Skip to content

chore(main): release engine-and-dependents libraries#7127

Merged
JSONbored merged 3 commits into
mainfrom
release-please--branches--main--groups--engine-and-dependents
Jul 17, 2026
Merged

chore(main): release engine-and-dependents libraries#7127
JSONbored merged 3 commits into
mainfrom
release-please--branches--main--groups--engine-and-dependents

Conversation

@JSONbored

Copy link
Copy Markdown
Owner

🤖 I have created a release beep boop

engine: 3.2.1

3.2.1 (2026-07-17)

Fixes

  • config: recognize federatedIntelligence manifest block in lint and preview (95ba59a)
  • config: recognize federatedIntelligence manifest block in lint and preview (1c80fb8)
mcp: 3.2.1

3.2.1 (2026-07-17)

Fixes

  • api: blunt slop-risk / issue-slop REST + CLI to match the MCP tools (#6990) (#7052) (9971476)
  • release: scope MCP publish validation to its own package (86ee117)

Dependencies

  • The following workspace dependencies were updated
    • dependencies
      • @loopover/engine bumped from ^3.0.0 to ^3.2.1
miner: 3.2.1

3.2.1 (2026-07-17)

Fixes

  • miner: bound oauth-device-flow.js's GitHub fetches with a request timeout (cd9aedf)
  • miner: bound oauth-device-flow.js's GitHub fetches with a request timeout (77ca20f)
  • miner: fail closed when a chat-action handler throws (8ba48bd)
  • miner: fail closed when a chat-action handler throws (bdb11d9), closes #6989
  • miner: purge contribution-profile-cache and governor-state's repo-scoped tables (#7091) (#7110) (6cb2c17)
  • release: scope MCP publish validation to its own package (86ee117)

Dependencies

  • The following workspace dependencies were updated
    • dependencies
      • @loopover/engine bumped from ^3.0.0 to ^3.2.1

This PR was generated with Release Please. See documentation.

@cloudflare-workers-and-pages

cloudflare-workers-and-pages Bot commented Jul 17, 2026

Copy link
Copy Markdown

Deploying with  Cloudflare Workers  Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status Name Latest Commit Preview URL Updated (UTC)
✅ Deployment successful!
View logs
loopover-ui 78bd78e Commit Preview URL

Branch Preview URL
Jul 17 2026, 10:33 PM

@superagent-security

Copy link
Copy Markdown
Contributor

Superagent didn't find any vulnerabilities or security issues in this PR.

@codecov

codecov Bot commented Jul 17, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 95.98%. Comparing base (fc6d689) to head (15023e9).
✅ All tests successful. No failed tests found.

Additional details and impacted files
@@            Coverage Diff             @@
##             main    #7127      +/-   ##
==========================================
+ Coverage   93.75%   95.98%   +2.22%     
==========================================
  Files         692      609      -83     
  Lines       68829    48165   -20664     
  Branches    18781    15133    -3648     
==========================================
- Hits        64532    46230   -18302     
+ Misses       3302     1118    -2184     
+ Partials      995      817     -178     
Flag Coverage Δ
rees ?
shard-1 43.77% <ø> (ø)
shard-2 36.86% <ø> (ø)
shard-3 33.15% <ø> (ø)
shard-4 34.47% <ø> (ø)
shard-5 32.28% <ø> (+<0.01%) ⬆️
shard-6 45.84% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.
see 83 files with indirect coverage changes

@loopover-orb loopover-orb Bot added the gittensor:bug Gittensor-scored bug fix — scores a 0.05x multiplier. label Jul 17, 2026
@loopover-orb

loopover-orb Bot commented Jul 17, 2026

Copy link
Copy Markdown

Caution

🛑 LoopOver review result - fixes required

Review updated: 2026-07-17 23:05:09 UTC

9 files · 1 AI reviewer · 1 blocker · CI failing · blocked

🛑 Suggested Action - Manual Review

Review summary
This is an automated release-please version-bump PR bumping engine/mcp/miner packages to 3.2.1, updating the manifest, package.json versions, internal @​loopover/engine dependency ranges, package-lock.json, and appending changelog entries. The diff is mechanical and internally consistent: manifest, package.json, package-lock, and CHANGELOG entries all agree on the 3.2.1 target version and the engine dependency bump from ^3.0.0 to ^3.2.1.

Blockers

  • The `validate`, `validate-tests (5)`, and `validate-code` CI checks are failing on this commit, and nothing in the visible diff explains why — this needs investigation before merge since it may indicate a real drift between the bumped versions and something the validation scripts check (e.g. lockfile/package.json parity).
Nits — 4 non-blocking
  • The external brief's 'no SLSA/sigstore attestation' and 'long-file' package-lock.json flags are expected noise for an automated release PR (lockfiles and provenance attestations are not something this diff controls) and shouldn't block.
  • Before merging, pull the logs for the three failing checks (validate, validate-tests (5), validate-code) to confirm they're either pre-existing/flaky or actually caused by the version bump.
  • Since this is a release-please bot PR, confirm the bot's own release workflow gates on these checks the same way a human PR would, per repo convention.
  • Diff looks like trivial or whitespace-only churn — Reduce whitespace-only or formatting-only churn and keep the diff focused on substantive changes.

Why this is blocked

  • No linked issue detected — If this PR is intended to solve an issue, link it explicitly in the PR body.
📋 Copy for AI agents — paste into your coding agent
Fix the following blocker(s) from this PR review:

1. No linked issue detected — If this PR is intended to solve an issue, link it explicitly in the PR body.

CI checks failing

  • validate
  • validate-tests (5)

Decision drivers

  • ❌ Code review — 1 blocker (1 reviewer)
  • ❌ Gate result — Blocking (Repo-configured hard blocker found.)
Context & advisory signals — never blocks the verdict
Signal Result Evidence
Linked issue ✅ No-issue rationale PR body explains why no issue is linked.
Related work ⚠️ 1 scoped overlap Top overlaps are listed below; lower-confidence bulk is hidden.
Change scope ❌ 8/20 High review scope from cached public metadata (no linked issue context).
Validation posture ✅ 25/25 PR body includes validation/test evidence.
Contributor workload ✅ 10/10 Author activity: 32 registered-repo PR(s), 25 merged, 368 issue(s).
Contributor context ✅ Confirmed Gittensor contributor JSONbored; Gittensor profile; 32 PR(s), 368 issue(s).
Improvement ℹ️ Insufficient signal risk: low · value: insufficient-signal
Review context
  • Author: JSONbored
  • Role context: owner (maintainer lane)
  • Public audience mode: oss maintainer
  • Lane context: Repository is configured for direct PR review.
  • Public profile languages: not available
  • Official Gittensor activity: 32 PR(s), 368 issue(s).
  • Related work: Titles/paths share 7 meaningful terms. (PR #7122)
Contributor next steps
  • Start here: Treat this as maintainer-lane context rather than normal contributor-lane activity.
  • Then work through the remaining 3 steps in the Signals table above.
Signal definitions
  • Related work = same linked issue, overlapping active PRs, or title/path similarity.
  • Change scope = cached public metadata such as size labels, draft state, and review-burden hints.
  • Validation posture = whether the PR provides enough public validation/test evidence for maintainer review.
  • Contributor workload = public contributor activity and cleanup pressure, not a repo-wide quality failure.
  • Contributor context = public GitHub/Gittensor identity context; non-Gittensor status is not a blocker.
🧪 Chat with LoopOver

Ask LoopOver a question about this PR directly in a comment — grounded only in the same cached, public-safe facts shown above, never a new claim.

  • @loopover ask &lt;question&gt; answers contribution-quality Q&A with source citations and freshness.
  • @loopover chat &lt;question&gt; answers in natural prose from cached decision-pack facts via local inference (maintainer/collaborator; read-only).
  • A plain-language @loopover mention with a real question is routed to the closest matching read-only command automatically — no exact syntax required.

Full command reference: https://loopover.ai/docs/loopover-commands

🧪 Experimental — new and may change.

🟩 Safe / merged · 🟦 Advisory · 🟨 Held for review · 🟥 Blocked / closed


💰 Earn for open-source contributions like this. Gittensor lets GitHub contributors earn for the work they already do — register to start earning →.

Checked by LoopOver, a quiet PR intelligence layer for OSS maintainers.

  • Re-run LoopOver review

@loopover-orb loopover-orb Bot added the manual-review Gittensor contributor context label Jul 17, 2026
@codecov

codecov Bot commented Jul 17, 2026

Copy link
Copy Markdown

Bundle Report

Bundle size has no change ✅

@JSONbored
JSONbored merged commit b8a2f03 into main Jul 17, 2026
19 checks passed
@JSONbored
JSONbored deleted the release-please--branches--main--groups--engine-and-dependents branch July 17, 2026 23:16
galuis116 pushed a commit to galuis116/gittensory that referenced this pull request Jul 18, 2026
…onent

The "Sync package-lock.json and engine-version pin" step hardcoded
`for component in mcp engine miner ui-kit` against the old
`release-please--branches--main--components--<name>` naming. Since
linked-versions (previous commit) now puts mcp/engine/miner on ONE shared
`--groups--<groupName>` branch, that hardcoded loop silently never found
or synced it -- confirmed live: PR JSONbored#7127's group branch left
expected-engine.version stale, failing engine-parity:drift-check and two
engine-version-display tests.

Branches to check are now discovered via `git ls-remote --heads` against
the release-please branch prefix instead of assumed by name, and the
expected-engine.version sync fires on every checked-out branch (comparing
its own committed pin against its own package.json) rather than an
`if component == engine` check -- correct whether engine's bump lands via
a solo branch or a shared group branch, and automatically adapts if the
group's membership or name ever changes again.

Also deleted 3 now-orphaned release-please--branches--main--components--
{engine,mcp,miner} branches left over from before this change (all their
PRs were already closed/merged; linked-versions will never reuse them).
galuis116 pushed a commit to galuis116/gittensory that referenced this pull request Jul 18, 2026
Root cause traced as far as possible: release-please's own createReleases()
(the step that actually tags a merged Release PR) sometimes finds nothing
to tag, and createPullRequests() then aborts every subsequent run without
ever completing the tag -- confirmed live across two separate
linked-versions release cycles this session (JSONbored#7127, JSONbored#7133), both requiring
a manual dispatch of each publish-*.yml workflow plus manually flipping
the merged PR's autorelease:pending label. Matches multiple long-open,
unresolved upstream issues (googleapis/release-please#1946/JSONbored#1444/JSONbored#1406),
so it isn't something fixable from this repo's config alone.

Adds a reconcile-stale-releases job that runs after every release-please
attempt, independent of its outputs: compares each package's committed
package.json version against what's actually live on npm, dispatches
that package's publish workflow whenever they disagree (the same
documented human-override path, automated), and flips any merged PR's
autorelease label once every package is confirmed live -- unsticking
release-please's own tracking for the next run. Also cleaned up one
ancient, silently-stuck instance of the exact same bug (engine v1.0.0,
autorelease:pending since long before this session).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

autorelease: tagged gittensor:bug Gittensor-scored bug fix — scores a 0.05x multiplier. manual-review Gittensor contributor context

Projects

None yet

Development

Successfully merging this pull request may close these issues.

chat-action-dispatch.js doesn't catch handler exceptions (unlike its own paramsValidator call)

1 participant