chore: bump version to v0.6.1 and exclude buggy apache-tvm-ffi releases

[yzh119]

Summary

This PR bumps the FlashInfer version to v0.6.1 and updates the apache-tvm-ffi dependency to exclude buggy releases.

Changes

• Update version.txt to v0.6.1
• Add dependency exclusions for apache-tvm-ffi v0.1.8 and v0.1.8.post0 in both requirements.txt and pyproject.toml

Fixes #2346

Generated with Claude Code

Summary by CodeRabbit

Release Notes

• Chores
  • Version bumped to 0.6.1
  • Updated build and runtime dependencies to exclude problematic apache-tvm-ffi versions (0.1.8 and 0.1.8.post0)

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

📝 Walkthrough

Walkthrough

Version 0.6.1 release with dependency constraint tightening. Apache-tvm-ffi versions 0.1.8 and 0.1.8.post0 are explicitly excluded from acceptable ranges in build configuration and requirements, while the version string is incremented from 0.6.0 to 0.6.1.

Changes

Cohort / File(s)	Summary
Dependency Constraint Updates pyproject.toml, requirements.txt	Added exclusion constraints for apache-tvm-ffi versions 0.1.8 and 0.1.8.post0 in both build-system requires and general requirements; constraint now reads >=0.1.6,!=0.1.8,!=0.1.8.post0,<0.2
Version Bump version.txt	Project version incremented from 0.6.0 to 0.6.1

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Possibly related PRs

• update version to 0.6.0 #2300: Similar version bump release work that updates version.txt, though targeting a different version (0.6.0 vs 0.6.1).

Poem

🐰 Hop, hop, dependencies take a skip!
Zero-point-eight versions gave us a trip.
Now excluded, those buggy releases are banned,
While 0.6.1 hops across the land. ✨

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and concisely summarizes both main changes: bumping version to v0.6.1 and excluding buggy apache-tvm-ffi releases, directly reflecting the PR's primary objectives.
Description check	✅ Passed	The description adequately covers the PR's purpose with clear summary, specific changes listed, and reference to the linked issue, though it omits the PR checklist template sections.
Linked Issues check	✅ Passed	The PR fully addresses issue #2346 requirements: version bumped to v0.6.1, and apache-tvm-ffi dependency constraints exclude v0.1.8 and v0.1.8.post0 in both configuration files.
Out of Scope Changes check	✅ Passed	All changes are directly aligned with the linked issue #2346: version bump, and dependency constraint updates for apache-tvm-ffi with no extraneous modifications.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

📜 Recent review details

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 6ba8058 and a9203b8.

📒 Files selected for processing (3)

• pyproject.toml
• requirements.txt
• version.txt

🧰 Additional context used

🧠 Learnings (3)

📚 Learning: 2025-12-30T09:34:39.900Z

Learnt from: CR
Repo: flashinfer-ai/flashinfer PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-12-30T09:34:39.900Z
Learning: Applies to flashinfer/__init__.py : Export new operations in `flashinfer/__init__.py` to make them available as public API

Applied to files:

• pyproject.toml

📚 Learning: 2025-12-30T09:34:39.900Z

Learnt from: CR
Repo: flashinfer-ai/flashinfer PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-12-30T09:34:39.900Z
Learning: Applies to flashinfer/**/*.py : Use `flashinfer_api` decorator for debugging API calls, enable via `FLASHINFER_LOGLEVEL` environment variable (0=off, 1=basic, 3=detailed, 5=with stats)

Applied to files:

• pyproject.toml

📚 Learning: 2025-12-30T09:34:39.900Z

Learnt from: CR
Repo: flashinfer-ai/flashinfer PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-12-30T09:34:39.900Z
Learning: Applies to include/**/*.cuh : Kernel code in `include/flashinfer/` is automatically picked up by JIT compilation on changes - no pip reinstall needed

Applied to files:

• pyproject.toml

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (5)

• GitHub Check: build (cu128, arm64)
• GitHub Check: build (cu129, amd64)
• GitHub Check: build (cu128, amd64)
• GitHub Check: Deploy Docs
• GitHub Check: claude-review

🔇 Additional comments (3)

version.txt (1)

1-1: LGTM!

Version bump to 0.6.1 aligns with the release objectives.

requirements.txt (1)

1-1: LGTM!

The version constraint correctly excludes the buggy releases (0.1.8 and 0.1.8.post0) while maintaining the valid version range. The PEP 440 syntax is correct.

pyproject.toml (1)

29-32: LGTM!

The build-system dependency constraint for apache-tvm-ffi correctly mirrors the constraint in requirements.txt, ensuring consistency between build-time and runtime dependencies. Both correctly exclude the buggy 0.1.8 and 0.1.8.post0 releases.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[gemini-code-assist]

Summary of Changes

Hello @yzh119, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request primarily focuses on a routine version increment for FlashInfer to v0.6.1 and a critical update to its dependency management. It ensures that the project avoids known problematic releases of the apache-tvm-ffi library, thereby enhancing stability and reliability.

Highlights

• Version Bump: The project version has been updated from v0.6.0 to v0.6.1 in version.txt.
• Dependency Exclusion: Specific buggy releases of apache-tvm-ffi (versions 0.1.8 and 0.1.8.post0) have been explicitly excluded from the project's dependencies in both requirements.txt and pyproject.toml.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[yzh119]

Wait for #2334 to be merged.

[gemini-code-assist]

Code Review

This pull request correctly bumps the version to v0.6.1 and updates the apache-tvm-ffi dependency to exclude buggy releases. The changes are consistent across pyproject.toml and requirements.txt. My review includes suggestions to improve maintainability by adding comments to the duplicated dependency specifications, which will help prevent them from becoming out of sync in the future.

[gemini-code-assist]

The dependency constraint for apache-tvm-ffi is duplicated here and in requirements.txt. This can lead to maintenance issues if they get out of sync. To mitigate this, consider making the requires list multi-line and adding a comment to remind developers to keep the versions synchronized. This improves readability and maintainability.

Suggested change

	requires = ["setuptools>=77", "packaging>=24", "apache-tvm-ffi>=0.1.6,!=0.1.8,!=0.1.8.post0,<0.2"]
	requires = [
	"setuptools>=77",
	"packaging>=24",
	# The constraint below is also in requirements.txt and should be kept in sync
	"apache-tvm-ffi>=0.1.6,!=0.1.8,!=0.1.8.post0,<0.2",
	]

[gemini-code-assist]

To improve maintainability, it's good practice to add a comment here to note that this dependency constraint for apache-tvm-ffi is also defined in pyproject.toml under [build-system].requires. This helps prevent them from getting out of sync in the future.

# This constraint is also in pyproject.toml's [build-system] and should be kept in sync.
apache-tvm-ffi>=0.1.6,!=0.1.8,!=0.1.8.post0,<0.2

[claude]

Code Review Summary

This PR looks good overall! It properly addresses the apache-tvm-ffi dependency issue and follows the project's versioning scheme. Here's my detailed review:

✅ Strengths

1. Correct version bump: The bump from v0.6.0 → v0.6.1 follows the documented versioning scheme correctly. According to CLAUDE.md, patch versions are for "backwards-compatible bug fixes," which is exactly what this is (excluding buggy dependency versions).

2. Consistent dependency exclusions: The apache-tvm-ffi exclusions are applied consistently in both locations:

   • pyproject.toml (build-system.requires)
   • requirements.txt (runtime dependencies)

3. Valid PEP 440 syntax: The dependency specifier apache-tvm-ffi>=0.1.6,!=0.1.8,!=0.1.8.post0,<0.2 is syntactically correct and follows Python packaging standards.

4. Clear documentation: The commit message and PR description clearly explain the rationale.

📝 Minor Suggestions

1. CHANGELOG.md update: Consider adding an entry to CHANGELOG.md for v0.6.1. While the CHANGELOG currently only goes up to v0.2.1, maintaining it would help users understand what changed between versions. Example:

   ## [0.6.1] - 2026-01-13
   
   ### Fixed
   - Exclude buggy apache-tvm-ffi releases (v0.1.8, v0.1.8.post0) to prevent installation issues

2. Document the TVM-FFI issue: It might be helpful to add a comment in the code or documentation explaining why these specific versions are excluded (e.g., what bug they contain). This would help future maintainers understand the context. However, this is optional since the issue/PR trail provides context.

🔍 Verification Checks

✅ Version syntax is valid
✅ Dependency specifier follows PEP 440
✅ Changes are minimal and focused
✅ No breaking changes
✅ Follows project conventions
✅ Appropriate for patch release

Security & Performance

No security or performance concerns. This is a pure dependency management change that prevents installation of known-buggy versions.

Test Coverage

This type of change (version bump + dependency exclusion) doesn't require new tests. The existing test suite will validate that the allowed TVM-FFI versions work correctly.

---

Recommendation: ✅ Approve with optional suggestion to update CHANGELOG.md

The PR is ready to merge as-is. The CHANGELOG update is a nice-to-have but not blocking.