Skip to content

chore(deps): update dependency hackney to v3 #1327

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
renovate wants to merge 1 commit into
base: master
Choose a base branch
from
Open

chore(deps): update dependency hackney to v3 #1327

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion mix.exs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -72,7 +72,7 @@ defmodule Cadet.Mixfile do
{:ex_rated, "~> 2.0"},
{:guardian, "~> 2.0"},
{:guardian_db, "~> 2.0"},
{:hackney, "~> 1.6"},
{:hackney, "~> 3.0"},
{:httpoison, "~> 2.3", override: true},
Comment on lines +75 to 76
Copy link
Copy Markdown

@sentry sentry bot Feb 28, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bug: Updating hackney to v3.0 violates the version constraints of HTTPoison and ex_aws, which rely on the hackney v1.x API and will cause runtime failures.
Severity: CRITICAL

Suggested Fix

Do not upgrade hackney to ~> 3.0 in isolation. Instead, identify and upgrade all dependent libraries (like HTTPoison, ex_aws, etc.) to versions that are compatible with hackney v3.0. If compatible versions are not available, the hackney upgrade should be reverted.

Prompt for AI Agent 
Review the code at the location below. A potential bug has been identified by an AI
agent.
Verify if this is a real issue. If it is, propose a fix; if not, explain why it's not
valid.

Location: mix.exs#L75-L76

Potential issue: The pull request updates the `hackney` dependency to version `~> 3.0`.
However, several key dependencies in the project have strict version constraints that
are incompatible with this change. Specifically, `HTTPoison 2.3.0` requires `hackney ~>
1.21` and `ex_aws 2.5.9` requires `hackney ~> 1.16`. While the project uses `override:
true` to force the new version, `hackney` v3.0 introduces breaking API changes. This
will cause runtime failures when libraries like `HTTPoison` and `ex_aws` attempt to call
`hackney` functions that have changed or no longer exist, affecting features like
authentication, S3 file uploads, and autograding.

Did we get this right? 👍 / 👎 to inform future reviews.

{:jason, "~> 1.2"},
{:openai, "~> 0.6.2"},
Expand Down
Loading