossterm skip is removed: it now resolves to a single version, so
the skip was unnecessary and cargo-deny warned about it.
Copilot AI review requested due to automatic review settings June 6, 2026 02:43
Copilot AI reviewed Jun 6, 2026
View reviewed changes

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR restores a green cargo deny check bans CI run by unifying duplicate crate versions where possible (notably itertools) and adjusting the cargo-deny skip list for a transitive-only split (unicode-width) that can’t be resolved locally.

Changes:

  • Pin hub-tui’s direct itertools dependency to 0.13 to match ratatui 0.29 and eliminate the duplicate-version ban.
  • Update deny.toml bans skip list: remove crossterm (no longer duplicated) and add unicode-width (0.1/0.2 split in ratatui’s transitive tree).
  • Regenerate Cargo.lock to reflect the unified itertools version (and removed itertools 0.14.0 entry).

Reviewed changes

Copilot reviewed 2 out of 3 changed files in this pull request and generated no comments.

File Description
ui/tui/Cargo.toml Pins itertools to 0.13 with rationale to avoid cargo-deny duplicate-version bans.
deny.toml Adjusts the bans skip list to match actual unavoidable duplicate-version splits.
Cargo.lock Removes the extra itertools 0.14.0 lock entry and normalizes dependencies to a single itertools version.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@ooloth
dispatch: fix injected hub task link command syntax
6dce04c 
The completion steps injected into every dispatched agent session told
the agent to run `hub task link <ID> <path>`, but the CLI requires the
path to be passed via `--value`. A bare positional path is rejected with
"unexpected argument", so every agent hit the error and had to discover
the correct flag before it could register its session log.

The injected command now matches the CLI signature, and the
completion-steps test asserts the `--value` form so the instruction can
no longer drift from the actual interface.
@ooloth ooloth added the author:agent This was authored by an agent. label Jun 6, 2026
@ooloth ooloth merged commit 5ac9258 into main Jun 14, 2026
1 check passed
@ooloth ooloth deleted the agent/TASK-0010 branch June 14, 2026 23:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

author:agent This was authored by an agent.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ooloth