chore(deps): bump packages and preserve agents init note styling#186
Conversation
Refresh runtime and toolchain deps to latest, and keep dim note() text in agents init after @clack/prompts 1.6 changed the default formatter.
🦋 Changeset detectedLatest commit: cc29511 The changes in this PR will be included in the next version bump. This PR includes changesets to release 1 package
Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
|
Warning Review limit reached
Next review available in: 55 minutes Enable usage-based reviews in Billing to review now. Otherwise, wait until the next included review is available. How can I continue?After more reviews become available, a review can be triggered using the To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based reviews. How do review limits work?CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan review availability. For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, additional reviews become available more gradually as earlier reviews age out of the rolling window. Please refer docs for additional details. Review details⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Run ID: ⛔ Files ignored due to path filters (1)
📒 Files selected for processing (11)
📝 WalkthroughWalkthroughBumps several runtime and dev dependencies ( ChangesDependency bumps and clack styling fix
Estimated code review effort🎯 1 (Trivial) | ⏱️ ~3 minutes Poem
🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@src/agents-init-interactive.ts`:
- Around line 1-2: The CLI startup path in agents-init-interactive.ts uses
node:util.styleText, which breaks on Bun versions below 1.0.31. Update the Bun
engine requirement to match the minimum needed for styleText, or replace
styleText usage with a compatible fallback in the relevant startup/init code so
the path works on the currently advertised Bun range.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: defaults
Review profile: CHILL
Plan: Pro
Run ID: 9e684a8c-a4b7-4bb3-9aad-53875119b1f2
⛔ Files ignored due to path filters (1)
bun.lockis excluded by!**/*.lock
📒 Files selected for processing (3)
.changeset/deps-bump-clack-oxc.mdpackage.jsonsrc/agents-init-interactive.ts
Re-sync bun.lock workspace metadata to pinned versions, consumer-clean changeset copy, and regression test for agents init note dim styling.
# Conflicts: # bun.lock # package.json
…reformat - @clack/prompts 1.6.0 → 1.7.0 - oxc-parser 0.137.0 → 0.139.0 - oxc-resolver 11.21.3 → 11.23.0 - package-manager-detector 1.6.0 → 1.7.0 - @typescript/native-preview 7.0.0-dev.20260706.1 → 20260707.2 - oxfmt 0.57.0 → 0.58.0, oxlint 1.72.0 → 1.73.0 oxfmt 0.58 drops for-loop trailing-space and markdown table padding; reformat src/worker-pool.ts + docs/plans/perf-triangulation-rollout.md. Also fix a pre-existing broken markdown table in the plan doc (unescaped pipe in a cell + phantom 3rd separator column). GHSA zod cleared-at-current (4.4.3 > 3.22.3 fix). bun audit clean. check + build green.
Delta-driven dependency-upgrade workflow: a script gathers release deltas,
GHSA advisories, and codemap usage sites into one JSON artifact; the agent
reads it and judges. Ported from merchant-dashboard-v2 and adapted to
codemap's CI mirror (bun run check + bun audit blocking on high/critical).
- .agents/skills/upgrade-packages/{SKILL,REFERENCE}.md + .cursor symlink
- scripts/upgrade-packages/evidence.ts — evidence gatherer (gh api +
bun pm view + codemap usage); HIGH_RISK retuned to codemap deps
(better-sqlite3, oxc-parser/resolver, lightningcss, zod, mcp sdk,
chokidar, tsdown)
- scripts/upgrade-packages/.gitignore — dir-local ignore for the
transient artifact.json + .cache/ (1h TTL gh release/advisory cache)
- package.json — upgrade-packages:evidence script alias
- .oxfmtrc.json — ignore the colocated artifact + cache
agents-init-interactive.ts uses node:util.styleText (introduced in d368004 to preserve dim note() body text), which Bun added in 1.0.31. The declared bun engine floor was >=1.0.0 — tighten to match the actual runtime requirement. Node floor (^20.19.0) already covers styleText (added in 20.12.0). CodeRabbit review on #186.
a8290f8 to
0c7b4dc
Compare
Summary
Deps bump (run via the new
upgrade-packagesskill below):@clack/prompts1.6.0 → 1.7.0oxc-parser0.137.0 → 0.139.0oxc-resolver11.21.3 → 11.23.0package-manager-detector1.6.0 → 1.7.0@typescript/native-preview7.0.0-dev.20260706.1 → 20260707.2oxfmt0.57.0 → 0.58.0,oxlint1.72.0 → 1.73.0Tooling: adopt the
upgrade-packagesskill + evidence script (scripts/upgrade-packages/) — a delta-driven dep-upgrade workflow (script gathers release deltas, GHSA advisories, codemap usage sites into one JSON artifact; agent reads + judges). Ported from merchant-dashboard-v2, adapted to codemap's CI mirror. Dir-local.gitignorehandles its own transientartifact.json+.cache/.Formatting: oxfmt 0.58 drops the for-loop trailing space and markdown table cell padding; reformatted
src/worker-pool.ts+docs/plans/perf-triangulation-rollout.md. Also fixed a pre-existing broken markdown table in that plan doc (unescaped|in a cell + phantom 3rd separator column).Pre-existing (from initial branch commit): preserve dim
note()body text incodemap agents init --interactiveafter@clack/prompts1.6 changed the default formatter.hono/js-yaml/qs/zodoverrides unchanged.Security
GHSA
zod(GHSA-m95q-7qp3-xv42, CVE-2023-4316) —cleared-at-current(installed 4.4.3 > fixed-in 3.22.3).bun auditclean.Test plan
bun run check(build, format:check, lint:ci, test, test:scripts, typecheck, test:golden, test:agent-eval)bun run buildbun audit— no vulnerabilities