chore: update @probelabs/probe to v0.6.0-rc236

[probelabs]

This PR updates @probelabs/probe to version v0.6.0-rc236.

Triggered by release: probelabs/probe@v0.6.0-rc236

Changes

• Updates @probelabs/probe dependency to v0.6.0-rc236

🤖 Auto-generated by release workflow

[probelabs]

PR Overview: Update @probelabs/probe to v0.6.0-rc236

Summary

This PR updates the @probelabs/probe dependency from version 0.6.0-rc233 to 0.6.0-rc236. This is an automated dependency update triggered by the probelabs/probe release workflow.

Files Changed

• package.json: Updated @probelabs/probe version constraint from ^0.6.0-rc233 to ^0.6.0-rc236
• package-lock.json: Updated the locked version and integrity checksum for @probelabs/probe

Notable Changes in Dependency Tree

The update includes a significant change in the @probelabs/probe package's dependencies:

• @nyariv/sandboxjs: Changed from npm registry version ^0.8.32 to a GitHub reference github:probelabs/SandboxJS
  • This indicates the package now uses a forked or development version from GitHub rather than the published npm package
  • The nested dependency entry for version 0.8.33 was removed from the lockfile

Architecture & Impact Assessment

What This PR Accomplishes

• Bumps the Probe SDK to the latest release candidate (rc236)
• Updates transitive dependencies within the Probe package

Key Technical Changes

1. Version Update: 0.6.0-rc233 → 0.6.0-rc236
2. Dependency Source Change: @nyariv/sandboxjs now references github:probelabs/SandboxJS instead of npm registry

Affected System Components

The @probelabs/probe package is used extensively throughout the codebase:

• AI Review Service (src/ai-review-service.ts): Uses ProbeAgent and ProbeAgentOptions for AI-powered code review
• Session Registry (src/session-registry.ts): Manages AI agent sessions
• Diff Processor (src/utils/diff-processor.ts): Uses the extract utility
• Tracer Initialization (src/utils/tracer-init.ts): Uses SimpleTelemetry and SimpleAppTracer for debugging/tracing
• Engine Context Builder (src/state-machine/context/build-engine-context.ts): Dynamically requires the package
• Test Suite: Extensively mocked across unit, integration, and E2E tests

Component Relationships

graph TD
    A[visor package] --> B["@probelabs/probe v0.6.0-rc236"]
    B --> C["@nyariv/sandboxjs github:probelabs/SandboxJS"]
    B --> D["@anthropic-ai/claude-agent-sdk"]
    B --> E["@modelcontextprotocol/sdk"]
    B --> F["@ai-sdk/openai"]
    
    A --> G[AI Review Service]
    A --> H[Session Registry]
    A --> I[Diff Processor]
    A --> J[Tracer Init]
    
    G --> B
    H --> B
    I --> B
    J --> B

Loading

Scope Discovery & Context Expansion

Direct Impact Areas

1. Core AI Functionality: The ProbeAgent is central to AI-powered code review features
2. Telemetry/Debugging: SimpleTelemetry and SimpleAppTracer are used for production debugging
3. Test Infrastructure: All tests use mocked versions of ProbeAgent

Related Files to Verify

Based on the usage patterns, the following areas should be verified post-deployment:

• CI/CD Pipelines: Ensure the GitHub reference for @nyariv/sandboxjs resolves correctly in build environments
• Test Suites: Verify mocks still align with the new Probe version's API
• Telemetry Output: Confirm trace file generation works with updated SimpleTelemetry
• AI Review Features: Validate that code review functionality remains intact

Risk Assessment

Low Risk - This is a minor version bump within the 0.6.0-rc series. The change from npm to GitHub reference for @nyariv/sandboxjs is notable but appears intentional (likely using a fork with specific fixes).

Recommendations for Reviewers:

1. Verify CI/CD builds successfully with the GitHub dependency reference
2. Check that test mocks in __mocks__/@probelabs/probe.ts remain compatible
3. Monitor for any runtime issues related to the sandboxjs dependency change

Labels

• Type: chore (dependency update)
• Review Effort: 1 (trivial - automated version bump with no code changes required)

Metadata

• Review Effort: 1 / 5
• Primary Label: chore

---

Powered by Visor from Probelabs

Last updated: 2026-02-16T20:01:27.860Z | Triggered by: pr_opened | Commit: f3fd345

💡 TIP: You can chat with Visor using /visor ask <your question>

[probelabs]

✅ Security Check Passed

No security issues found – changes LGTM.

Architecture Issues (2)

Severity	Location	Issue
🟠 Error	package.json:14	Duplicate dependency on @nyariv/sandboxjs creates version inconsistency risk. The package is specified directly with a specific commit hash (github:probelabs/SandboxJS#f1c13b8eee98734a8ea024061eada4aa9a9ff2e9) while @probelabs/probe now references it without a commit hash (github:probelabs/SandboxJS). This can lead to two different versions being installed, causing runtime inconsistencies, increased bundle size, and potential type mismatches. 💡 Suggestion Remove the direct dependency on @nyariv/sandboxjs from package.json and rely solely on the version provided by @probelabs/probe. If a specific commit is required, update @probelabs/probe's dependency to use the same commit hash, or use npm package overrides to ensure both resolve to the same version. 🔧 Suggested Fix "@nyariv/sandboxjs": "github:probelabs/SandboxJS#f1c13b8eee98734a8ea024061eada4aa9a9ff2e9" should be removed from dependencies section
🟠 Error	package-lock.json:6410	@probelabs/probe's transitive dependency on @nyariv/sandboxjs now resolves to GitHub without a commit hash, which is non-deterministic. Unlike the direct dependency which pins to commit f1c13b8eee98734a8ea024061eada4aa9a9ff2e9, the transitive dependency can resolve to different versions over time, breaking reproducibility and potentially causing different behavior across installations. 💡 Suggestion Use npm package overrides (overrides field in package.json) to force @probelabs/probe's @nyariv/sandboxjs dependency to resolve to the same commit hash as the direct dependency, or remove the direct dependency entirely and pin the version through @probelabs/probe's dependency resolution. 🔧 Suggested Fix Add to package.json: "overrides": { "@probelabs/probe/@nyariv/sandboxjs": "github:probelabs/SandboxJS#f1c13b8eee98734a8ea024061eada4aa9a9ff2e9" }

✅ Performance Check Passed

No performance issues found – changes LGTM.

✅ Quality Check Passed

No quality issues found – changes LGTM.

---

Powered by Visor from Probelabs

Last updated: 2026-02-16T20:01:30.453Z | Triggered by: pr_opened | Commit: f3fd345

💡 TIP: You can chat with Visor using /visor ask <your question>