Skip to content

Upgrade Core and Blaze#925

Merged
jviotti merged 1 commit into
mainfrom
new-deps-2
Jul 8, 2026
Merged

Upgrade Core and Blaze#925
jviotti merged 1 commit into
mainfrom
new-deps-2

Conversation

@jviotti

@jviotti jviotti commented Jul 8, 2026

Copy link
Copy Markdown
Member

Signed-off-by: Juan Cruz Viotti jv@jviotti.com

Review in cubic

@cubic-dev-ai cubic-dev-ai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No issues found across 368 files

Note: This PR contains a large number of files. cubic only reviews up to 200 files per PR, so some files may not have been reviewed. cubic prioritizes the most important files to review.

Re-trigger cubic

@augmentcode

augmentcode Bot commented Jul 8, 2026

Copy link
Copy Markdown
🤖 Augment PR Summary

Summary: This PR upgrades the vendored core and blaze dependencies used by jsonbinpack.

Changes:

  • Bumps the pinned core and blaze SHAs in DEPENDENCIES (and in the vendored Blaze dependency list).
  • Updates Blaze’s CMake configuration to replace the former “documentation” component with a “canonicalizer” component and wires it into the build/test layout.
  • Extends Blaze’s JavaScript port with improved error descriptions and a new “evaluate without callback” execution path for some fused instructions.
  • Pulls in a large set of Core changes, including new crypto helpers (HMAC/SHA512, signing utilities), improved randomness APIs, and JSON-LD recursion-depth guarding.
  • Refreshes Core’s text/URI helper APIs (e.g., hex digit decoding) and updates internal users accordingly.
  • Includes multiple documentation and API-safety adjustments across the vendored libraries.

Notes: The bulk of the diff is dependency/vendor code updates; the main integration risk is build-option/API mismatches between jsonbinpack’s build glue and the upgraded vendored projects.

🤖 Was this summary useful? React with 👍 or 👎

@augmentcode augmentcode Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Review completed. 2 suggestions posted.

Fix All in Augment

Comment augment review to trigger a new review at any time.

? evaluateInstructionTracked
: evaluateInstructionFast;
evaluator.callbackMode = false;
const result = evaluateInstruction(instruction, instance, depth, template, evaluator);

@augmentcode augmentcode Bot Jul 8, 2026

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

vendor/blaze/ports/javascript/index.mjs:703-713evaluateInstructionWithoutCallback restores evaluateInstruction/evaluator.callbackMode only on the normal return path; if evaluateInstruction(...) throws, the dispatcher/callback mode can remain mutated for subsequent evaluations. Consider ensuring the restoration happens on exception paths as well so a single failure can’t corrupt evaluator state.

Severity: medium

Fix This in Augment

🤖 Was this useful? React with 👍 or 👎, or 🚀 if it prevented an incident/outage.

option(BLAZE_ALTERSCHEMA "Build the Blaze alterschema rule library" ON)
option(BLAZE_CODEGEN "Build the Blaze codegen library" ON)
option(BLAZE_DOCUMENTATION "Build the Blaze documentation generator library" ON)
option(BLAZE_CANONICALIZER "Build the Blaze canonicalizer library" ON)

@augmentcode augmentcode Bot Jul 8, 2026

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

vendor/blaze/CMakeLists.txt:15 — this introduces BLAZE_CANONICALIZER in place of the old BLAZE_DOCUMENTATION option, but jsonbinpack’s cmake/FindBlaze.cmake still sets BLAZE_DOCUMENTATION OFF before add_subdirectory(vendor/blaze). That means the canonicalizer component will stay enabled unexpectedly, potentially changing what gets built/linked in this repo.

Severity: medium

Fix This in Augment

🤖 Was this useful? React with 👍 or 👎, or 🚀 if it prevented an incident/outage.

Signed-off-by: Juan Cruz Viotti <jv@jviotti.com>
@jviotti jviotti merged commit 183f333 into main Jul 8, 2026
12 checks passed
@jviotti jviotti deleted the new-deps-2 branch July 8, 2026 15:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant