✨ add bump-nuget script for simplified package version updates#9
✨ add bump-nuget script for simplified package version updates#9gimlichael merged 1 commit intomainfrom
Conversation
|
Warning Rate limit exceeded
⌛ How to resolve this issue?After the wait time has elapsed, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout. Please see our FAQ for further information. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Pull request overview
Adds a GitHub utility script to automate “service update” dependency bumps by updating centrally-managed NuGet versions in Directory.Packages.props based on a triggering repo + version.
Changes:
- Introduces
.github/scripts/bump-nuget.pyto bump only packages associated with the triggering source repository. - Implements a prefix-based package allowlist (
SOURCE_PACKAGE_MAP) and updates matching<PackageVersion ... Version="...">entries via regex.
| changes = [] | ||
| skipped_third_party = [] | ||
|
|
There was a problem hiding this comment.
skipped_third_party is a misleading name: the list contains all non-trigger packages, including other first-party Codebelt packages (eg, Codebelt.Bootstrapper.Console) when TRIGGER_SOURCE is cuemon. Consider renaming it to something like skipped_non_trigger (or splitting first-party vs third-party) so the log output matches reality.
| with open("Directory.Packages.props", "w") as f: | ||
| f.write(new_content) | ||
|
|
||
| return 0 if changes else 0 # Return 0 even if no changes (not an error) |
There was a problem hiding this comment.
return 0 if changes else 0 is equivalent to return 0 and makes the control flow harder to read. Consider simplifying it to a plain return 0 (and, if needed later, return non-zero for true error conditions only).
| return 0 if changes else 0 # Return 0 even if no changes (not an error) | |
| return 0 # Return 0 even if no changes (not an error) |
| if skipped_third_party: | ||
| print() | ||
| print(f"Skipped {len(skipped_third_party)} third-party package(s):") | ||
| print("\n".join(skipped_third_party[:5])) # Show first 5 |
There was a problem hiding this comment.
The message "Skipped ... third-party package(s)" is inaccurate because the skip list includes any package that isn't from the triggering source, not only third-party packages. Consider adjusting the wording (or separately counting true third-party vs other first-party) to prevent confusing workflow logs.
| if not TRIGGER_SOURCE: | ||
| return False | ||
| prefixes = SOURCE_PACKAGE_MAP.get(TRIGGER_SOURCE, []) | ||
| return any(package_name.startswith(prefix) for prefix in prefixes) |
There was a problem hiding this comment.
If TRIGGER_SOURCE is unknown (not in SOURCE_PACKAGE_MAP) or maps to an empty prefix list, prefixes becomes empty and is_triggered_package will always return false. That makes the script silently skip every PackageVersion and still exit 0; consider normalizing TRIGGER_SOURCE and emitting a clear warning or failing fast when the source is unrecognized to avoid “successful” service updates that didn't bump anything.
1 participant
No description provided.