Source hash #11
Source hash #11
Conversation
WalkthroughUpdates across templates, CI, tooling, and config: version bumps for many tools/actions/hooks, new copier and template config keys (python_version, async/vcrpy toggles), dependency spec format changes, stricter shell error handling, updated exclusion patterns, added ty configuration, and minor test-data whitespace edits. Changes
Estimated code review effort🎯 4 (Complex) | ⏱️ ~45 minutes
Possibly related PRs
Pre-merge checks❌ Failed checks (1 warning, 1 inconclusive)
✅ Passed checks (1 passed)
📜 Recent review detailsConfiguration used: Path: .coderabbit.yaml Review profile: ASSERTIVE Plan: Pro 📒 Files selected for processing (1)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (4)
🔇 Additional comments (3)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 6
♻️ Duplicate comments (3)
template/.github/actions/install_deps/action.yml (1)
61-61: Verify the GitHub Actions versions exist and check for security advisories.Ensure that the following action versions are valid, secure, and free from vulnerabilities:
actions/[email protected]actions/[email protected]aws-actions/[email protected]Note: This is identical to the change in
.github/actions/install_deps/action.yml. The verification script from that file's review can be used to verify these versions as well.Also applies to: 67-67, 78-78
.github/actions/update-devcontainer-hash/action.yml (1)
30-30: Verify the GitHub Actions version exists and check for security advisories.Ensure that
actions/[email protected]is a valid, secure version with no known vulnerabilities.Note: This is the same version bump as in
template/.github/workflows/get-values.yaml. The verification script from that file's review can be used to verify this version as well.template/.github/workflows/pulumi-aws.yml (1)
111-111: Verify the GitHub Actions version exists and check for security advisories.Ensure that
actions/[email protected]is a valid, secure version with no known vulnerabilities.Note: This is the same version bump as in
template/.github/workflows/get-values.yamland.github/actions/update-devcontainer-hash/action.yml. The verification script from those files' reviews can be used to verify this version as well.
📜 Review details
Configuration used: Path: .coderabbit.yaml
Review profile: ASSERTIVE
Plan: Pro
⛔ Files ignored due to path filters (1)
uv.lockis excluded by!**/*.lock
📒 Files selected for processing (34)
.copier-answers.yml(2 hunks).devcontainer/devcontainer.json(2 hunks).devcontainer/install-ci-tooling.py(2 hunks).devcontainer/windows-host-helper.sh(1 hunks).github/actions/install_deps/action.yml(2 hunks).github/actions/update-devcontainer-hash/action.yml(1 hunks).github/reusable_workflows/build-docker-image.yaml(1 hunks).github/workflows/ci.yaml(7 hunks).github/workflows/get-values.yaml(1 hunks).github/workflows/pre-commit.yaml(3 hunks).github/workflows/tag-on-merge.yaml(1 hunks).pre-commit-config.yaml(6 hunks)copier.yml(1 hunks)extensions/context.py(4 hunks)pyproject.toml(1 hunks)pyrightconfig.json(1 hunks)template/.devcontainer/devcontainer.json.jinja(1 hunks)template/.devcontainer/install-ci-tooling.py.jinja(1 hunks)template/.devcontainer/windows-host-helper.sh(1 hunks)template/.github/actions/install_deps/action.yml(2 hunks)template/.github/actions/pulumi_ephemeral_deploy/action.yml(1 hunks)template/.github/actions/update-devcontainer-hash/action.yml(1 hunks)template/.github/workflows/get-values.yaml(1 hunks)template/.github/workflows/pre-commit.yaml(3 hunks)template/.github/workflows/pulumi-aws.yml(1 hunks)template/.pre-commit-config.yaml(7 hunks)template/infrastructure/pyproject.toml.jinja(1 hunks)template/infrastructure/src/infrastructure/program.py(1 hunks)template/pyrightconfig.json(1 hunks)template/ty.toml(1 hunks)template/{% if has_backend %}graphql_lambda{% endif %}/pyproject.toml.jinja(1 hunks)tests/copier_data/data1.yaml(1 hunks)tests/copier_data/data2.yaml(1 hunks)ty.toml(1 hunks)
🧰 Additional context used
🪛 actionlint (1.7.9)
.github/workflows/pre-commit.yaml
72-72: shellcheck reported issue in this script: SC2086:info:6:8: Double quote to prevent globbing and word splitting
(shellcheck)
🪛 YAMLlint (1.37.1)
tests/copier_data/data1.yaml
[error] 11-11: too many blank lines (4 > 2)
(empty-lines)
tests/copier_data/data2.yaml
[error] 11-11: too many blank lines (4 > 2)
(empty-lines)
copier.yml
[error] 37-37: too many blank lines (4 > 2)
(empty-lines)
🔇 Additional comments (45)
.devcontainer/windows-host-helper.sh (1)
10-10: LGTM! Enhanced error handling.The addition of
-u(nounset) and-o pipefailflags strengthens the script's error handling by catching unset variable references and propagating failures within pipelines..devcontainer/devcontainer.json (2)
61-61: LGTM! Automated hash update.The hash update is managed by the pre-commit hook as indicated in the comment, ensuring consistency.
19-19: Verify the CodeRabbit VSCode extension version 0.16.1 availability.The CodeRabbit VSCode extension exists and is publicly available on the Visual Studio Code marketplace. However, specific version information cannot be confirmed through standard sources. Before committing, verify this version is available by checking the extension's version history on the marketplace or using the VSCode extension installation UI.
template/.devcontainer/windows-host-helper.sh (1)
10-10: LGTM! Enhanced error handling.The addition of
-u(nounset) and-o pipefailflags strengthens the script's error handling, matching the improvement made to the non-template version.template/.devcontainer/devcontainer.json.jinja (1)
31-31: LGTM! Template version updated to match.The CodeRabbit VSCode extension version has been updated in the template to match the non-template version, ensuring consistency. The version verification performed for
.devcontainer/devcontainer.jsonapplies here as well.extensions/context.py (5)
13-14: LGTM: Build tool versions updated.The uv and pnpm version updates are straightforward and maintain exact version specifications for build reproducibility.
51-83: Correct npm package version in GraphQL tools mock.The review references
graphql_tools_mock_versionas 9.1.0, but the latest available version is 9.0.25. Update the context to use the correct version. Node.js 24.11.1, Playwright 1.57.0, and @types/node 25.0.0 are all valid releases.
85-110: Container image and GitHub Actions versions are available and stable.The specified versions exist in their respective registries: actions/checkout v6.0.1, Alpine 3.23, and Nginx 1.29.4 are all confirmed as stable, non-prerelease versions. No breaking changes have been reported for these recent releases that would affect existing workflows.
47-49: Verify whether these testing dependencies are intended for generated projects or should be removed.Three testing-related packages have been added with version constraints, but they are not currently used in the codebase. Since this file is a copier template extension, these version definitions may be intended for projects generated from this template rather than for the template itself.
Please clarify:
- Are these packages meant to be included in generated projects' dependency specifications?
- If so, confirm they are referenced in template files used during project generation.
- If not, consider removing them to avoid maintaining unused version constraints.
1-121: This file contains only version updates unrelated to the stated PR objective.The PR description mentions "improve hashing of app webpage files to reduce false-positive diffs," but
extensions/context.pyonly defines dependency versions for the copier template. While the file is correctly structured as a ContextHook, the actual hashing improvements referenced in the PR exist intemplate/infrastructure/src/infrastructure/program.py(not shown in this review).Clarify whether:
- These version updates are prerequisites for the hashing changes in other files
- This PR bundles unrelated upstream template maintenance with the hashing feature
- All necessary hashing-related changes are included across the PR
.copier-answers.yml (1)
2-2: LGTM!The commit version bump to v0.0.91 and the addition of the new template configuration keys (
template_might_want_to_use_python_asyncio,template_might_want_to_use_vcrpy) align with the stated upstream copier template changes.Also applies to: 16-17
copier.yml (1)
38-41: LGTM!The new
python_versionconfiguration entry follows the established pattern, with appropriate type, help text, and a sensible default that matches the value in.copier-answers.yml.template/.github/actions/pulumi_ephemeral_deploy/action.yml (1)
70-74: LGTM!The patch version bump of
aws-actions/configure-aws-credentialsfrom v5.1.0 to v5.1.1 is a low-risk update that aligns with the broader action version hygiene effort in this PR..github/workflows/get-values.yaml (1)
37-40: The upgrade toactions/checkout@v6is safe and requires no workflow changes.The primary change improves credential security by storing credentials in a separate file under $RUNNER_TEMP instead of directly in .git/config. No workflow changes are required — git fetch, git push, etc. continue to work automatically. The usage with
persist-credentials: falseremains compatible. This requires a minimum Actions Runner version of v2.327.1, which GitHub-hosted runners already support.pyrightconfig.json (1)
15-15: LGTM! Improved exclusion patterns.The changes standardize the GraphQL generated code path pattern and add appropriate exclusions for copier template resources. These updates align with the broader configuration hygiene improvements in this PR.
Also applies to: 19-19
template/ty.toml (1)
1-18: LGTM! Well-structured exclusion configuration.The new
ty.tomlconfiguration file properly excludes generated code, caches, virtual environments, and template resources. The exclusion patterns are consistent withpyrightconfig.json, ensuring uniform handling across different tools.template/.github/workflows/get-values.yaml (1)
38-38: actions/[email protected] is valid and secure.This version was released 3 weeks ago and is marked as Latest on GitHub Marketplace. GitHub-owned Actions like this are recommended, and no known security vulnerabilities were found for this specific version or action.
.github/actions/install_deps/action.yml (1)
61-61: All GitHub Actions versions are valid and current.The following action versions are confirmed to exist, are legitimate releases, and are free from known security vulnerabilities:
- actions/[email protected] (Latest)
- actions/[email protected] (Latest)
- aws-actions/[email protected] (released November 24, 2025)
All versions are from official GitHub repositories with verified signatures and contain recent dependency updates. No further action is required.
.github/workflows/tag-on-merge.yaml (1)
17-21: LGTM!Consistent checkout action version bump while preserving all existing options (ref, fetch-depth, persist-credentials).
.github/reusable_workflows/build-docker-image.yaml (2)
69-71: LGTM!Checkout action version bump consistent with other workflow files.
75-78: LGTM!Minor patch version bump for AWS credentials action (v5.1.0 → v5.1.1).
template/pyrightconfig.json (1)
13-17: LGTM!Good updates to exclusion patterns:
- Renamed GraphQL generated path from
graphql_codegentogenerated/graphql(aligns with broader PR changes).- Added
**/venvto complement existing**/.venvexclusion.- Added
**/copier_template_resourcesfor template resource handling.template/.github/workflows/pre-commit.yaml (3)
36-45: LGTM!Consistent checkout action version bumps for both push and non-push event paths.
62-62: LGTM!Cache action version bump (v4.2.4 → v4.3.0).
72-79: Improved error handling for pre-commit failures.The enhanced script now captures the exit code and displays
git diffon failure, which aids debugging by showing what pre-commit hooks modified. The-ntest correctly handles both success (variable unset) and failure (variable set) cases.ty.toml (1)
1-20: LGTM! Well-structured ty.toml configuration.The exclusion patterns are:
- Consistent with
pyrightconfig.jsonexclusions.- Well-documented with comments explaining rationale (especially the template exclusion).
- Appropriately scoped for a copier template repository.
template/.github/actions/update-devcontainer-hash/action.yml (1)
30-34: LGTM! Version bump to actions/[email protected].The update maintains all existing configuration (persist-credentials, fetch-depth, ref input).
template/.devcontainer/install-ci-tooling.py.jinja (1)
79-81: LGTM - Consistent version specification format.The change to include the
==operator in the version constants rather than in the f-string maintains functional equivalence while improving consistency with line 91'sPRE_COMMIT_VERSIONpattern..devcontainer/install-ci-tooling.py (2)
79-81: LGTM - Consistent with template changes.The version specification format matches the template file and maintains functional correctness.
10-13: Verify updated tool versions; note potential issues with pnpm 10.25.0.UV 0.9.18 is the latest release, and copier 9.11.0 was released on November 20, 2025 with proper attestations. However, pnpm 10.25.0 has a reported bug where the lock file generated by v10.25.0 is not valid according to v10.25.0 itself. Consider upgrading to a newer pnpm version if lockfile compatibility issues arise. Additionally, the copier-template-extensions package version should be verified, as the latest confirmed version is 0.3.0.
pyproject.toml (1)
12-18: LGTM - Dependency updates align with tooling changes.The updates include:
- Minor pytest version bump
- Exact version pins for copier tooling (improving reproducibility)
- New
tydependencyThese changes are consistent with the broader tooling updates across the PR.
.github/workflows/pre-commit.yaml (2)
62-62: LGTM - Minor version bump for actions/cache.The update from v4.2.4 to v4.3.0 is a minor version change that should be backward compatible.
72-79: Excellent error handling improvement.The enhanced pre-commit execution now captures the exit code, displays the diff on failure, and properly propagates the error. This will significantly improve debugging when pre-commit checks fail.
.pre-commit-config.yaml (2)
45-45: LGTM - Pre-commit hook version updates.The version bumps for typos, prettier, check-jsonschema, ruff, and pylint hooks are routine maintenance updates.
Also applies to: 111-111, 198-198, 252-252, 282-282
260-260: Pattern change successfully applied across all hooks—old references completely removed.The exclusion pattern has been updated from
.*/graphql_codegen/.*to.*/generated/graphql/.*consistently across all affected hooks (ruff, pylint, pyright) at lines 260, 270, 277, 289, and 305. The old pattern no longer appears anywhere in the codebase. The new directories do not currently exist in the repository—these are likely generated at build time or represent a proactive configuration update for an upcoming restructuring.template/.pre-commit-config.yaml (2)
72-72: LGTM - Pre-commit hook version updates consistent with main config.The version bumps mirror those in the root
.pre-commit-config.yamland represent routine maintenance.Also applies to: 138-138, 225-225, 279-279, 309-309
287-287: Exclusion pattern change consistent with root config.The pattern update from
graphql_codegentogenerated/graphqlmatches the changes in the root configuration file and should be verified together with those changes.Also applies to: 297-297, 304-304, 316-316, 332-332, 349-349
template/{% if has_backend %}graphql_lambda{% endif %}/pyproject.toml.jinja (1)
20-24: Version variables correctly include operators.Verification confirms that
pyright_version,ty_version,pytest_version,pytest_cov_version, andpytest_randomly_versionare all properly defined with version operators inextensions/context.py(e.g.,">=1.1.407",">=0.0.2"). The template correctly concatenates package names with these versioned variables to produce valid dependency specifications.template/infrastructure/pyproject.toml.jinja (1)
13-25: No issues found. Version variables correctly include operators (primarily>=), and boto3-stubs appropriately uses the same version variable as boto3, which aligns with boto3-stubs' design of maintaining version synchronization with boto3. All referenced version variables are properly defined in the context..github/workflows/ci.yaml (3)
128-134: Excellent error handling improvement!The enhanced pre-commit failure handling is a significant improvement. Capturing the exit code, printing diagnostics, and displaying the git diff will make debugging failures much easier while still properly propagating the failure status.
116-116: actions/[email protected] exists and is compatible. The version is valid and safe to use.
58-58: The actions/checkout v6.0.1 version is confirmed and safe to use.v6.0.1 is the latest stable release. The primary breaking change in v6 requires minimum Actions Runner v2.329.0 when using Docker container actions—a requirement that GitHub-hosted runners satisfy. Standard workflows on GitHub-hosted runners will not be affected.
template/infrastructure/src/infrastructure/program.py (3)
45-60: LGTM! Addresses the PR objective effectively.The deterministic hashing by sorting walks and using relative paths (line 52) directly addresses the stated PR objective of reducing false-positive diffs caused by path differences between local development and CI environments. The MD5 usage is appropriate for change detection.
191-197: LGTM! Clever invalidation trigger mechanism.The integration of
_compute_directory_hashinto the CloudFront invalidation command (line 194) ensures the invalidation re-runs whenever file content changes. This is an elegant solution that leverages Pulumi's change detection while respecting the dependency chain (line 196).
82-83: Good addition, but optimization suggestion uses non-existent API.The
source_hashparameter is officially supported forBucketObjectv2and correctly enables content-based change detection. Addingtagsis good practice for resource management.The file I/O efficiency concern is valid: each file is read twice (once implicitly via
FileAsseton line 81, once explicitly viaread_bytes()on line 82). However, the proposed optimization code contains a critical error:pulumi.BytesAsset()does not exist in the Pulumi SDK. OnlyFileAsset,StringAsset, andRemoteAssetare available asset types. The suggested diff usingBytesAssetwill not work.If optimizing file I/O is desired, consider alternative approaches such as computing the hash upfront and passing it directly, or using
StringAssetwith base64-encoded content (if applicable). For now, remove the invalid code suggestion if included in PR feedback.Likely an incorrect or invalid review comment.
| - name: Checkout code during push | ||
| if: ${{ github.event_name == 'push' }} | ||
| uses: actions/checkout@v5.0.0 | ||
| uses: actions/checkout@v6.0.1 |
There was a problem hiding this comment.
Verify the GitHub Actions version bump — ensure runner compatibility for Docker container actions.
The update from actions/[email protected] to v6.0.1 includes a credential handling change that requires a minimum Actions Runner version of v2.329.0 for Docker container action scenarios. For standard workflows, the upgrade is compatible. Confirm your runner version if you use container actions.
🤖 Prompt for AI Agents
.github/workflows/pre-commit.yaml around line 36: the checkout action was bumped
to actions/[email protected] which requires Actions Runner v2.329.0+ for Docker
container action scenarios; verify your CI/self-hosted runner version and if it
is older either upgrade the runner to v2.329.0 or newer, or pin the action to a
v5.x tag (or a compatible v5 SHA) to maintain current compatibility; also audit
this workflow for any Docker container actions and document the chosen approach
in the workflow comments.
|
|
||
|
|
||
|
|
There was a problem hiding this comment.
Fix excessive blank lines flagged by YAMLlint.
There are 4 consecutive blank lines between node_version and python_version sections, exceeding the standard limit of 2.
🔎 Proposed fix
node_version:
type: str
help: What version of NodeJS is used for development?
default: "{{ node_version }}"
-
-
python_version:📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| node_version: | |
| type: str | |
| help: What version of NodeJS is used for development? | |
| default: "{{ node_version }}" | |
| python_version: |
🧰 Tools
🪛 YAMLlint (1.37.1)
[error] 37-37: too many blank lines (4 > 2)
(empty-lines)
🤖 Prompt for AI Agents
In copier.yml around lines 35 to 37 there are four consecutive blank lines
between the node_version and python_version sections which violates YAMLlint's
max-blank-lines rule; edit the file to remove the extra blank lines so there are
no more than two consecutive blank lines (preferably a single blank line)
separating the sections and save the file, then re-run YAMLlint to confirm the
warning is resolved.
| context["pyright_version"] = ">=1.1.407" | ||
| context["pytest_version"] = ">=9.0.2" | ||
| context["pytest_randomly_version"] = ">=4.0.1" | ||
| context["pytest_cov_version"] = ">=7.0.0" | ||
| context["ty_version"] = ">=0.0.2" | ||
| context["copier_version"] = "==9.11.0" | ||
| context["copier_template_extensions_version"] = "==0.3.3" |
There was a problem hiding this comment.
Update ty version requirement to a released, non-yanked version.
Most specified versions exist, but ty version 0.0.2 is unavailable—it was yanked from PyPI on December 16, 2025 due to a missing source distribution. The current available versions are 0.0.3 or 0.0.4 (released December 18-19, 2025). Update the requirement to use one of these available versions to ensure the dependency can be properly installed.
Additionally, clarify the version specification strategy:
- Lines 16-20 use
>=specifiers (allowing newer minor/patch versions) - Lines 21-22 use
==specifiers (pinned versions)
Document whether this inconsistency is intentional or standardize the approach.
🤖 Prompt for AI Agents
In extensions/context.py around lines 16 to 22, the ty_version is set to an
unavailable yanked release (>=0.0.2) and the file mixes >= and == specifiers;
update context["ty_version"] to a released non-yanked version such as ">=0.0.3"
or ">=0.0.4" so installs succeed, and decide on a consistent version strategy
across this block (either change the pinned copier entries to >= or change the
>= entries to ==) and apply that consistency to all entries on lines 16–22.
| context["pulumi_version"] = ">=3.212.0" | ||
| context["pulumi_aws_version"] = ">=7.14.0" | ||
| context["pulumi_aws_native_version"] = ">=1.40.0" | ||
| context["pulumi_command_version"] = ">=1.1.3" | ||
| context["pulumi_github_version"] = ">=6.9.1" | ||
| context["pulumi_okta_version"] = ">=6.2.0" | ||
| context["boto3_version"] = ">=1.42.11" | ||
| context["ephemeral_pulumi_deploy_version"] = ">=0.0.5" | ||
| context["pydantic_version"] = ">=2.12.5" |
There was a problem hiding this comment.
Verify pulumi-aws-native version: 1.40.0 does not exist as a stable release.
The specified version for pulumi-aws-native appears to be invalid. The latest stable version available is 1.38.0; update to an existing version. Additionally, while the >= specifier approach is reasonable, ensure all minimum versions are tested together to verify compatibility, as Pulumi providers can introduce breaking changes between releases.
🤖 Prompt for AI Agents
In extensions/context.py around lines 24 to 32, the pulumi_aws_native version
">=1.40.0" is invalid because 1.40.0 isn't a published stable release; update
the constraint to an existing stable minimum (for example ">=1.38.0") and ensure
the version string uses the same ">=" pattern as the other entries; after
updating, run the project's dependency/tests that exercise Pulumi providers to
confirm the chosen minimum versions are compatible together.
|
|
||
|
|
There was a problem hiding this comment.
Fix excessive blank lines flagged by YAMLlint.
There are 4 consecutive blank lines between ssh_port_number and node_version, exceeding the standard limit of 2. This appears to be unintentional.
🔎 Proposed fix
ssh_port_number: 12345
-
-
node_version: 22.13.0📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| ssh_port_number: 12345 | |
| node_version: 22.13.0 |
🧰 Tools
🪛 YAMLlint (1.37.1)
[error] 11-11: too many blank lines (4 > 2)
(empty-lines)
🤖 Prompt for AI Agents
In tests/copier_data/data1.yaml around lines 10 to 11, there are four
consecutive blank lines between the ssh_port_number and node_version entries
which violates YAMLlint's limit of two blank lines; remove the extra blank lines
so there are no more than two consecutive blank lines (preferably reduce to a
single blank line) and save the file to ensure the YAML stays properly
formatted.
|
|
||
|
|
There was a problem hiding this comment.
Remove excess blank lines to fix YAML lint error.
The file has 4 consecutive blank lines, which exceeds the maximum allowed (2). This will cause the YAML linter to fail.
🔎 Proposed fix
ssh_port_number: 54321
-
-
node_version: 22.14.0📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| ssh_port_number: 54321 | |
| node_version: 22.14.0 |
🧰 Tools
🪛 YAMLlint (1.37.1)
[error] 11-11: too many blank lines (4 > 2)
(empty-lines)
🤖 Prompt for AI Agents
In tests/copier_data/data2.yaml around lines 10 to 11, there are four
consecutive blank lines causing a YAML lint error; remove the excess blank lines
so there are no more than two consecutive blank lines (or collapse them to a
single blank line) to satisfy the linter and keep file formatting consistent.
There was a problem hiding this comment.
Pull request overview
This PR improves the hashing mechanism for app webpage files to reduce false positive diffs between local development and CI environments. The main change adds a source_hash parameter to S3 file uploads, and includes upstream copier template updates for the ty package.
Key Changes:
- Added
source_hashparameter with MD5 hashing for S3 object change detection - Integrated
typackage (version 0.0.4) with new ty.toml configuration files - Updated dependency version constraints from
>=to>=for most packages, with==for copier packages - Updated multiple GitHub Actions and pre-commit hook versions
Reviewed changes
Copilot reviewed 35 out of 36 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
| template/infrastructure/src/infrastructure/program.py | Added source_hash parameter to S3 uploads for better change detection |
| uv.lock | Updated dependency lockfile with new ty package and upload timestamps |
| ty.toml (root and template) | New configuration files for ty package with exclusion patterns |
| pyproject.toml | Reorganized dependencies and updated version constraints |
| extensions/context.py | Updated version specifications for multiple dependencies and tooling |
| .pre-commit-config.yaml | Updated pre-commit hook versions and renamed graphql_codegen to generated/graphql |
| .github/workflows/* | Updated GitHub Actions versions (checkout, setup-python, setup-node, etc.) |
| template/.github/workflows/* | Improved pre-commit error handling with git diff output on failure |
| .devcontainer/* | Updated devcontainer tooling versions and improved shell error handling |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Why is this change necessary?
Try and hash the app webpage files better so there's not so many false positive diffs
How does this change address the issue?
New way of ensuring that path differences between local dev and CI don't cause false positive diffs
What side effects does this change have?
N/A
How is this change tested?
Downstream repo
Other
Also pulled in upstream copier template changes for
tySummary by CodeRabbit
Dependencies & Tooling
Chores
Configuration
✏️ Tip: You can customize this high-level summary in your review settings.