Skip to content

build(deps): Bump annotations 1.3.1 → 1.4.0, asserts 1.5.0 → 1.6.1 and 2 more packages #30

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
Stivo182 merged 1 commit into from
Jan 30, 2026
Merged

build(deps): Bump annotations 1.3.1 → 1.4.0, asserts 1.5.0 → 1.6.1 and 2 more packages #30

Stivo182 merged 1 commit into from
Jan 30, 2026

Conversation

@Stivo182
Copy link
Owner

@Stivo182 Stivo182 commented Nov 10, 2025
edited by coderabbitai bot
Loading

  • annotations: 1.3.1 → 1.4.0
    (repo · hub)
  • asserts: 1.5.0 → 1.6.1
    (repo · hub)
  • autumn: 4.3.11 → 4.3.12
    (repo · hub)
  • lambdas: 0.3.2 → 0.3.3
    (repo · hub)

Summary by CodeRabbit

  • Chores
    • Updated dependency versions to the latest releases for annotations, asserts, autumn, and lambdas packages.

✏️ Tip: You can customize this high-level summary in your review settings.

@coderabbitai
Copy link

coderabbitai bot commented Nov 10, 2025
edited
Loading

📝 Walkthrough

Walkthrough

Updated four dependency declarations in packagedef: annotations 1.3.1 → 1.4.0, asserts 1.5.0 → 1.6.1, autumn 4.3.11 → 4.3.12, lambdas 0.3.2 → 0.3.3; no other files or logic changed.

Changes

Cohort / File(s) Summary
Dependency Version Updates
packagedef		 Bumped dependency versions: ЗависитОт("annotations", "1.3.1")ЗависитОт("annotations", "1.4.0"), ЗависитОт("asserts", "1.5.0")ЗависитОт("asserts", "1.6.1"), ЗависитОт("autumn", "4.3.11")ЗависитОт("autumn", "4.3.12"), ЗависитОт("lambdas", "0.3.2")ЗависитОт("lambdas", "0.3.3").

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Poem

🐰 I hopped through lines with nimble paws,
Four tiny bumps to tidy the cause.
Annotations, asserts, autumn, lambdas — done,
A quick tidy-up, then off to run.
🥕

🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title accurately summarizes the main change—updating four package dependencies with specific version numbers, matching the changeset contents.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch depos/bump-deps/latest

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@Stivo182 Stivo182 force-pushed the depos/bump-deps/latest branch from a507738 to 1936a0f Compare November 17, 2025 01:07
@Stivo182 Stivo182 changed the title build(deps): Bump annotations 1.3.1 → 1.4.0 build(deps): Bump annotations 1.3.1 → 1.4.0, lambdas 0.3.2 → 0.3.3 Nov 17, 2025
@Stivo182 Stivo182 force-pushed the depos/bump-deps/latest branch from 1936a0f to 2346626 Compare November 24, 2025 01:10
@Stivo182 Stivo182 changed the title build(deps): Bump annotations 1.3.1 → 1.4.0, lambdas 0.3.2 → 0.3.3 build(deps): Bump annotations 1.3.1 → 1.4.0, asserts 1.5.0 → 1.6.0 and 1 more package Nov 24, 2025
coderabbitai[bot]
coderabbitai bot reviewed Nov 24, 2025
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 1936a0f and 2346626.

📒 Files selected for processing (1)
  • packagedef (1 hunks)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (14)
  • GitHub Check: test (stable) / build (ubuntu-latest, stable)
  • GitHub Check: test (dev) / build (windows-latest, dev)
  • GitHub Check: test (dev) / build (macos-latest, dev)
  • GitHub Check: test (stable) / build (macos-latest, stable)
  • GitHub Check: test (dev) / build (ubuntu-latest, dev)
  • GitHub Check: test (stable) / build (windows-latest, stable)
  • GitHub Check: sonar / test
  • GitHub Check: test (stable) / build (macos-latest, stable)
  • GitHub Check: sonar / test
  • GitHub Check: test (stable) / build (ubuntu-latest, stable)
  • GitHub Check: test (dev) / build (windows-latest, dev)
  • GitHub Check: test (dev) / build (ubuntu-latest, dev)
  • GitHub Check: test (stable) / build (windows-latest, stable)
  • GitHub Check: test (dev) / build (macos-latest, dev)
🔇 Additional comments (1)
packagedef (1)

22-22: Verify all three dependency versions exist on hub.oscript.io before merging.

Unable to confirm via GitHub API or web search whether versions 1.4.0 (annotations), 1.6.0 (asserts), and 0.3.3 (lambdas) exist or have security issues. Please manually verify these versions are available on the package hub and check for any known security vulnerabilities before merging.

packagedef
.ЗависитОт("coloratos", "0.3.0")
.ЗависитОт("fluent", "0.6.1")
.ЗависитОт("lambdas", "0.3.2")
.ЗависитОт("lambdas", "0.3.3")
Copy link

@coderabbitai coderabbitai bot Nov 24, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

Verify the lambdas 0.3.3 version exists and check for security advisories.

Please verify that version 0.3.3 of the lambdas package exists and has no known vulnerabilities.

🏁 Script executed:

#!/bin/bash
# Description: Verify lambdas version 0.3.3 exists

# Check oscript-library for lambdas package
echo "Checking for lambdas package version 0.3.3..."
gh api repos/oscript-library/lambdas/releases --jq '.[] | select(.tag_name | contains("0.3.3")) | {tag_name, published_at, body}'

# Alternative: Check tags
gh api repos/oscript-library/lambdas/tags --jq '.[] | select(.name | contains("0.3.3")) | .name'

Length of output: 45


---

🏁 Script executed:

```shell
#!/bin/bash
# Try to list all repos in oscript-library to find lambdas
gh repo list oscript-library --limit 200 | grep -i lambda

Length of output: 117


---

🏁 Script executed:

```shell
#!/bin/bash
# Get all releases and tags for lambdas repository
echo "=== Releases ===" 
gh api repos/oscript-library/lambdas/releases --paginate --jq '.[] | {tag_name, published_at, draft, prerelease}'

echo ""
echo "=== Tags ===" 
gh api repos/oscript-library/lambdas/tags --paginate --jq '.[] | .name'

Length of output: 37

lambdas version 0.3.3 does not exist in the repository.

The oscript-library/lambdas repository only contains a single tag: v0.1.0. The version 0.3.3 referenced in the dependency update does not exist, making this an invalid version specification.

🤖 Prompt for AI Agents 
In packagedef around line 28, the dependency entry .ЗависитОт("lambdas",
"0.3.3") references a non‑existent version; replace "0.3.3" with the actual
available tag (e.g., "v0.1.0") or the correct version string from the
oscript-library/lambdas repo, or remove the dependency if it’s not needed, then
run the dependency validation to ensure the new version exists.

@Stivo182 Stivo182 force-pushed the depos/bump-deps/latest branch from 2346626 to 496c971 Compare December 1, 2025 01:19
@Stivo182 Stivo182 changed the title build(deps): Bump annotations 1.3.1 → 1.4.0, asserts 1.5.0 → 1.6.0 and 1 more package build(deps): Bump annotations 1.3.1 → 1.4.0, asserts 1.5.0 → 1.6.1 and 2 more packages Dec 1, 2025
@Stivo182 Stivo182 force-pushed the depos/bump-deps/latest branch 2 times, most recently from 21c38d0 to cfdeb55 Compare January 29, 2026 21:02
@Stivo182 Stivo182 changed the title build(deps): Bump annotations 1.3.1 → 1.4.0, asserts 1.5.0 → 1.6.1 and 2 more packages build(deps): Bump annotations 1.3.1 → 1.4.0, asserts 1.5.0 → 1.6.1 and 1 more package Jan 29, 2026
@Stivo182 Stivo182 changed the title build(deps): Bump annotations 1.3.1 → 1.4.0, asserts 1.5.0 → 1.6.1 and 1 more package build(deps): Bump annotations 1.3.1 → 1.4.0, asserts 1.5.0 → 1.6.1 and 2 more packages Jan 30, 2026
@Stivo182 Stivo182 force-pushed the depos/bump-deps/latest branch from cfdeb55 to 3502290 Compare January 30, 2026 07:13
@sonar-openbsl-ru-qa-bot
Copy link

sonar-openbsl-ru-qa-bot bot commented Jan 30, 2026

Passed Quality Gate passed

Issues

Measures

Project ID: benchmark

View in SonarQube

@Stivo182 Stivo182 merged commit 2cd11f5 into main Jan 30, 2026
32 checks passed
@Stivo182 Stivo182 deleted the depos/bump-deps/latest branch February 2, 2026 01:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

Assignees

No one assigned

Labels

dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Stivo182