chore: bump the patch group with 3 updates#5774
Merged
Conversation
Bumps the patch group with 3 updates: [insta](https://github.com/mitsuhiko/insta), [semver](https://github.com/dtolnay/semver) and [libc](https://github.com/rust-lang/libc). Updates `insta` from 1.47.1 to 1.47.2 - [Release notes](https://github.com/mitsuhiko/insta/releases) - [Changelog](https://github.com/mitsuhiko/insta/blob/master/CHANGELOG.md) - [Commits](mitsuhiko/insta@1.47.1...1.47.2) Updates `semver` from 1.0.27 to 1.0.28 - [Release notes](https://github.com/dtolnay/semver/releases) - [Commits](dtolnay/semver@1.0.27...1.0.28) Updates `libc` from 0.2.183 to 0.2.184 - [Release notes](https://github.com/rust-lang/libc/releases) - [Changelog](https://github.com/rust-lang/libc/blob/0.2.184/CHANGELOG.md) - [Commits](rust-lang/libc@0.2.183...0.2.184) --- updated-dependencies: - dependency-name: insta dependency-version: 1.47.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch - dependency-name: semver dependency-version: 1.0.28 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch - dependency-name: libc dependency-version: 0.2.184 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch ... Signed-off-by: dependabot[bot] <support@github.com>
prql-bot
approved these changes
Apr 6, 2026
Member
|
@prql-bot fix CI |
Collaborator
|
Both failures are pre-existing infrastructure issues unrelated to the dependency bumps:
Main branch CI is green — re-ran the failed jobs. |
Collaborator
|
Update: test-python passed on re-run. The only real remaining failure is This is a pre-existing issue affecting all Dependabot PRs that trigger this matrix variant. Options to unblock:
Re-ran the failed jobs in case the wasm cancellation clears up, but the Docker credentials issue will persist. |
Dependabot PRs don't have access to repo secrets, causing the Docker Hub login step to fail and blocking CI. This adds a credential check that gracefully falls back to running tests without test-dbs-external when Docker Hub credentials aren't available. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Collaborator
|
CI was failing because Dependabot PRs don't have access to repo secrets ( Pushed a fix that detects when Docker Hub credentials are unavailable and gracefully skips |
Member
|
can we give dependabot access to those? or have it fall back to no login? |
prql-bot
approved these changes
Apr 6, 2026
for more information, see https://pre-commit.ci
prql-bot
approved these changes
Apr 6, 2026
Instead of skipping test-dbs-external entirely when Docker Hub credentials are unavailable (Dependabot PRs), just skip the login step. All images are public; login is only needed to avoid rate limits. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Collaborator
|
GitHub doesn't allow Dependabot PRs to access regular repo secrets — you'd need to duplicate the Docker Hub credentials into Dependabot-specific secrets (Settings → Secrets → Dependabot). But the fix already pushed here takes the "fall back to no login" approach: when |
Collaborator
|
Good call — simplified in a133023. The login step now just checks Alternatively, you could add the credentials as Dependabot secrets (Settings → Secrets → Dependabot) if rate limits become an issue, but for the volume of Dependabot PRs here that seems unnecessary. |
for more information, see https://pre-commit.ci
prql-bot
approved these changes
Apr 6, 2026
actionlint doesn't recognize that `secrets: inherit` makes the secrets context available in reusable workflows, so use an env var to pass the secret value for the conditional check. Co-Authored-By: Claude <noreply@anthropic.com>
prql-bot
approved these changes
Apr 6, 2026
tend-agent
pushed a commit
to max-sixty/tend
that referenced
this pull request
Apr 6, 2026
When the bot pushes a fix commit to a third-party PR (e.g., Dependabot) that it already approved, the triggered tend-review run would re-approve redundantly. On PRQL/prql#5774, this produced 5 approvals from the same bot — each push from the notifications handler triggered a new review that re-approved. Add a pre-flight check: if the bot's last review was APPROVED and the latest commit was authored by the bot (on a non-self-authored PR), exit silently. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This was referenced Apr 6, 2026
max-sixty
pushed a commit
to max-sixty/tend
that referenced
this pull request
Apr 7, 2026
…ing (#153) ## Summary - Distinguish `cancelled` checks from `failure` checks in the review skill's CI monitoring step - Add explicit "do not re-run cancelled jobs" guidance — concurrency-group cancellations are expected, not flakes - Reinforce the single-loop constraint to prevent follow-up polling loops after re-runs ## Evidence Two PRQL/prql review sessions showed the same structural pattern: the bot's approval event triggers a `pull_request_review` workflow run, which cancels the in-progress CI via concurrency groups. The bot misclassifies the cancellation as a transient flake, re-runs the cancelled jobs (which get cancelled again), and launches additional polling loops — consuming 20-30 minutes per session after the review was already complete. | Run | PR | Behavior | |---|---|---| | [24042125963](https://github.com/PRQL/prql/actions/runs/24042125963) | PRQL/prql#5775 (tokio bump) | Approved correctly, then spent ~30 min in 4 polling loops + 1 re-run chasing concurrency cancellations | | [24042097277](https://github.com/PRQL/prql/actions/runs/24042097277) | PRQL/prql#5774 (patch deps) | Approved correctly (with good MSRV check), then spent ~30 min in 3 polling loops + 2 re-runs chasing concurrency cancellations | **Failure type**: Structural — the mechanism is deterministic: approval → `pull_request_review` event → new workflow run → concurrency group cancels in-progress run → bot sees cancellation → re-runs → repeat. **Gate assessment**: High confidence (2 occurrences, structural failure). Targeted fix (3 new bullet points, no structural change). Passes both gates. --------- Co-authored-by: continuous-bot <269947486+continuous-bot@users.noreply.github.com> Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> Co-authored-by: tend-agent <270458913+tend-agent@users.noreply.github.com>
This was referenced Apr 10, 2026
max-sixty
pushed a commit
to max-sixty/tend
that referenced
this pull request
Apr 10, 2026
## Summary - Add a **"Non-issues: do not flag these"** section to `review-reviewers/SKILL.md` so the hourly judgment doesn't keep re-discovering the same non-problem. - Document in `review/SKILL.md` that commit and PR authorship don't affect review behavior — reviewing/re-approving after a bot-pushed fix is expected. ## Evidence — two prior rejections of the same fix `review-reviewers` has now made two attempts to guard `tend-review` from re-approving on bot-pushed fix commits. Both were closed by the maintainer as solving a non-problem. | PR | Title | Closed | Maintainer feedback | |---|---|---|---| | [#154](#154) | `fix(review): skip re-review when bot pushes to already-approved PR` | 2026-04-07 | "but presumably this does require a new review, no? why is this case special?" | | [#212](#212) | `fix(review): skip APPROVE when incremental commits are bot-authored` | 2026-04-10 01:07Z | "this is totally fine — we should *not* treat a bot PR differently from any other PR. We should make that clear in our docs" | The second rejection explicitly asked for the principle to be documented. This PR does that. ## Root cause Run [24219300860](https://github.com/max-sixty/tend/actions/runs/24219300860) (prior `review-reviewers` run at 23:59Z) observed a `tend-review` run on max-sixty/worktrunk#2041 submitting a fourth APPROVED review on a bot-authored commit pushed by `tend-notifications`, classified it as "Structural — recurs whenever the bot pushes to a PR it already reviewed," and filed #212. The judgment was wrong: commit authorship is not a review-logic problem. Run [24220122739](https://github.com/max-sixty/tend/actions/runs/24220122739) (`tend-review` on #212) then correctly executed the new logic the PR added, but the PR's premise was rejected by the maintainer minutes later in run [24221123712](https://github.com/max-sixty/tend/actions/runs/24221123712). The underlying 5-stacked-approvals incident that originally motivated #154 ([PRQL/prql#5774](PRQL/prql#5774)) was a *concurrency* issue — cancelled runs racing to POST approvals before SIGTERM arrived — not a review-logic issue. This is called out in the new "Non-issues" entry so it isn't confused for the same pattern in future. ## Gate assessment | Gate | Result | |---|---| | **Evidence level** | Critical — two closed PRs with explicit maintainer rejection, plus an explicit "make that clear in our docs" request | | **Occurrences** | 3 independent instances (PR #154 authoring run, PR #212 authoring run 24219300860, and each closure) | | **Classification** | **Structural** — the skill has no guidance distinguishing expected re-approval from a loop; it will make the same judgment again without a fix | | **Change type** | **Targeted fix** — 21 lines total across two files, no restructuring | | **Passes Gate 1 (confidence)** | Yes — Critical bar is 1 occurrence; this has 2 | | **Passes Gate 2 (magnitude)** | Yes — targeted fix at normal threshold | ## Test plan - [ ] Next time a `tend-review` run re-approves after `tend-notifications` or `tend-ci-fix` pushes a fix, the subsequent `review-reviewers` run should not flag it as a behavioral problem. - [ ] The `review` skill continues reviewing bot-pushed fixes normally (no behavior change — only documentation added). Co-authored-by: continuous-bot <269947486+continuous-bot@users.noreply.github.com> Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the patch group with 3 updates: insta, semver and libc.
Updates
instafrom 1.47.1 to 1.47.2Release notes
Sourced from insta's releases.
Changelog
Sourced from insta's changelog.
Commits
0ddf1e8Release 1.47.2 (#894)094b1cfRevert Arc→Rc change, restore Send + Sync on Settings (#893)65a5233Add regression test for sort_maps not sorting Vecs (#892)Updates
semverfrom 1.0.27 to 1.0.28Release notes
Sourced from semver's releases.
Commits
7625c7aRelease 1.0.28fd404d0Merge pull request 351 from czy-29/masterf75f26eThedoc_auto_cfganddoc_cfgfeatures have been merged9e2bfa2Enableserdeondocs.rsand automatically addserdeflag to the docs8591f23Unpin CI miri toolchain66bdd2cPin CI miri to nightly-2026-02-11324ffceSwitch from cargo bench to criterion34133a5Update actions/upload-artifact@v5 -> v67f935ffUpdate actions/upload-artifact@v4 -> v5c07fb91Switch from test::black_box to std::hint::black_boxUpdates
libcfrom 0.2.183 to 0.2.184Release notes
Sourced from libc's releases.
Changelog
Sourced from libc's changelog.
Commits
b1fd610chore: Release libc 0.2.184f596819ci: Don't enforce cargo-semver-checks4645f60linux: update ptrace_syscall_info struct14cbbectypes: RemovePadding::uninitb5dcda8pthread: UsePadding::new(\<zeroed>)rather thanPadding::uninit()bbb1c5dtypes: Add anewfunction toPaddingdf06e43Fix locale values and add RTLD_NOLOAD, some TCP constants078f5c6newlib/espidf: Move DT_* to espidf/mod.rsd32b83dAdd IP_MINTTL to bsd939e0ecDefine max_align_t for riscv64-linuxDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions