Skip to content

feat: Update all packages and pin Bun version #15

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

feat: Update all packages and pin Bun version #15

wants to merge 1 commit into from

Conversation

DaxServer
Copy link
Contributor

@DaxServer DaxServer commented Aug 26, 2025
edited by coderabbitai bot
Loading

This commit updates all dependencies to their latest versions using bun update --latest.

It also pins the Bun version to 1.2.21 in the GitHub workflow files and pins @types/bun to 1.2.21 in package.json.

Summary by CodeRabbit

  • Chores
    • Updated CI workflows to use Bun 1.2.21 across lint, test, and release pipelines.
    • Upgraded dependencies and tooling: core SDK, Axios, TypeScript (peer), ESLint-related packages, and Bun type definitions.
    • No changes to public APIs or application behavior.

@google-labs-jules
feat: Update all packages and pin Bun version
d73cfde 
This commit updates all dependencies to their latest versions using `bun update --latest`.

It also pins the Bun version to 1.2.21 in the GitHub workflow files and pins `@types/bun` to 1.2.21 in `package.json`.
@coderabbitai coderabbitai
Copy link

coderabbitai bot commented Aug 26, 2025
edited
Loading

Walkthrough

Bumps Bun version in GitHub Actions workflows from 1.2.19 to 1.2.21 and updates several dependencies and devDependencies in package.json (eslint, @eslint/js, typescript-eslint, @types/bun, TypeScript peer, @modelcontextprotocol/sdk, axios). No functional workflow logic or public API changes.

Changes

Cohort / File(s) Summary of Changes
CI: Bun version bump
.github/workflows/lint.yml, .github/workflows/release.yml, .github/workflows/test.yml		 Updated Setup Bun bun-version from 1.2.19 to 1.2.21; no other workflow steps modified.
Dependencies update
package.json		 Updated dependencies/devDependencies: @eslint/js ^9.30.0→^9.34.0, eslint ^9.30.0→^9.34.0, typescript-eslint ^8.35.0→^8.41.0, @types/bun 1.2.19→1.2.21, peer typescript ^5.8.3→^5.9.2, @modelcontextprotocol/sdk 1.12.1→1.17.4, axios ^1.10.0→^1.11.0.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

Poem

I thump my paws at version’s tune,
Bun hops ahead—now twenty-one point two-one soon!
Lint and tests, we swiftly run,
Dependencies bask beneath the sun.
A nibble of axios, a sprinkle of ESLint—
Ship it quick, with whisker’d glint. 🥕🐇

Tip

🔌 Remote MCP (Model Context Protocol) integration is now available!

Pro plan users can now connect to remote MCP servers from the Integrations page. Connect with popular remote MCPs such as Notion and Linear to add more context to your reviews and chats.

✨ Finishing Touches
🧪 Generate unit tests
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch update-bun-and-packages

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share
🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR/Issue comments)

Type @coderabbitai help to get the list of available commands.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Status, Documentation and Community

  • Visit our Status Page to check the current availability of CodeRabbit.
  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

coderabbitai[bot]
coderabbitai bot reviewed Aug 26, 2025
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🧹 Nitpick comments (1)
.github/workflows/release.yml (1)

25-25: Bun 1.2.21 pin — OK; consider building explicitly before publish

PrepublishOnly will run the build, but adding an explicit “Build” step surfaces failures earlier in logs and keeps CI intent clear.

       - name: Install Dependencies
         run: bun install --frozen-lockfile

+      - name: Build
+        run: bun run build
+
       - name: Publish
         env:
           NPM_CONFIG_TOKEN: ${{ secrets.NPM_TOKEN }}
           TAG: ${{ github.event.release.prerelease && 'canary' || 'latest' }}
         run: bun publish --tag=${{ env.TAG }}
📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

💡 Knowledge Base configuration:

  • MCP integration is disabled by default for public repositories
  • Jira integration is disabled by default for public repositories
  • Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between bc95ba6 and d73cfde.

⛔ Files ignored due to path filters (1)
  • bun.lock is excluded by !**/*.lock
📒 Files selected for processing (4)
  • .github/workflows/lint.yml (1 hunks)
  • .github/workflows/release.yml (1 hunks)
  • .github/workflows/test.yml (1 hunks)
  • package.json (1 hunks)
🔇 Additional comments (4)
.github/workflows/lint.yml (1)

20-20: Pinning Bun to 1.2.21 — LGTM

Matches @types/bun 1.2.21 in package.json. No concerns.

.github/workflows/test.yml (1)

20-20: Bun 1.2.21 pin — LGTM

Consistent with lint and release workflows.

package.json (2)

43-49: Flat ESLint config detected; please verify linting with ESLint 9 & typescript-eslint 8.41

  • A flat-config file (eslint.config.js) is present at the project root.
  • Please run your lint script locally (e.g. npm run lint, yarn lint or bun run lint) to ensure ESLint 9 + typescript-eslint 8.41 produce no deprecation warnings or errors.

54-56: Sanity-check bumped dependencies before merge

The updates to @modelcontextprotocol/[email protected] and axios@^1.11.0 may introduce subtle API or behavioral changes. Please verify:

  • Type-checking still passes by running your build pipeline (e.g. 
    npm run build   # runs tsc && tsc-alias
    or 
    yarn build
```)
  • All automated tests still pass (e.g. 
    npm test
    or your project’s test runner). If you haven’t defined a test script, either add one or invoke your test command directly (e.g. jest, vitest, etc.).
  • Any critical integration points in your code that rely on these dependencies are still exercising the intended behavior.

Once you’ve confirmed both type-checks and tests are green and manually spot-checked key API calls, this bump is safe to merge.

package.json
},
"peerDependencies": {
"typescript": "^5.8.3"
"typescript": "^5.9.2"
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Verification agent

🧩 Analysis chain

Build may fail in Release: TypeScript is only a peerDependency

Release uses “prepublishOnly” -> “bun run build”, which runs tsc. Because TypeScript is listed only as a peerDependency, CI won’t install it during “bun install --frozen-lockfile”, and the build can fail. Add TypeScript as a devDependency (keep the peerDependency for consumers).

   "devDependencies": {
     "@eslint/js": "^9.34.0",
     "@types/bun": "1.2.21",
     "eslint": "^9.34.0",
     "prettier": "^3.6.2",
     "tsc-alias": "^1.8.16",
-    "typescript-eslint": "^8.41.0"
+    "typescript-eslint": "^8.41.0",
+    "typescript": "^5.9.2"
   },
   "peerDependencies": {
     "typescript": "^5.9.2"
   },

🏁 Script executed:

#!/bin/bash
# Validate tsc availability and version resolution used by the build.
jq -r '.devDependencies.typescript, .peerDependencies.typescript' package.json
bun x tsc -v || echo "TypeScript not installed in dev deps"

Length of output: 284

Add TypeScript to devDependencies to prevent build failures

Your verification script confirms that TypeScript is only listed as a peerDependency (shown as ^5.9.2) and is absent from devDependencies (null), so the build step (bun run buildtsc) will fail in CI without installing TypeScript first.

• File: package.json
– Under "devDependencies", add "typescript": "^5.9.2"

Proposed diff:

   "devDependencies": {
     "@eslint/js": "^9.34.0",
     "@types/bun": "1.2.21",
     "eslint": "^9.34.0",
     "prettier": "^3.6.2",
     "tsc-alias": "^1.8.16",
-    "typescript-eslint": "^8.41.0"
+    "typescript-eslint": "^8.41.0",
+    "typescript": "^5.9.2"
   },
   "peerDependencies": {
     "typescript": "^5.9.2"
   },

This ensures tsc is available during your prepublishOnly build without affecting consumers (who still benefit from the peerDependency version constraint).

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
"typescript": "^5.9.2"
"devDependencies": {
"@eslint/js": "^9.34.0",
"@types/bun": "1.2.21",
"eslint": "^9.34.0",
"prettier": "^3.6.2",
"tsc-alias": "^1.8.16",
"typescript-eslint": "^8.41.0",
"typescript": "^5.9.2"
},
"peerDependencies": {
"typescript": "^5.9.2"
},
🤖 Prompt for AI Agents 
In package.json around line 51, add "typescript": "^5.9.2" to the
"devDependencies" section so that tsc is available during CI/local builds; keep
the existing peerDependency entry unchanged and ensure package.json remains
valid JSON (comma placement and quoting) after inserting the new devDependency.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@DaxServer