build(deps): Bump annotations 1.3.1 → 1.4.0, asserts 1.5.0 → 1.6.1 and 2 more packages

[Stivo182]

• annotations: 1.3.1 → 1.4.0
  (repo · hub)
• asserts: 1.5.0 → 1.6.1
  (repo · hub)
• lambdas: 0.3.2 → 0.3.3
  (repo · hub)
• xml-parser: 0.1.1 → 0.2.0
  (repo · hub)

[coderabbitai]

Walkthrough

Updated four dependency declarations in packagedef: annotations 1.3.1 → 1.4.0, asserts 1.5.0 → 1.6.1, lambdas 0.3.2 → 0.3.3, and xml-parser 0.1.1 → 0.2.0; no other files or logic changed.

Changes

Cohort / File(s)	Change Summary
Dependency Version Updates packagedef	Updated dependency declarations: ЗависитОт("annotations", "1.3.1") → ЗависитОт("annotations", "1.4.0"), ЗависитОт("asserts", "1.5.0") → ЗависитОт("asserts", "1.6.1"), ЗависитОт("lambdas", "0.3.2") → ЗависитОт("lambdas", "0.3.3"), ЗависитОт("xml-parser", "0.1.1") → ЗависитОт("xml-parser", "0.2.0")

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

• Inspect packagedef to confirm only version strings changed.
• Optionally check release notes/compatibility for asserts 1.6.1 and xml-parser 0.2.0.

Poem

🐰 I chewed the package list with care,
Four tiny hops to versions new and fair.
Annotations, asserts, lambdas, XML too,
A rabbit’s patch—swift, neat, and true. 🥕✨

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change in the PR: bumping four package dependencies with specific version transitions.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch depos/bump-deps/latest

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 2346626 and 496c971.

📒 Files selected for processing (1)

• packagedef (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• packagedef

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (13)

• GitHub Check: sonar / test
• GitHub Check: test (stable) / build (ubuntu-latest, stable, 1testrunner)
• GitHub Check: test (stable) / build (macos-latest, stable, 1testrunner)
• GitHub Check: test (stable) / build (windows-latest, stable, 1testrunner)
• GitHub Check: test (dev) / build (windows-latest, dev, 1testrunner)
• GitHub Check: test (dev) / build (ubuntu-latest, dev, 1testrunner)
• GitHub Check: test (dev) / build (macos-latest, dev, 1testrunner)
• GitHub Check: test (stable) / build (windows-latest, stable, 1testrunner)
• GitHub Check: sonar / test
• GitHub Check: test (dev) / build (windows-latest, dev, 1testrunner)
• GitHub Check: test (stable) / build (macos-latest, stable, 1testrunner)
• GitHub Check: test (stable) / build (ubuntu-latest, stable, 1testrunner)
• GitHub Check: test (dev) / build (ubuntu-latest, dev, 1testrunner)

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 1936a0f and 2346626.

📒 Files selected for processing (1)

• packagedef (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (14)

• GitHub Check: test (stable) / build (ubuntu-latest, stable)
• GitHub Check: test (dev) / build (windows-latest, dev)
• GitHub Check: test (dev) / build (macos-latest, dev)
• GitHub Check: test (stable) / build (macos-latest, stable)
• GitHub Check: test (dev) / build (ubuntu-latest, dev)
• GitHub Check: test (stable) / build (windows-latest, stable)
• GitHub Check: sonar / test
• GitHub Check: test (stable) / build (macos-latest, stable)
• GitHub Check: sonar / test
• GitHub Check: test (stable) / build (ubuntu-latest, stable)
• GitHub Check: test (dev) / build (windows-latest, dev)
• GitHub Check: test (dev) / build (ubuntu-latest, dev)
• GitHub Check: test (stable) / build (windows-latest, stable)
• GitHub Check: test (dev) / build (macos-latest, dev)

🔇 Additional comments (1)

packagedef (1)

22-22: Verify all three dependency versions exist on hub.oscript.io before merging.

Unable to confirm via GitHub API or web search whether versions 1.4.0 (annotations), 1.6.0 (asserts), and 0.3.3 (lambdas) exist or have security issues. Please manually verify these versions are available on the package hub and check for any known security vulnerabilities before merging.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

PR description doesn't mention this dependency update.

The PR title and description only mention updates to annotations and lambdas, but this change also updates asserts from 1.5.0 to 1.6.0. Please update the PR description to include this change for completeness.

Additionally, verify that version 1.6.0 of the asserts package exists:

---

🏁 Script executed:

#!/bin/bash
# Description: Verify asserts version 1.6.0 exists

# Check oscript-library for asserts package
echo "Checking for asserts package version 1.6.0..."
gh api repos/oscript-library/asserts/releases --jq '.[] | select(.tag_name | contains("1.6")) | {tag_name, published_at, body}'

# Alternative: Check tags
gh api repos/oscript-library/asserts/tags --jq '.[] | select(.name | contains("1.6")) | .name'

Length of output: 487

---

Update PR description to include the asserts dependency update.

The PR title and description currently mention only annotations (1.3.1 → 1.4.0) and lambdas (0.3.2 → 0.3.3), but the code also updates asserts from 1.5.0 to 1.6.0. Version 1.6.0 exists and was published on 2025-11-20. Please update the PR description to reflect all dependency changes for completeness.

🤖 Prompt for AI Agents

In packagedef around line 23, the PR description/title omits the asserts
dependency change shown here (.ЗависитОт("asserts", "1.6.0")); update the PR
title and description to list all dependency bumps including asserts 1.5.0 →
1.6.0 in addition to annotations and lambdas, and include the new version and
its publish date (2025-11-20) for completeness.

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

Verify the lambdas 0.3.3 version exists and check for security advisories.

Please verify that version 0.3.3 of the lambdas package exists and has no known vulnerabilities.

---

🏁 Script executed:

#!/bin/bash
# Description: Verify lambdas version 0.3.3 exists

# Check oscript-library for lambdas package
echo "Checking for lambdas package version 0.3.3..."
gh api repos/oscript-library/lambdas/releases --jq '.[] | select(.tag_name | contains("0.3.3")) | {tag_name, published_at, body}'

# Alternative: Check tags
gh api repos/oscript-library/lambdas/tags --jq '.[] | select(.name | contains("0.3.3")) | .name'

Length of output: 45

---

---

🏁 Script executed:

```shell
#!/bin/bash
# Try to list all repos in oscript-library to find lambdas
gh repo list oscript-library --limit 200 | grep -i lambda

Length of output: 117

---

---

🏁 Script executed:

```shell
#!/bin/bash
# Get all releases and tags for lambdas repository
echo "=== Releases ===" 
gh api repos/oscript-library/lambdas/releases --paginate --jq '.[] | {tag_name, published_at, draft, prerelease}'

echo ""
echo "=== Tags ===" 
gh api repos/oscript-library/lambdas/tags --paginate --jq '.[] | .name'

Length of output: 37

---

lambdas version 0.3.3 does not exist in the repository.

The oscript-library/lambdas repository only contains a single tag: v0.1.0. The version 0.3.3 referenced in the dependency update does not exist, making this an invalid version specification.

🤖 Prompt for AI Agents

In packagedef around line 28, the dependency entry .ЗависитОт("lambdas",
"0.3.3") references a non‑existent version; replace "0.3.3" with the actual
available tag (e.g., "v0.1.0") or the correct version string from the
oscript-library/lambdas repo, or remove the dependency if it’s not needed, then
run the dependency validation to ensure the new version exists.