Conversation
- Update paradigmxyz/reth tag from v1.11.0 to v1.11.3 - Bump deps/optimism submodule to 681867a2ed9707a976da302c488440ed76851242 (op-reth v1.11.3 compatible) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Previously TreeConfig was constructed from scratch with only persistence_threshold and memory_block_buffer_target, silently ignoring all other engine flags including --engine.legacy-state-root. Replace with builder.config().engine.tree_config() which applies all engine CLI arguments. This fixes the runtime panic: "wait_cloned must not be called from a rayon worker thread" When --engine.legacy-state-root is passed, tree_config() sets legacy_state_root=true, which causes use_state_root_task() to return false, selecting StateRootStrategy::Parallel and bypassing ProofWorkerHandle entirely. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Code Review: feat: upgrade op-reth with reth v1.11.3Summary: This PR bumps the upstream reth dependency from v1.11.0 to v1.11.3 (patch release), updates the Issues🟡 Warning — Draft PR: This PR is currently in draft state. Ensure CI passes and the draft is promoted to ready-for-review before merge. 🟡 Warning — Submodule bump unverified: The cd deps/optimism && git log --oneline -1and confirm it matches the expected op-node v1.16.8 tag or release commit. 🔵 Suggestion — No reth changelog summary: The PR description links to the op-node release but doesn't summarize what changed between reth v1.11.0 and v1.11.3. It would be helpful to add a brief note on the key fixes/changes included in the three patch releases (v1.11.1, v1.11.2, v1.11.3) to help future reviewers understand the motivation and any potential behavioral changes. Positives
VerdictNeeds Discussion — The change itself is straightforward and well-executed. The two items to resolve before merging:
Reviewed by Claude Code |
* main: fix(claude): dup comments @review and unwarranted auth step trigger (#202) feat(intercept): add bridge intercept in flashblocks (#177) add github token to claude step (#201) restore id-token (#200) fix: resolve Node compile issue, use nightly formatting, pin Rust to 1.93, and fix Claude 401s (#198) feat: integrate legacy migrate tool into bin/tools crate (#196) refactor(node): clean up main.rs (#187) feat(ci): restrict to PR author as triggerman (#195)
The github-script REST client was silently swallowing API errors (e.g. auth/permission failures), leaving has_alerts=false and causing all downstream steps to be skipped with no visible reason. Switch to gh CLI with GH_TOKEN so failures exit loudly with a clear error message. Also simplifies the code by doing the JSON filtering and reshaping in a single jq expression.
The Dependabot REST API returns 404 for GITHUB_TOKEN even with security-events: read in many org configurations. Switch to cargo audit --json which uses the same RustSec advisory database that Dependabot uses for Rust, needs no API permissions, and provides richer data (installed version, exact patched ranges, CVSS vector). Also drop the now-unnecessary security-events: read and id-token: write permissions from the job.
* main: fix(ci): switch from dependabot API to cargo audit fix(ci): use gh CLI to fetch dependabot alerts feat(claude): let AI sort out security issues (#203)
This reverts commit 9ab89c3.
This reverts commit 6c6335f.
1 participant
https://github.com/ethereum-optimism/optimism/commits/op-reth/v1.11.3/