chore(deps): bump actions/github-script from 7.0.1 to 9.0.0#33
Conversation
Bumps [actions/github-script](https://github.com/actions/github-script) from 7.0.1 to 9.0.0. - [Release notes](https://github.com/actions/github-script/releases) - [Commits](actions/github-script@60a0d83...3a2844b) --- updated-dependencies: - dependency-name: actions/github-script dependency-version: 9.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
LabelsThe following labels could not be found: Please fix the above issues or remove invalid values from |
|
Re-triggering after GOVIND_GITHUB_TOKEN was added to the Dependabot secrets namespace on cueapi-core. The auto-merge job in feature-to-main.yml has been failing since 2026-05-04 because Dep-triggered runs only see the Dependabot-namespace secrets, not Actions-namespace. Now fixed; close+reopen forces the workflow to re-run with the new secret in scope. (Automated by cue-pm-pr-watcher per Mike's directive.) |
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
mikemolinet
left a comment
mikemolinet
left a comment
There was a problem hiding this comment.
Auto-approving Dependabot batch — CI checks (test + sdk-integration) are the binding gate; this satisfies branch-protection's review requirement so native auto-merge can complete the cycle. (Approval by cue-pm-pr-watcher under Mike's directive 2026-05-06.)
dependabot
Bot
deleted the
dependabot/github_actions/actions/github-script-9.0.0
branch
…parity port of cueapi/cueapi#623) (#77) Re-port of closed [PR #46](#46) which was on a stale base ~8900 deletions behind main. Fresh against current main HEAD. Closes §13 / Phase 12.1.7 — messages-side complement to the cue-fire send_at shipped in PR #618 (which still needs its own re-port). ## What lands - **alembic/versions/030_message_send_at.py** (renumbered from private's 047) Adds `messages.send_at TIMESTAMPTZ NULL` + partial index `ix_messages_send_at` (WHERE send_at IS NOT NULL) built CONCURRENTLY so the index creation doesn't take an ACCESS EXCLUSIVE lock on the messages table during deploy. Existing rows default to NULL = "send now". - **app/models/message.py** — adds `send_at` Column. - **app/schemas/message.py** — `send_at: Optional[datetime]` on MessageCreate + MessageResponse. - **app/routers/messages.py** — passes `send_at=body.send_at` into `create_message`. - **app/services/inbox_service.py** — gates inbox query AND queued→delivered transition UPDATE with `send_at IS NULL OR send_at <= now()`. Scheduled messages are invisible until their time; the atomic poll-fetch transition skips them too. - **app/services/message_service.py** — `create_message` plumbs `send_at` into both `Message.send_at` and `DispatchOutbox.scheduled_at`. Past timestamps are forgiving fallback (treated as send-now). `to_response_dict` surfaces the persisted value. - **tests/test_message_send_at.py** — 7 new tests verbatim from private cueapi covering all 7 semantic paths (omitted, future-invisible, outbox-scheduled, past-fallback, becomes-visible- after-pass, sender-view-shows-it, invalid-timestamp). - **parity-manifest.json** — new entry for migration 030 under `message-send-at-port (private #623)`. ## Wire format `send_at` flows in the BODY of `POST /v1/messages` (server contract: `MessageCreate.send_at`). Same shape as cue-fire `send_at` (PR #618). NULL = send now (default). Future timestamp = inbox-gate + DispatchOutbox.scheduled_at. Past timestamp = forgiving send-now. ## Tests 7/7 new tests pass locally. Full local suite: 836 passed + 18 xfailed (pre-existing) + 3 skipped. Zero regressions. ## Sibling ports - cli, mcp, python, action sides shipped via session 2 (2026-05-10): cueapi-cli #48, cueapi-mcp #33, cueapi-python (private), cueapi-action #12. This is the cueapi-core (OSS server) side that was still missing. ## Re-port note Re-port of closed PR #46. That branch was ~8900 deletions behind main; fresh port against current main HEAD (after PR #74 + #75 merged earlier in this session).
2 participants
Bumps actions/github-script from 7.0.1 to 9.0.0.
Release notes
Sourced from actions/github-script's releases.
... (truncated)
Commits
3a2844bMerge pull request #700 from actions/salmanmkc/expose-getoctokit + prepare re...ca10bbdfix: use@octokit/core/types import for v7 compatibility86e48e2merge: incorporate main branch changesc108472chore: rebuild dist for v9 upgrade and getOctokit factoryafff112Merge pull request #712 from actions/salmanmkc/deployment-false + fix user-ag...ff8117eci: fix user-agent test to handle orchestration ID81c6b78ci: use deployment: false to suppress deployment noise from integration tests3953cafdocs: update README examples from@v8to@v9, add getOctokit docs and v9 brea...c17d55bci: add getOctokit integration test joba047196test: add getOctokit integration tests via callAsyncFunctionDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)