chore(deps): bump aeo-audit to 4.0.1 + gated auto-bump CI (v4.83.0)#708
Merged
Conversation
Bump the @ainyc/aeo-audit engine 3.0.0 -> 4.0.1 (exact pin, API-compatible: workspace typecheck + the full 4486-test suite pass). The pin stays exact so each engine bump — aeo-audit ships breaking majors — is gated by CI before it lands. Add scripts/bump-aeo-audit.mjs (resolves npm latest, rewrites both package.json pins) and a scheduled Bump-aeo-audit workflow that runs the bump through typecheck + tests and opens a PR only if green. The workflow leaves canonry's own version alone by default, so a new engine ships with the next canonry release. Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
The auto-bump gate ran only typecheck + test, but ci.yml's required validate gate also runs lint and build. Since @ainyc/aeo-audit is bundled into the published package via tsup, a breaking major can break the bundle without failing typecheck — and the default-GITHUB_TOKEN path means ci.yml won't re-run on the opened PR. Add Lint and Build (pnpm -r run build, matching ci.yml) before the test suite, and keep the gate descriptions + PR body in sync. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the
@ainyc/aeo-auditaudit engine and adds automation so it stays current.3.0.0 → 4.0.1. The 3→4 major is API-compatible — workspace typecheck and the full 4486-test suite pass with no code changes. Canonry4.82.0 → 4.83.0.scripts/bump-aeo-audit.mjs: resolves npm'slatest, rewrites bothpackage.jsonpins (canonry + worker); runnable locally as a release step.Bump aeo-auditworkflow: weekly + on-demand — runs the bump through typecheck + tests and opens a PR only when green. The pin stays exact so each breaking-major bump is gated before it lands; the workflow leaves canonry's own version alone by default, so a new engine ships with the next canonry release.