Fix template sync after release#5045
Conversation
8c80deb to
2522ab3
Compare
Review or Edit in CodeSandboxOpen the branch in Web Editor • VS Code • Insiders |
🦋 Changeset detectedLatest commit: c3834ee The changes in this PR will be included in the next version bump. This PR includes changesets to release 1 package
Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 2522ab321f
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| cmd = [ | ||
| cursor_bin, | ||
| "--print", | ||
| "--output-format", | ||
| "stream-json" if args.stream_engine_output else "json", | ||
| ] |
There was a problem hiding this comment.
Add workspace trust for headless Cursor runs
When Cursor reviews a repo whose folder/parent has not already been trusted, this command enters --print mode without --trust, so the new Cursor engine can stop at the workspace-trust prompt instead of producing review JSON. I checked Cursor's CLI support thread: it states cursor-agent --help lists --trust, that it works with -p / --print headless mode, and shows cursor-agent -p --trust "your prompt" for one-shot tasks (https://forum.cursor.com/t/trust-for-interactive-cursor-agent-or-auto-trust-new-workspaces-in-cli/162011). Since this helper already pre-filters project-local config before invocation, include/probe --trust for the safe headless path.
Useful? React with 👍 / 👎.
| "class-variance-authority": "0.7.1", | ||
| "clsx": "^2.1.1", | ||
| "lucide-react": "1.20.0", | ||
| "lucide-react": "1.21.0", |
There was a problem hiding this comment.
Move template changes to source inputs
Root AGENTS.md says: “Templates: templates/** is CI-controlled output. Never manually edit or commit template source, manifests, or lockfiles. Fix the source registry, package, or workflow inputs and let CI regenerate templates.” This commit changes generated template files/manifests/lockfiles under templates/** directly, so the next template generation can overwrite these edits while the real source of truth stays stale; put the dependency/skill changes in the registry, preset, or workflow inputs instead and regenerate.
Useful? React with 👍 / 👎.
| if instruction_paths or local_mcp_paths: | ||
| print( | ||
| "cursor isolation warning: Cursor CLI does not document an ignore-rules/safe-mode flag; " | ||
| "trusted project-local surfaces are being allowed explicitly.", | ||
| file=sys.stderr, |
There was a problem hiding this comment.
Disable project Cursor config for reviews
When --cursor-allow-workspace-instructions is used in a repo containing .cursor/cli.json, this branch continues while relying on the temporary global cli-config.json deny list for read-only safety. Cursor support documents that project .cursor/cli.json permissions take precedence over the global config and suggests --disable-project-configs when only global config should apply (https://forum.cursor.com/t/cli-permission-allowlist-written-to-global-config-instead-of-project-level-cursor-cli-json/160343), so a trusted repo's project permissions can override the injected Shell/Write denies and let autoreview run commands or write files. Refuse .cursor/cli.json specifically or disable project configs before invoking Cursor.
Useful? React with 👍 / 👎.
| function getFirstSectionBlock(content, labels) { | ||
| for (const label of labels) { | ||
| const block = getSectionBlock(content, label); | ||
|
|
||
| if (block.trim()) { | ||
| return block; | ||
| } |
There was a problem hiding this comment.
Check every linked-plan section
Because new templates always include a non-empty Linked plans: - None. block, getFirstSectionBlock() returns that block and never inspects a later documented Linked goal plans: or Child plans: section. In that layout, missing or incomplete child plans under the alternate section names pass unchecked even though the skill text says all three section names are followed recursively; merge the links from all matching sections instead of stopping at the first non-empty one.
Useful? React with 👍 / 👎.
| download_to_path "$child_url" "$child_remote" | ||
| rewrite_screencastify_child_playlist "$child_remote" "$child_local" "$prefix" "$auth_query" |
There was a problem hiding this comment.
Resolve HLS segments relative to child playlists
For Screencastify masters where a child playlist lives in a subdirectory, such as video/playlist.m3u8 with segment lines like segment0.ts, the child playlist is downloaded from prefix + child_uri but rewritten with the root prefix for every relative segment. That makes ffmpeg request prefix/segment0.ts instead of prefix/video/segment0.ts, so transcript generation fails for those HLS layouts; pass the child playlist's own directory/base URL into the rewrite step.
Useful? React with 👍 / 👎.
| candidates = [ | ||
| repo / ".cursor" / "mcp.json", | ||
| repo / ".mcp.json", | ||
| repo / "mcp.json", | ||
| ] |
There was a problem hiding this comment.
Block global Cursor MCP config during reviews
This only rejects repo-local MCP files, but Cursor's docs say project MCP lives at .cursor/mcp.json and global MCP lives at ~/.cursor/mcp.json for tools available everywhere, and that Cursor automatically uses available MCP tools when relevant (https://cursor.com/docs/mcp.md). On a machine with a global MCP server configured, the Cursor reviewer can still load those external tools even when the reviewed repo has no local MCP config, bypassing the helper's stated read-only review isolation. Disable global MCP loading or run Cursor with an isolated home/config that also excludes ~/.cursor/mcp.json.
Useful? React with 👍 / 👎.
2522ab3 to
07cdd68
Compare
🐛 Fixes ➖ N/A
🟢 95-100% confidence
@platejs/aiemitted public types referenceaiand@ai-sdk/reacttypes.pnpm check,@platejs/aitypecheck, install, lint, and source audit passed locally.✅ Outcome
aiand@ai-sdk/reactexplicit optional peers of@platejs/aiwhile keeping them as dev dependencies for package builds.@platejs/aichangeset to minor because the public type compatibility contract changed.🏗️ Design
dependenciesbecause@platejs/aihas no runtime import ofaior@ai-sdk/react.🧪 Verified
pnpm installpnpm --filter @platejs/ai typecheckpnpm lint:fixgit diff --checkpnpm checkpackages/ai/package.jsonand.changeset/ai-sdk-v7-chat-types.md