Skip to content

⬆️ actions(deps): bump actions/upload-pages-artifact from 3 to 4#4

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/github_actions/actions/upload-pages-artifact-4
Open

⬆️ actions(deps): bump actions/upload-pages-artifact from 3 to 4#4
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/github_actions/actions/upload-pages-artifact-4

Conversation

@dependabot
Copy link
Copy Markdown

@dependabot dependabot bot commented on behalf of github Sep 15, 2025
edited
Loading

Bumps actions/upload-pages-artifact from 3 to 4.

Release notes

Sourced from actions/upload-pages-artifact's releases.

v4.0.0

What's Changed

Full Changelog: actions/upload-pages-artifact@v3.0.1...v4.0.0

v3.0.1

Changelog

See details of all code changes since previous release.

Commits
  • 7b1f4a7 Merge pull request #127 from heavymachinery/pin-sha
  • 4cc19c7 Pin actions/upload-artifact to SHA
  • 2d163be Merge pull request #107 from KittyChiu/main
  • c704843 fix: linted README
  • 9605915 Merge pull request #106 from KittyChiu/kittychiu/update-readme-1
  • e59cdfe Update README.md
  • a2d6704 doc: updated usage section in readme
  • 984864e Merge pull request #105 from actions/Jcambass-patch-1
  • 45dc788 Add workflow file for publishing releases to immutable action package
  • efaad07 Merge pull request #102 from actions/hidden-files
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot
⬆️ actions(deps): bump actions/upload-pages-artifact from 3 to 4
d264191 
Bumps [actions/upload-pages-artifact](https://github.com/actions/upload-pages-artifact) from 3 to 4.
- [Release notes](https://github.com/actions/upload-pages-artifact/releases)
- [Commits](actions/upload-pages-artifact@v3...v4)

---
updated-dependencies:
- dependency-name: actions/upload-pages-artifact
  dependency-version: '4'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github
Copy link
Copy Markdown
Author

dependabot bot commented on behalf of github Sep 15, 2025

Assignees

The following users could not be added as assignees: reasoning-library/maintainers. Either the username does not exist or it does not have the correct permissions to be added as an assignee.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Sep 15, 2025
democratize-technology-code-reviewer
democratize-technology-code-reviewer requested changes Sep 16, 2025
View reviewed changes
Copy link
Copy Markdown

@democratize-technology-code-reviewer democratize-technology-code-reviewer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Review: actions/upload-pages-artifact v3 → v4

Summary

Dependabot update for actions/upload-pages-artifact from v3 to v4. Only affects the documentation deployment workflow.

Key Changes in v4:

  • ⚠️ Potentially Breaking: Hidden files (dotfiles) are NO LONGER included in artifacts by default
  • Pin actions/upload-artifact to SHA for security

Current Usage Analysis:

uses: actions/upload-pages-artifact@v4
with:
  path: docs/

Impact Assessment:

The workflow uploads from docs/ directory. Need to verify if there are any dotfiles in the documentation that need to be deployed (e.g., .nojekyll, .gitkeep, etc.).

Common Dotfiles in Documentation:

  • .nojekyll - Prevents Jekyll processing on GitHub Pages
  • .buildinfo - Sphinx build information
  • .doctrees - Sphinx doctree cache

Risk Assessment: MEDIUM ⚠️

If your documentation includes dotfiles that need to be deployed (like .nojekyll for Sphinx docs), this update will break the deployment.

Verdict: REQUEST CHANGES

Action Required:

Please verify if the docs/ directory contains any dotfiles that need to be deployed:

find docs/ -name ".*" -type f

If dotfiles exist and are needed:

  1. Option A: Stay on v3 until you can restructure
  2. Option B: Create your own artifact following the requirements
  3. Option C: Use a build step to rename necessary dotfiles before upload

Most likely: If using Sphinx or similar tools, you probably have .nojekyll or .buildinfo files that WILL break with this update.

Please confirm whether dotfiles are present in your docs before merging.

.github/workflows/docs.yml

- name: Upload to GitHub Pages
uses: actions/upload-pages-artifact@v3
uses: actions/upload-pages-artifact@v4
Copy link
Copy Markdown

@democratize-technology-code-reviewer democratize-technology-code-reviewer Sep 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Critical Change: Version 4 no longer includes hidden files (dotfiles) in the artifact.

Before merging, please check if your docs/ directory contains essential dotfiles:

find docs/ -name ".*" -type f

Common documentation dotfiles that would break:

  • .nojekyll (prevents Jekyll processing)
  • .buildinfo (Sphinx metadata)
  • .doctrees (Sphinx cache)

If you have critical dotfiles, this update will break your documentation deployment!

democratize-technology-code-developer pushed a commit that referenced this pull request Nov 12, 2025
@claude
feat: Extract and document magic numbers into comprehensive constants…
e5f9bee 
… module

Implement Task #4: Extract and document magic numbers to improve code maintainability
and eliminate hardcoded values throughout the codebase.

## Changes Made

### New Constants Module
- Created comprehensive `src/reasoning_library/constants.py` with 200+ well-documented constants
- Organized constants by functional area:
  - Security and performance thresholds
  - Confidence calculation parameters
  - Pattern detection tolerances
  - Text processing limits
  - Statistical calculation factors
  - Cache and registry management
  - Hypothesis generation parameters

### Module Updates
- Updated `inductive.py` to use 50+ new constants (sequence limits, confidence values, tolerances)
- Updated `abductive.py` to use 30+ new constants (input validation, confidence calculations, text limits)
- Updated `core.py` to use 20+ new constants (security limits, cache management, text processing)
- Updated `chain_of_thought.py` to use 4 new constants (conversation limits, confidence defaults)

### Key Benefits
- **Documentation**: Every magic number now has clear documentation explaining its purpose and rationale
- **Maintainability**: Values can be adjusted in one location without searching the codebase
- **Consistency**: Related constants use consistent naming and organization
- **Security**: Security thresholds are clearly documented and centrally managed
- **Performance**: Performance tuning parameters are easily accessible for optimization

### Backward Compatibility
- All existing functionality preserved with identical constant values
- No breaking changes to public APIs
- Existing code continues to work without modification
- Test suite validates backward compatibility

### Testing
- Created comprehensive test suite with 27 test methods covering all constant categories
- Tests verify constant types, ranges, relationships, and expected values
- Validates documentation quality and backward compatibility

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@democratize-technology-code-reviewer democratize-technology-code-reviewer democratize-technology-code-reviewer requested changes

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@democratize-technology-code-reviewer