Improve CLI release and org switching#292
Merged
Merged
Conversation
|
Updates to Preview Branch (fix/cli-npm-improvements) ↗︎
Tasks are run on every commit but only new migration files are pushed.
View logs for this Workflow Run ↗︎. |
Contributor
|
Note Reviews pausedIt looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the Use the following commands to manage reviews:
Use the checkboxes below for quick actions:
📝 WalkthroughWalkthroughDetect CLI changes under both Changes
Sequence Diagram(s)sequenceDiagram
participant User as User (stdin)
participant CLI as hover CLI
participant Auth as Auth API
rect rgba(200,230,255,0.5)
User->>CLI: run `hover jobs generate`
CLI->>CLI: fetchIdentity(ctx,cfg,token)
CLI->>Auth: GET /v1/organisations (Bearer token, short timeout)
Auth-->>CLI: organisations + active_organisation_id or error
CLI->>User: display identity/org, prompt (Y continue, C change)
end
alt User continues
User->>CLI: Y
CLI->>CLI: proceed to generate jobs
else User switches org
User->>CLI: C then select org
CLI->>Auth: POST /v1/organisations/switch {"organisation_id":orgID}
Auth-->>CLI: 200 OK or non-200 + body
CLI->>CLI: update identity.ActiveOrgID or surface error
CLI->>User: show updated status, prompt again
end
Possibly related PRs
🚥 Pre-merge checks | ✅ 2 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (2 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. Comment |
Contributor
|
🐝 Review App Deployed Homepage: https://hover-pr-292.fly.dev |
Codecov Report❌ Patch coverage is
📢 Thoughts on this report? Let us know! |
Contributor
|
🐝 Review App Deployed Homepage: https://hover-pr-292.fly.dev |
Contributor
|
🐝 Review App Deployed Homepage: https://hover-pr-292.fly.dev |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Actionable comments posted: 3
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In @.github/workflows/release-cli.yml:
- Around line 31-35: The script currently only warns when VERSION_TAG exists;
change it to verify that the existing VERSION_TAG resolves to HEAD and fail the
job if it does not. In the release step where VERSION_TAG is checked (the block
using git rev-parse and git tag and the GORELEASER_CURRENT_TAG logic), add a
check like comparing git rev-parse --verify "$VERSION_TAG" to git rev-parse
--verify HEAD (or using git rev-list -n1) and, if they differ, emit an error and
exit non-zero instead of proceeding; only allow continuing when the tag is
absent or points to HEAD so GoReleaser cannot overwrite another commit's release
artifacts.
In `@cmd/hover/auth.go`:
- Around line 357-364: The code currently falls back to storing user.Email into
id.UserName when both user.UserMetadata.FullName and user.UserMetadata.Name are
empty, causing potential PII leakage; update the logic in the
json.Unmarshal(sess.User, &user) block to only set id.UserName from
user.UserMetadata.FullName or user.UserMetadata.Name and do NOT assign
user.Email to id.UserName (leave it empty or a non-PII placeholder), and ensure
downstream usage (e.g., where id.UserName is printed in cmd/hover/jobs.go) skips
printing when id.UserName is empty so emails are never emitted to stderr or
logs.
In `@cmd/hover/jobs.go`:
- Around line 185-196: The prompt in confirmOrSwitchOrg currently always reads
stdin via scanner.Scan which aborts in CI or when stdin is not a TTY; update
confirmOrSwitchOrg (and the call sites that trigger the prompt) to skip
interactive prompting when stdin is non-terminal or when an explicit automation
flag is set (e.g., cfg.Yes or an org ID flag on authConfig), by detecting
terminal state with os.Stdin.Stat + term.IsTerminal (golang.org/x/term) or
equivalent and by honoring the new/existing --yes or organisation flag; when
non-interactive or --yes is supplied, automatically continue or select the
provided org instead of calling scanner.Scan() or returning "aborted". Ensure
changes reference confirmOrSwitchOrg, authConfig, identity, and scanner.Scan to
locate the logic to modify.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: ASSERTIVE
Plan: Pro
Run ID: f45068d3-ba5d-4054-9558-b94321c0ac17
📒 Files selected for processing (7)
.github/workflows/auto-release.yml.github/workflows/release-cli.yml.goreleaser.ymlcmd/hover/auth.gocmd/hover/jobs.gocmd/hover/main.gonpm/install.js
Contributor
|
🐝 Review App Deployed Homepage: https://hover-pr-292.fly.dev |
Contributor
Release VersionsApp patch: ChangelogAdded
Fixed
|
Contributor
|
🐝 Review App Deployed Homepage: https://hover-pr-292.fly.dev |
Contributor
There was a problem hiding this comment.
Actionable comments posted: 3
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In @.github/workflows/changelog-check.yml:
- Around line 182-185: The bot detection logic that sets botComment using
comments.find with comment.body.includes('## Release Versions') will miss older
PRs that use the previous header format; update the matcher in the botComment
assignment (the comments.find call / comment.body check) to accept both
formats—either by using a regex that matches the new and old header variants or
by checking for the new header and falling back to the old header string—to
avoid creating duplicate bot comments on existing PRs.
In `@cmd/hover/main.go`:
- Around line 80-82: The loop that selects the latest tag is comparing
non-canonical refs (r.Ref) so prerelease/helper tags can win; validate the
suffix is exactly X.Y.Z before calling compareSemver: import regexp, compile a
pattern like `^cli-v(\d+\.\d+\.\d+)$` (or extract suffix and match
`^\d+\.\d+\.\d+$`), use it to filter refs before doing `v :=
strings.TrimPrefix(r.Ref, "refs/tags/cli-v")` and `compareSemver(v, latest)`,
and skip any ref that does not match; make the same change for the second
occurrence around the compare on lines 86-87.
- Line 21: The update check (checkLatestVersion()) is being invoked before the
CLI validates which command will run, causing local-only errors and bare "hover"
to block on the network timeout; move the call(s) to after command/flag parsing
and validation (i.e., after you determine a supported command and before
executing networked actions) or run checkLatestVersion() as a non-blocking
goroutine started only once the command is confirmed valid; update all
occurrences (the calls at checkLatestVersion() and the similar blocks around
lines referenced) to follow this pattern so local usage/errors print immediately
and the version check only runs for confirmed executions.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: ASSERTIVE
Plan: Pro
Run ID: cf5a7180-927a-42a5-a3e7-529f68af796a
📒 Files selected for processing (2)
.github/workflows/changelog-check.ymlcmd/hover/main.go
Contributor
|
🐝 Review App Deployed Homepage: https://hover-pr-292.fly.dev |
Contributor
There was a problem hiding this comment.
♻️ Duplicate comments (1)
.github/workflows/changelog-check.yml (1)
162-173:⚠️ Potential issue | 🟡 MinorFix the release-preview comment matcher.
Line 163 now emits
# Release Versions, but Line 185 still searches for## Release Versions. That means reruns never find the existing preview comment and will keep posting duplicates. Please match the new header, and ideally add a stable marker so future formatting tweaks do not break updates again.Suggested fix
+ const releasePreviewMarker = '<!-- hover-release-preview -->'; const lines = [ + releasePreviewMarker, `# Release Versions`, ``, `**App** ${releaseType}: \`${currentVersion}\` → \`${nextVersion}\``, ]; @@ const botComment = comments.find(comment => comment.user.type === 'Bot' && - comment.body.includes('## Release Versions') + ( + comment.body.includes(releasePreviewMarker) || + comment.body.includes('# Release Versions') || + comment.body.includes('## Release Versions') + ) );Also applies to: 183-185
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In @.github/workflows/changelog-check.yml around lines 162 - 173, The generated preview body now starts with "# Release Versions" (built via the lines array and body variables) but the comment-matching logic still looks for "## Release Versions", causing duplicate posts; update the matcher used when searching/updating the existing release-preview comment to look for "# Release Versions" (or a regex that accepts one or two hashes) and, to prevent future breakage, embed a stable HTML marker (e.g. <!-- release-preview -->) into the generated body and change the search/update logic to target that marker instead; make sure the same marker is added in the code path that builds lines/body (including when changelogContent or cliChanged is used) and that the search logic (the code that finds the existing preview comment) checks for that marker.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Duplicate comments:
In @.github/workflows/changelog-check.yml:
- Around line 162-173: The generated preview body now starts with "# Release
Versions" (built via the lines array and body variables) but the
comment-matching logic still looks for "## Release Versions", causing duplicate
posts; update the matcher used when searching/updating the existing
release-preview comment to look for "# Release Versions" (or a regex that
accepts one or two hashes) and, to prevent future breakage, embed a stable HTML
marker (e.g. <!-- release-preview -->) into the generated body and change the
search/update logic to target that marker instead; make sure the same marker is
added in the code path that builds lines/body (including when changelogContent
or cliChanged is used) and that the search logic (the code that finds the
existing preview comment) checks for that marker.
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: ASSERTIVE
Plan: Pro
Run ID: 1752f1f0-a169-448a-a537-1f826604835d
📒 Files selected for processing (2)
.github/workflows/changelog-check.ymlCHANGELOG.md
Contributor
|
🐝 Review App Deployed Homepage: https://hover-pr-292.fly.dev |
Contributor
|
🐝 Review App Deployed Homepage: https://hover-pr-292.fly.dev |
Contributor
|
🐝 Review App Deployed Homepage: https://hover-pr-292.fly.dev |
Contributor
There was a problem hiding this comment.
Actionable comments posted: 2
♻️ Duplicate comments (2)
.github/workflows/release-cli.yml (1)
31-34:⚠️ Potential issue | 🟠 MajorPeel the existing tag before comparing it to
HEAD.
git rev-parse "$VERSION_TAG"returns the annotated tag object's SHA, so a realv*tag that already targetsHEADcan still fail this guard. Resolverefs/tags/$VERSION_TAG^{}(or usegit rev-list -n1) so the comparison is against the tagged commit.Proposed fix
- if git rev-parse "$VERSION_TAG" >/dev/null 2>&1; then - EXISTING=$(git rev-parse "$VERSION_TAG") + if git rev-parse -q --verify "refs/tags/$VERSION_TAG" >/dev/null 2>&1; then + EXISTING=$(git rev-parse "refs/tags/$VERSION_TAG^{}") CURRENT=$(git rev-parse HEAD)🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In @.github/workflows/release-cli.yml around lines 31 - 34, The tag existence check uses git rev-parse "$VERSION_TAG" which yields the annotated tag object SHA; change the command that sets EXISTING so it resolves the tag to the commit (for example resolve refs/tags/$VERSION_TAG^{} or use git rev-list -n1 "$VERSION_TAG") before comparing to CURRENT; update the assignment to EXISTING (and keep CURRENT from git rev-parse HEAD) so the comparison between EXISTING and CURRENT correctly compares the tagged commit SHA rather than the tag object SHA.cmd/hover/jobs.go (1)
188-195:⚠️ Potential issue | 🟠 Major
ModeCharDeviceis not a terminal check.
os.ModeCharDeviceis true for character devices like/dev/null, not just interactive TTYs. In CI or scripted runs that redirect stdin to a character device, this path can still enter the prompt and returnaborted. Use a real TTY test such asgolang.org/x/term.IsTerminal(int(os.Stdin.Fd())).In Go, can `os.FileInfo.Mode()&os.ModeCharDevice != 0` return true for non-terminal character devices such as `/dev/null`? Is `golang.org/x/term.IsTerminal(int(os.Stdin.Fd()))` the recommended TTY check?🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@cmd/hover/jobs.go` around lines 188 - 195, The isTerminal function currently uses fi.Mode()&os.ModeCharDevice to detect a terminal, which can be true for non-interactive character devices (e.g., /dev/null); replace that check with a real TTY test by calling golang.org/x/term.IsTerminal(int(os.Stdin.Fd())) inside isTerminal so it returns true only for an interactive terminal; update imports to include golang.org/x/term and ensure isTerminal returns the boolean result of term.IsTerminal.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In @.github/workflows/changelog-check.yml:
- Around line 96-104: Ensure only semver-style CLI tags are considered by
filtering LATEST_CLI_TAG to match the strict pattern cli-v[0-9]+\.[0-9]+\.[0-9]+
before using CLI_VER/CMaj/CMIN/CPAT; modify the tag selection pipeline that sets
LATEST_CLI_TAG so it only returns tags matching that regex (and falls back to
"cli-v0.0.0" / CLI_NEXT="cli-v0.1.0" when none match), and only then parse
CLI_VER and increment CPAT to form CLI_NEXT, preventing malformed tags like
cli-vnext or cli-v1.2 from being used.
In `@cmd/hover/jobs.go`:
- Around line 199-205: The confirmation prompt in confirmOrSwitchOrg blocks on
scanner.Scan() and doesn't observe ctx cancellation; make the prompt cancellable
by running the scanner read in a goroutine and selecting between the scanner
result and ctx.Done(), or alternatively poll scanner.Scan() via a select that
watches a channel fed by the goroutine; on ctx.Done() return ctx.Err() (or a
wrapped cancellation error) and ensure the goroutine exits cleanly.
Specifically, inside confirmOrSwitchOrg, spawn a goroutine that performs
scanner.Scan() and sends the scanned text/ok flag or error on a channel, then
replace the direct scanner.Scan() wait with a select { case <-ctx.Done(): return
ctx.Err(); case res := <-scanCh: /* handle input or EOF/error */ } so Ctrl+C
(signal.NotifyContext) cancels the prompt.
---
Duplicate comments:
In @.github/workflows/release-cli.yml:
- Around line 31-34: The tag existence check uses git rev-parse "$VERSION_TAG"
which yields the annotated tag object SHA; change the command that sets EXISTING
so it resolves the tag to the commit (for example resolve
refs/tags/$VERSION_TAG^{} or use git rev-list -n1 "$VERSION_TAG") before
comparing to CURRENT; update the assignment to EXISTING (and keep CURRENT from
git rev-parse HEAD) so the comparison between EXISTING and CURRENT correctly
compares the tagged commit SHA rather than the tag object SHA.
In `@cmd/hover/jobs.go`:
- Around line 188-195: The isTerminal function currently uses
fi.Mode()&os.ModeCharDevice to detect a terminal, which can be true for
non-interactive character devices (e.g., /dev/null); replace that check with a
real TTY test by calling golang.org/x/term.IsTerminal(int(os.Stdin.Fd())) inside
isTerminal so it returns true only for an interactive terminal; update imports
to include golang.org/x/term and ensure isTerminal returns the boolean result of
term.IsTerminal.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: ASSERTIVE
Plan: Pro
Run ID: c0c5fdef-21da-4a5f-80d7-27a2704c49b7
📒 Files selected for processing (5)
.github/workflows/changelog-check.yml.github/workflows/release-cli.ymlcmd/hover/auth.gocmd/hover/jobs.gocmd/hover/main.go
Contributor
|
🐝 Review App Deployed Homepage: https://hover-pr-292.fly.dev |
Contributor
|
🐝 Review App Deployed Homepage: https://hover-pr-292.fly.dev |
Contributor
|
🐝 Review App Deployed Homepage: https://hover-pr-292.fly.dev |
Contributor
|
🐝 Review App Deployed Homepage: https://hover-pr-292.fly.dev |
Contributor
|
🐝 Review App Deployed Homepage: https://hover-pr-292.fly.dev |
Contributor
|
🐝 Review App Deployed Homepage: https://hover-pr-292.fly.dev |
Contributor
|
🐝 Review App Deployed Homepage: https://hover-pr-292.fly.dev |
Contributor
|
🐝 Review App Deployed Homepage: https://hover-pr-292.fly.dev |
Contributor
There was a problem hiding this comment.
Actionable comments posted: 7
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (2)
.claude/settings.json (1)
4-107:⚠️ Potential issue | 🟠 MajorRe-add narrowly scoped
npxpermissions required by automation hooks.The current allowlist blocks
.opencode/plugins/automation-hooks.js(Lines 120-146), which runsnpx prettier --writeandnpx eslint --fix. Those post-edit steps will silently fail.🔧 Proposed fix
"Bash(npm test)", + "Bash(npx prettier:*)", + "Bash(npx eslint:*)", "Bash(claude --version)",🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In @.claude/settings.json around lines 4 - 107, The allowlist in .claude/settings.json currently blocks the automation hooks in .opencode/plugins/automation-hooks.js that run npx prettier --write and npx eslint --fix; add narrowly scoped Bash entries to the "allow" array such as allowing "Bash(npx prettier --write:*)" and "Bash(npx eslint --fix:*)" (or equivalent patterns matching how other commands are listed) so those post-edit automation commands can run while keeping the rest of the allowlist unchanged..github/workflows/auto-release.yml (1)
142-154:⚠️ Potential issue | 🟡 MinorAdd strict semver validation for CLI tag selection.
The
git tag -l 'cli-v*'pattern will match any tag with that prefix, including malformed ones likecli-vnextorcli-v1.2.beta. The current logic does not validate the suffix before parsing, which could generate an incorrect CLI version. Consider filtering to strict semver format:Suggested fix
- LATEST_CLI_TAG=$(git tag -l 'cli-v*' --sort=-version:refname | head -1) + LATEST_CLI_TAG=$(git tag -l 'cli-v*' --sort=-version:refname | grep -E '^cli-v[0-9]+\.[0-9]+\.[0-9]+$' | head -1)🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In @.github/workflows/auto-release.yml around lines 142 - 154, The tag-selection logic uses LATEST_CLI_TAG/CLI_VER/CLI_VERSION but doesn't validate that tags match strict semver, causing malformed tags like cli-vnext to be parsed; update the tag listing to only consider semantic version tags (e.g. use git tag -l with a strict glob or pipe through grep -E '^cli-v[0-9]+\.[0-9]+\.[0-9]+$') to set LATEST_CLI_TAG, then proceed to extract CLI_VER and increment PAT as before and fall back to "cli-v0.1.0" when no valid semver tag is found; ensure the new filtering is applied where LATEST_CLI_TAG is assigned so CLI_VER/MAJ/MIN/PAT parsing only runs on validated semver tags.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In @.github/workflows/cleanup-orphaned-apps.yml:
- Line 23: Update the comment on the uses line that pins the action to a SHA:
change or remove the misleading “# master” text in the line containing "uses:
superfly/flyctl-actions/setup-flyctl@63da3ecc5e2793b98a3f2519b3d75d4f4c11cec2"
so the comment accurately reflects that the action is pinned to a commit SHA
rather than master (e.g., replace the comment with the SHA or remove the
trailing label).
In @.github/workflows/fly-deploy.yml:
- Line 41: Update the stale inline comment that says "# master" on the Flyctl
action pin; locate the uses line containing
"superfly/flyctl-actions/setup-flyctl@63da3ecc5e2793b98a3f2519b3d75d4f4c11cec2"
and replace or remove the "# master" comment so it correctly reflects that the
action is pinned to a specific commit (e.g., change to "# pinned to commit
63da3ecc..." or simply remove the misleading comment).
In @.github/workflows/review-apps.yml:
- Line 46: Remove or update the misleading inline comment "# master" next to the
pinned action references so the comment reflects that a specific commit SHA is
used; locate the occurrences of the action string "uses:
superfly/flyctl-actions/setup-flyctl@63da3ecc5e2793b98a3f2519b3d75d4f4c11cec2"
(and the other identical pinned-action occurrence mentioned) and either delete
the "# master" comment or replace it with a note indicating it is a fixed SHA
(e.g., "# pinned to specific commit"), ensuring both instances are updated
consistently.
In `@cmd/hover/auth.go`:
- Around line 412-415: The error construction in the org-switch code reads and
returns the raw HTTP response body (io.ReadAll(resp.Body)) which may leak
sensitive/end-user content; change the error returned in the resp.StatusCode !=
http.StatusOK branch to omit the body and return a status-only or sanitized
message (e.g., use fmt.Errorf("switch org failed (HTTP %d)", resp.StatusCode))
and remove the io.ReadAll call; locate the check that references resp.StatusCode
and io.ReadAll(resp.Body) in cmd/hover/auth.go and update that code path
accordingly.
In `@cmd/hover/jobs.go`:
- Around line 212-215: The blocking scanner.Scan() calls inside
confirmOrSwitchOrg do not observe ctx.Done(), making the prompt uncancellable;
refactor by running the bufio.Scanner loop in a goroutine that sends lines to a
channel and in the main prompt loop select between ctx.Done() and that input
channel, returning ctx.Err() when cancelled and treating a closed channel as an
abort (error) instead of relying on scanner.Scan() directly; update both input
read sites (the current scanner.Scan() usages in confirmOrSwitchOrg) to use this
cancellable pattern so Ctrl+C/signal.NotifyContext can cancel the prompt.
- Around line 206-210: Update the user-facing prompt strings in the interactive
continuation block that references id.Orgs so they use "organisation" instead of
the abbreviation "org": change the text in the fmt.Fprintf call that currently
prints " or Change org: \033[1mC\033[0m" to use "organisation" (e.g. " or Change
organisation: \033[1mC\033[0m") to match the existing "No other organisations
available." wording and Australian English guidelines.
In `@scripts/changelog-version.sh`:
- Around line 70-73: Guard against a missing COMPARE_REF by verifying the ref
before running the git diff: after setting
COMPARE_REF="${COMPARE_REF:-origin/main}" add a check using git rev-parse
--verify "${COMPARE_REF}" >/dev/null 2>&1 and if that fails either fetch the
remote branch (git fetch origin main) or fall back to a safe ref (e.g.,
COMPARE_REF=HEAD); then run the existing git diff --name-only ... and set
CLI_CHANGED="true" based on its output. Ensure you reference and update
COMPARE_REF and preserve the existing CLI_CHANGED logic around the git diff
invocation.
---
Outside diff comments:
In @.claude/settings.json:
- Around line 4-107: The allowlist in .claude/settings.json currently blocks the
automation hooks in .opencode/plugins/automation-hooks.js that run npx prettier
--write and npx eslint --fix; add narrowly scoped Bash entries to the "allow"
array such as allowing "Bash(npx prettier --write:*)" and "Bash(npx eslint
--fix:*)" (or equivalent patterns matching how other commands are listed) so
those post-edit automation commands can run while keeping the rest of the
allowlist unchanged.
In @.github/workflows/auto-release.yml:
- Around line 142-154: The tag-selection logic uses
LATEST_CLI_TAG/CLI_VER/CLI_VERSION but doesn't validate that tags match strict
semver, causing malformed tags like cli-vnext to be parsed; update the tag
listing to only consider semantic version tags (e.g. use git tag -l with a
strict glob or pipe through grep -E '^cli-v[0-9]+\.[0-9]+\.[0-9]+$') to set
LATEST_CLI_TAG, then proceed to extract CLI_VER and increment PAT as before and
fall back to "cli-v0.1.0" when no valid semver tag is found; ensure the new
filtering is applied where LATEST_CLI_TAG is assigned so CLI_VER/MAJ/MIN/PAT
parsing only runs on validated semver tags.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: ASSERTIVE
Plan: Pro
Run ID: 4e25f233-621d-489f-9125-b520891c89b4
📒 Files selected for processing (12)
.claude/settings.json.github/workflows/auto-release.yml.github/workflows/changelog-check.yml.github/workflows/cleanup-orphaned-apps.yml.github/workflows/fly-deploy.yml.github/workflows/release-cli.yml.github/workflows/review-apps.ymlcmd/hover/auth.gocmd/hover/jobs.gocmd/hover/main.goopencode.jsonscripts/changelog-version.sh
Comment on lines
+70
to
+73
| COMPARE_REF="${COMPARE_REF:-origin/main}" | ||
|
|
||
| if git diff --name-only "${COMPARE_REF}"...HEAD -- cmd/hover/ npm/ 2>/dev/null | grep -q .; then | ||
| CLI_CHANGED="true" |
Contributor
There was a problem hiding this comment.
Guard against missing COMPARE_REF to avoid false cli_changed=false.
If origin/main is unavailable in the checkout, the diff check fails silently and can incorrectly skip CLI release detection.
🛠️ Proposed fix
COMPARE_REF="${COMPARE_REF:-origin/main}"
-if git diff --name-only "${COMPARE_REF}"...HEAD -- cmd/hover/ npm/ 2>/dev/null | grep -q .; then
+if ! git rev-parse -q --verify "${COMPARE_REF}^{commit}" >/dev/null; then
+ echo "Warning: COMPARE_REF '${COMPARE_REF}' not found; marking cli_changed=true"
+ CLI_CHANGED="true"
+elif git diff --name-only "${COMPARE_REF}"...HEAD -- cmd/hover/ npm/ | grep -q .; then
CLI_CHANGED="true"
LATEST_CLI_TAG=$(git tag -l 'cli-v[0-9]*.[0-9]*.[0-9]*' --sort=-version:refname | head -1)
if [ -z "$LATEST_CLI_TAG" ]; then🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@scripts/changelog-version.sh` around lines 70 - 73, Guard against a missing
COMPARE_REF by verifying the ref before running the git diff: after setting
COMPARE_REF="${COMPARE_REF:-origin/main}" add a check using git rev-parse
--verify "${COMPARE_REF}" >/dev/null 2>&1 and if that fails either fetch the
remote branch (git fetch origin main) or fall back to a safe ref (e.g.,
COMPARE_REF=HEAD); then run the existing git diff --name-only ... and set
CLI_CHANGED="true" based on its output. Ensure you reference and update
COMPARE_REF and preserve the existing CLI_CHANGED logic around the git diff
invocation.
Contributor
|
🐝 Review App Deployed Homepage: https://hover-pr-292.fly.dev |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
cli-v*tags instead ofv*npm/directoryv0.1.0)Cto change) with numbered org selectionv*tag already existsTest plan
npm install -g @harvey-au/hoverdownloads from correctcli-v*releasehover versionshows injected version, not hardcodedv0.1.0hover jobs generateshows identity line and org switching promptCcalls API and updates active orgSummary by CodeRabbit
New Features
Bug Fixes
Documentation