Conversation
Add UI auto-mute with click SFX and expand audio integrity tests
Bumps [firebelley/godot-export](https://github.com/firebelley/godot-export) from 7.0.0 to 8.0.0. - [Release notes](https://github.com/firebelley/godot-export/releases) - [Commits](firebelley/godot-export@9305776...615a6f7) --- updated-dependencies: - dependency-name: firebelley/godot-export dependency-version: 8.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Merge from master
…lley/godot-export-8.0.0 Bump firebelley/godot-export from 7.0.0 to 8.0.0
Update Godot export action pin and configure Codecov token
Add two milestone documentation files for milestone 19: - PART_3: Update Godot export action pin and configure Codecov token — documents CI changes to bump the pinned firebelley/godot-export action across workflows and configure CODECOV_TOKEN for authenticated coverage uploads (`files/docs/milestones/19/PART_3_Update_Godot_export_action_pin_and_configure_Codecov_token.md`). - PART_4: Gameplay settings audio interaction & asset tracking architecture — records focus-gated audio design, interaction pipelines (audible vs silent), explicit runtime dependency mapping for slider.wav, and asset-pruning safeguards to prevent accidental removal (`files/docs/milestones/19/PART_4_gameplay_settings_audio_interaction_and_asset_tracking.md`). These docs capture CI maintenance rationale and detailed runtime/asset protection guidance for future contributors.
…ction_and_asset_tracking.md Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com>
…ction_and_asset_tracking.md Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com>
…_and_configure_Codecov_token.md Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com>
…tps://github.com/ikostan/SkyLockAssault into audio-feedback-for-difficulty-slider-interaction
Make audio-focused GUT tests robust for headless/CI runs by adding a defensive AudioManager fallback and clarifying test intent. Changes include: add copyright/header and doc comments to test file; introduce _audio_manager variable and resolve calls to use it instead of the global Autoload; defensively locate or instantiate DummyAudioManager to avoid null references; update helper routines (_clear_pool_players, _is_sound_playing) to use the fallback; fix JS interaction call signature; add DummyAudioManager stub class; and small formatting tweaks to the milestone doc. These changes reduce null-pointer failures and make tests deterministic in environments without the AudioManager Autoload.
Add public helpers to audio_manager: is_any_sfx_playing(), get_active_sfx_playback_count(), and stop_all_sfx() to encapsulate pool queries and teardown (stop + clear stream). Update tests to use the public API instead of reaching into _sfx_pool: _clear_pool_players now calls stop_all_sfx(), _is_sound_playing() uses is_any_sfx_playing(), and playback-count assertions use get_active_sfx_playback_count(). Also update DummyAudioManager to provide matching stubs for the new interfaces. This reduces test coupling to internal implementation and centralizes SFX pool behavior.
…_and_configure_Codecov_token.md Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com>
…ction_and_asset_tracking.md Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com>
…ction_and_asset_tracking.md Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com>
…tps://github.com/ikostan/SkyLockAssault into audio-feedback-for-difficulty-slider-interaction
…ider-interaction Audio feedback for difficulty slider interaction
We want to fully adopt the all-contributors specification to visibly recognize all types of contributions — including code, audio assets, documentation, infrastructure, reviews, and automated bots/AI tools.
…he-project Properly Configure all-contributors for the Project
Update the CHECKSUM_URL in .github/workflows/deploy_to_itch.yml to point to the release asset SHA256SUMS.txt instead of the non-existing Godot_v4.6.3-stable_SHA256SUMS.txt. This fixes checksum download failures by matching the actual filename in the Godot release assets.
Add GODOT_VERSION env var and replace hardcoded 4.6.3-stable strings with references to ${{ env.GODOT_VERSION }}. Update release URLs, downloaded filenames, checksum URL, and the godot-export action inputs to use the env variable so the Godot version can be changed in one place.
…ith-404-on-godot-checksum-download Cicd deployment workflow fails with 404 on godot checksum download
Update the 'Download and Verify Godot Binaries' step to derive a TUX_VERSION and download checksum manifests from the TuxFamily mirror instead of GitHub. If SHA256SUMS.txt is missing, fall back to SHA512-SUMS.txt and verify using sha512sum; otherwise verify with sha256sum. Keep downloading Godot executable and export templates from GitHub and preserve the local HTTP server start/wait logic with improved logging and error handling.
Introduce .github/scripts/verify_godot.sh to download Godot release assets, validate URLs, fetch checksum manifests (SHA-256 with SHA-512 fallback) from the TuxFamily mirror, and verify artifact integrity. Update deploy_to_itch.yml to accept a godot_version input, call the new verification script, start a local HTTP server, and pass the input-based asset URLs to the export action (replacing duplicated download/verify logic). Set a default godot_version for browser test workflow calls in lint_test_deploy.yml and lint_test_on_pull.yml. Add a godot_version input and a test step that runs the verifier in test_ci_scripts.yml. These changes centralize verification, remove duplicated logic, and make the pipelines configurable and more maintainable.
The verify_godot.sh script always reuses the godot_binaries directory without cleanup; consider removing or cleaning this directory at the start of the script to avoid stale artifacts affecting subsequent runs.
Using the --ignore-missing flag creates a dangerous false-positive vulnerability. Here is why: sha256sum --check --ignore-missing tells the OS: "Only verify files that you can actually find listed inside this manifest file; if a file isn't listed, just skip it without failing." If the mirror infrastructure ever serves an empty, corrupted, or truncated SHA256SUMS.txt file that completely lacks entries for your specific version, the check will find zero matches, report zero failures, and pass with a successful exit code 0. Your workflow would then blindly run unverified binaries. The Fix: CodeRabbit's strategy is excellent. We should explicitly extract only our target filenames from the official manifest using grep, count the extracted entries to ensure both binaries are strictly present, and then run a standard, strict sha256sum --check with no bypass flags allowed.
Refactor verify_godot.sh to make manifest retrieval and checksum validation more robust. Binaries are fetched from GitHub and the script now attempts to download SHA256SUMS first, falling back to SHA512 and a SourceForge mirror if needed; it isolates only the target entries into a local manifest and enforces that both assets are present. Added clearer status messages, manifest/download flags, and stricter fatal errors when manifests or signatures are missing.
suggestion: Avoid redundant godot_version defaults and potential version source-of-truth drift godot_version is both required: true and has a default, which is redundant in GitHub Actions and may confuse callers. In addition, verify_godot.sh defines its own default (4.6.3-stable). To avoid version drift, either remove the workflow default and require an explicit input, or remove the script’s internal default and always pass the version from the workflow, so there’s a single source of truth.
…ls-with-404-on-godot-checksum-download Bug cicd deployment workflow fails with 404 on godot checksum download
Set godot_version to "4.6.3-stable" for the deploy_to_itch step in .github/workflows/lint_test_deploy.yml so the itch deployment uses the specified Godot runtime (ensures consistent build/runtime environment).
…t-godot_version-is-required-but-not-provided Add Godot version to itch deploy
|
You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool. What Enabling Code Scanning Means:
For more information about GitHub Code Scanning, check out the documentation. |
1 similar comment
|
You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool. What Enabling Code Scanning Means:
For more information about GitHub Code Scanning, check out the documentation. |
Reviewer's GuideUpgrades the project from Godot 4.5 to 4.6.3 and hardens the audio/UI/test infrastructure: refactors AudioManager SFX pooling and adds test-only helpers, gates gameplay difficulty/audio menu sounds behind focus/interaction checks, introduces new GUT suites for audio-related UIs, works around encrypted ConfigFile engine bugs, and centralizes Godot binary download + checksum verification across Docker and GitHub Actions workflows. Sequence diagram for focus-gated gameplay difficulty slider audiosequenceDiagram
actor User
participant DifficultyHSlider
participant GameplaySettingsMenu
participant AudioManager
rect rgb(230,230,230)
User->>DifficultyHSlider: drag/change value
DifficultyHSlider->>GameplaySettingsMenu: _on_difficulty_value_changed(value)
GameplaySettingsMenu->>GameplaySettingsMenu: compute slider_has_focus = difficulty_slider.has_focus()
GameplaySettingsMenu->>GameplaySettingsMenu: should_play_audio = slider_has_focus
alt [should_play_audio]
GameplaySettingsMenu->>GameplaySettingsMenu: _play_slider_sfx()
GameplaySettingsMenu->>AudioManager: play_sfx("slider")
else [not should_play_audio]
GameplaySettingsMenu-->>AudioManager: (no call)
end
end
rect rgb(230,245,255)
User->>GameplaySettingsMenu: click gameplay_reset_button
GameplaySettingsMenu->>GameplaySettingsMenu: _on_gameplay_reset_button_pressed()
GameplaySettingsMenu->>GameplaySettingsMenu: _on_difficulty_value_changed(_default_difficulty, true)
GameplaySettingsMenu->>GameplaySettingsMenu: should_play_audio = true
GameplaySettingsMenu->>GameplaySettingsMenu: _play_slider_sfx()
GameplaySettingsMenu->>AudioManager: play_sfx("slider")
end
rect rgb(240,230,255)
User->>GameplaySettingsMenu: JS bridge event
GameplaySettingsMenu->>GameplaySettingsMenu: _on_change_difficulty_js(args)
GameplaySettingsMenu->>GameplaySettingsMenu: validate value
GameplaySettingsMenu->>GameplaySettingsMenu: _on_difficulty_value_changed(value, true)
GameplaySettingsMenu->>GameplaySettingsMenu: should_play_audio = true
GameplaySettingsMenu->>GameplaySettingsMenu: _play_slider_sfx()
GameplaySettingsMenu->>AudioManager: play_sfx("slider")
end
rect rgb(255,240,230)
User->>GameplaySettingsMenu: open menu / programmatic sync
GameplaySettingsMenu->>GameplaySettingsMenu: _on_difficulty_value_changed(value)
GameplaySettingsMenu->>GameplaySettingsMenu: slider_has_focus = false
GameplaySettingsMenu->>GameplaySettingsMenu: should_play_audio = false
GameplaySettingsMenu-->>AudioManager: (no play_sfx call)
end
File-Level Changes
Tips and commandsInteracting with Sourcery
Customizing Your ExperienceAccess your dashboard to:
Getting Help
|
|
Important Review skippedAuto reviews are disabled on base/target branches other than the default branch. Please check the settings in the CodeRabbit UI or the ⚙️ Run configurationConfiguration used: Repository UI Review profile: CHILL Plan: Pro Run ID: You can disable this status message by setting the Use the checkbox below for a quick retry:
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
|
|
Overall Grade |
Security Reliability Complexity Hygiene |
Code Review Summary
| Analyzer | Status | Updated (UTC) | Details |
|---|---|---|---|
| Python | Jun 18, 2026 7:16p.m. | Review ↗ | |
| JavaScript | Jun 18, 2026 7:16p.m. | Review ↗ |
Important
AI Review is run only on demand for your team. We're only showing results of static analysis review right now. To trigger AI Review, comment @deepsourcebot review on this thread.
There was a problem hiding this comment.
Hey - I've found 1 issue
Prompt for AI Agents
Please address the comments from this code review:
## Individual Comments
### Comment 1
<location path="files/docs/milestones/19/PART_4_gameplay_settings_audio_interaction_and_asset_tracking.md" line_range="156" />
<code_context>
+By adding
</code_context>
<issue_to_address>
**nitpick (typo):** Improve grammar by adding an article before "parameter".
Consider changing the phrase to "By adding an `is_interactive: bool = false` parameter" for more natural grammar.
</issue_to_address>Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.
name: Default Pull Request Template
about: Suggesting changes to SkyLockAssault
title: ''
labels: ''
assignees: ''
Description
What does this PR do? (e.g., "Fixes player jump physics in level 2" or "Adds
new enemy AI script")
Related Issue
Closes #ISSUE_NUMBER (if applicable)
Changes
system")
Testing
works on Win10 with 60 FPS")
Checklist
Additional Notes
Anything else? (e.g., "Tested on Win10 64-bit; needs Linux validation")
Summary by Sourcery
Upgrade the project to Godot 4.6.3 while hardening audio interaction logic, expanding automated UI/audio tests, and enhancing CI/CD asset verification and tooling.
New Features:
Bug Fixes:
Enhancements:
Build:
CI:
Documentation:
Tests: