Skip to content

fix: bump node-forge version #4386

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
mergify merged 2 commits into from
Dec 9, 2025
Merged

fix: bump node-forge version #4386

mergify merged 2 commits into from
Dec 9, 2025

Conversation

@tjiang-box
Copy link
Collaborator

@tjiang-box tjiang-box commented Dec 8, 2025
edited by coderabbitai bot
Loading

Summary by CodeRabbit

  • Chores
    • Updated dependency resolution to pin a cryptographic library to version 1.3.2 to ensure consistent installations.
    • Preserved the existing local dev tooling worker directory configuration.

✏️ Tip: You can customize this high-level summary in your review settings.

@tjiang-box tjiang-box requested a review from a team as a code owner December 8, 2025 18:44
@coderabbitai
Copy link
Contributor

coderabbitai bot commented Dec 8, 2025
edited
Loading

Walkthrough

Adds a top-level resolutions field to package.json to pin node-forge to version 1.3.2 while keeping the existing msw.workerDirectory entry. No other functional code changes.

Changes

Cohort / File(s) Change Summary
Dependency resolution update
package.json		 Added top-level resolutions field to enforce node-forge version 1.3.2; preserved existing msw.workerDirectory entry.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

  • Areas to spot-check:
    • package.json — verify resolutions syntax and value ("node-forge": "1.3.2").
    • CI / install logs — confirm the resolution takes effect and no unexpected dependency conflicts occur.

Suggested labels

ready-to-merge

Suggested reviewers

  • tjuanitas
  • jpan-box

Poem

🐰 I nibbled through package.json tonight,
I pinned the forge to make things right.
Quiet hops, a tidy line,
Dependencies snug at 1.3.2 — all fine.
A little thump for stable light.

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)
Check name Status Explanation Resolution
Description check ⚠️ Warning The PR description contains only the HTML comment template without substantive information about the node-forge version change, its rationale, or impact. Add specific details explaining why node-forge 1.3.2 is needed, what issue it resolves, and any testing performed to verify the fix.
✅ Passed checks (2 passed)
Check name Status Explanation
Title check ✅ Passed The title 'fix: bump node-forge version' directly matches the changeset, which adds a resolutions field to force node-forge to version 1.3.2.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
✨ Finishing touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between f9c2f62 and 06a701e.

⛔ Files ignored due to path filters (1)
  • yarn.lock is excluded by !**/yarn.lock, !**/*.lock
📒 Files selected for processing (1)
  • package.json (1 hunks)
🚧 Files skipped from review as they are similar to previous changes (1)
  • package.json
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)
  • GitHub Check: lint_test_build
  • GitHub Check: Summary

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

coderabbitai[bot]
coderabbitai bot reviewed Dec 8, 2025
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 5653500 and c849eb6.

⛔ Files ignored due to path filters (1)
  • yarn.lock is excluded by !**/yarn.lock, !**/*.lock
📒 Files selected for processing (1)
  • package.json (1 hunks)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)
  • GitHub Check: lint_test_build
  • GitHub Check: Summary

reneshen0328
reneshen0328 previously approved these changes Dec 8, 2025
View reviewed changes
coderabbitai[bot]
coderabbitai bot reviewed Dec 8, 2025
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between c849eb6 and f9c2f62.

⛔ Files ignored due to path filters (1)
  • yarn.lock is excluded by !**/yarn.lock, !**/*.lock
📒 Files selected for processing (1)
  • package.json (1 hunks)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)
  • GitHub Check: lint_test_build
  • GitHub Check: Summary

reneshen0328
reneshen0328 previously approved these changes Dec 8, 2025
View reviewed changes
tjuanitas
tjuanitas previously approved these changes Dec 8, 2025
View reviewed changes
@tjiang-box tjiang-box dismissed stale reviews from tjuanitas and reneshen0328 via 738ef03 December 9, 2025 16:40
@mergify mergify bot added the queued label Dec 9, 2025
@mergify
Copy link
Contributor

mergify bot commented Dec 9, 2025
edited
Loading

Merge Queue Status

✅ The pull request has been merged at 738ef03

This pull request spent 8 minutes 17 seconds in the queue, with no time running CI.
The checks were run in-place.

Required conditions to merge
  • #approved-reviews-by >= 1 [🛡 GitHub branch protection]
  • #changes-requested-reviews-by = 0 [🛡 GitHub branch protection]
  • #review-threads-unresolved = 0 [🛡 GitHub branch protection]
  • branch-protection-review-decision = APPROVED [🛡 GitHub branch protection]
  • any of [🛡 GitHub branch protection]:
    • check-success = Summary
    • check-neutral = Summary
    • check-skipped = Summary
  • any of [🛡 GitHub branch protection]:
    • check-success = lint_test_build
    • check-neutral = lint_test_build
    • check-skipped = lint_test_build
  • any of [🛡 GitHub branch protection]:
    • check-success = license/cla
    • check-neutral = license/cla
    • check-skipped = license/cla
  • any of [🛡 GitHub branch protection]:
    • check-success = lint_pull_request
    • check-neutral = lint_pull_request
    • check-skipped = lint_pull_request

@mergify mergify bot merged commit 5f46b8b into box:master Dec 9, 2025
7 checks passed
@mergify mergify bot removed the queued label Dec 9, 2025
@coderabbitai coderabbitai bot mentioned this pull request Jan 13, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@tjuanitas tjuanitas tjuanitas approved these changes

@reneshen0328 reneshen0328 reneshen0328 approved these changes

Assignees

No one assigned

Labels

ready-to-merge

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@tjiang-box @tjuanitas @reneshen0328