Skip to content

[codex] Consolidate Dependabot dependency updates#360

Merged
michaelmwu merged 1 commit into
mainfrom
codex/consolidate-dependabot-updates
Jul 2, 2026
Merged

[codex] Consolidate Dependabot dependency updates#360
michaelmwu merged 1 commit into
mainfrom
codex/consolidate-dependabot-updates

Conversation

@michaelmwu

@michaelmwu michaelmwu commented Jul 2, 2026

Copy link
Copy Markdown
Member

Summary

Consolidates the open Dependabot dependency PRs into one branch:

Also regenerates uv.lock and apps/admin_dashboard/bun.lock, then rebuilds the committed dashboard static assets for the Vite/Tailwind changes.

Validation

  • ./scripts/test.sh
  • ./scripts/lint.sh
  • ./scripts/pyrefly.sh
  • bun run build in apps/admin_dashboard

Note: Biome 2.5 emits informational config migration notices for the existing biome.json schema/recommended fields, but lint exits successfully.

Summary by CodeRabbit

  • New Features

    • Updated the admin dashboard’s bundled assets, including refreshed JavaScript and stylesheet references.
  • Chores

    • Upgraded several project dependencies across the API, worker, shared packages, and dashboard tooling.
    • Bumped development tooling and test support packages for more up-to-date builds and workflows.

@coderabbitai

coderabbitai Bot commented Jul 2, 2026

Copy link
Copy Markdown

Review Change Stack

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 4111f301-6a8e-4c91-aa1e-594052d05f41

📥 Commits

Reviewing files that changed from the base of the PR and between 039564f and 7aef67c.

⛔ Files ignored due to path filters (2)
  • apps/admin_dashboard/bun.lock is excluded by !**/*.lock
  • uv.lock is excluded by !**/*.lock
📒 Files selected for processing (11)
  • apps/admin_dashboard/package.json
  • apps/api/pyproject.toml
  • apps/api/src/five08/backend/static/dashboard/.vite/manifest.json
  • apps/api/src/five08/backend/static/dashboard/assets/index-DJVNsvDL.js
  • apps/api/src/five08/backend/static/dashboard/assets/index-DOvcAaPR.css
  • apps/api/src/five08/backend/static/dashboard/assets/index-O0VUJuOk.css
  • apps/api/src/five08/backend/static/dashboard/index.html
  • apps/discord_bot/pyproject.toml
  • apps/worker/pyproject.toml
  • packages/shared/pyproject.toml
  • pyproject.toml
💤 Files with no reviewable changes (1)
  • apps/api/src/five08/backend/static/dashboard/assets/index-DOvcAaPR.css

📝 Walkthrough

Walkthrough

This PR bumps dependency version constraints across Python packages (fastapi, psycopg, pydantic, requests, pytest-asyncio) and JS tooling (tailwindcss, biome, shadcn, vite) in multiple manifests, and regenerates the admin dashboard's built static assets (manifest, CSS bundle, HTML) to reflect the new Tailwind build.

Changes

Dependency version bumps

Layer / File(s) Summary
Python package dependency bumps
apps/api/pyproject.toml, apps/discord_bot/pyproject.toml, apps/worker/pyproject.toml, packages/shared/pyproject.toml, pyproject.toml
Version constraints bumped for fastapi, psycopg[binary], pydantic, requests, and pytest-asyncio.
JS dependency bumps and rebuilt dashboard assets
apps/admin_dashboard/package.json, apps/api/src/five08/backend/static/dashboard/.vite/manifest.json, apps/api/src/five08/backend/static/dashboard/assets/index-DOvcAaPR.css, apps/api/src/five08/backend/static/dashboard/assets/index-O0VUJuOk.css, apps/api/src/five08/backend/static/dashboard/index.html
Tailwind/vite/biome/shadcn versions bumped; the old CSS asset is removed and replaced with a newly hashed, regenerated Tailwind CSS bundle, and the manifest and HTML are updated to reference the new hashed asset names.

Estimated code review effort: 2 (Simple) | ~10 minutes

Possibly related PRs

  • 508-dev/508-workflows#283: Prior PR that produced the same admin dashboard build pipeline and static asset outputs now being regenerated with new hashed filenames.
🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title accurately summarizes the main change: combining multiple Dependabot dependency updates into one PR.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch codex/consolidate-dependabot-updates

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@michaelmwu michaelmwu marked this pull request as ready for review July 2, 2026 14:29
Copilot AI review requested due to automatic review settings July 2, 2026 14:29

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Consolidates multiple Dependabot dependency updates across the Python services and the admin dashboard, and updates the committed dashboard build artifacts served by the API.

Changes:

  • Bumps Python dependencies across the workspace (FastAPI, Pydantic, psycopg, requests, pytest-asyncio).
  • Updates admin dashboard toolchain dependencies (Vite, Tailwind, @tailwindcss/vite, Biome, shadcn) and regenerates bun.lock.
  • Rebuilds and commits the dashboard static assets (updated hashed asset filenames, Vite manifest, and Tailwind output CSS).

Reviewed changes

Copilot reviewed 9 out of 13 changed files in this pull request and generated no comments.

Show a summary per file
File Description
pyproject.toml Updates dev dependency pytest-asyncio to ~=1.4.0.
packages/shared/pyproject.toml Bumps shared runtime deps (pydantic, psycopg[binary], requests) to newer versions.
apps/worker/pyproject.toml Aligns worker runtime deps (pydantic, psycopg[binary], requests) with shared updates.
apps/discord_bot/pyproject.toml Aligns bot runtime deps (pydantic, requests) with shared updates.
apps/api/pyproject.toml Updates API deps (fastapi, psycopg[binary], pydantic) and keeps workspace sources intact.
apps/admin_dashboard/package.json Bumps dashboard dependencies/devDependencies (Vite, Tailwind, Biome, shadcn, @tailwindcss/vite).
apps/admin_dashboard/bun.lock Regenerates Bun lockfile for updated dashboard dependencies.
apps/api/src/five08/backend/static/dashboard/index.html Updates dashboard asset references to new hashed JS/CSS outputs.
apps/api/src/five08/backend/static/dashboard/.vite/manifest.json Updates Vite manifest to point at new hashed build outputs.
apps/api/src/five08/backend/static/dashboard/assets/index-O0VUJuOk.css Adds newly built Tailwind CSS output (v4.3.1).
apps/api/src/five08/backend/static/dashboard/assets/index-DOvcAaPR.css Removes old Tailwind CSS output (v4.3.0).
Files not reviewed (1)
  • apps/api/src/five08/backend/static/dashboard/assets/index-O0VUJuOk.css: Generated file

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@michaelmwu michaelmwu added this pull request to the merge queue Jul 2, 2026
Merged via the queue into main with commit 6bbaad1 Jul 2, 2026
11 of 12 checks passed
@michaelmwu michaelmwu deleted the codex/consolidate-dependabot-updates branch July 2, 2026 14:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants