Conversation
Add bundle_dependencies on nold-ai/specfact-code-review for nold-ai/specfact-codebase, refresh registry artifact and index, document install behavior, and add registry/manifest parity tests. OpenSpec change module-bundle-deps-auto-install. Made-with: Cursor
Made-with: Cursor
Add pip_dependencies lists to project, backlog, codebase, spec, and govern manifests (code-review already lists tools). Patch-bump versions, refresh checksums and registry artifacts. Primary work belongs on this feature branch. Made-with: Cursor
- Docs: clarify auto-install wording and bundle_dependencies in code-review overview - OpenSpec: resolve design open question with specfact-cli + official-bundle-tier spec refs - Proposal: impact notes for core_compatibility when bumping bundles - code-review: core_compatibility >=0.44.0 in manifest and registry; refresh artifact - tools/validate_repo_manifests: ensure bundle_dependencies target registry module ids - Tests: manifest helper returns [] when key absent; add bundle_deps validation tests Made-with: Cursor
Use a unique module name when loading tools/validate_repo_manifests.py in tests so sys.modules does not reuse a stale module. Add backward-compatible aliases for underscore-prefixed helpers. Made-with: Cursor
Install pyyaml in the default Hatch env (yaml-lint) and as an extra-dependency for hatch-test so unit tests that exec tools/validate_repo_manifests.py do not fail with ModuleNotFoundError. Made-with: Cursor
…install feat(code-review): declare codebase bundle peer dependency (0.46.0)
chore(registry): publish changed modules
|
Warning Rate limit exceeded
Your organization is not enrolled in usage-based pricing. Contact your admin to enable usage-based pricing to continue reviews beyond the rate limit, or try again in 7 minutes and 18 seconds. ⌛ How to resolve this issue?After the wait time has elapsed, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout. Please see our FAQ for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: ASSERTIVE Plan: Pro Run ID: ⛔ Files ignored due to path filters (7)
📒 Files selected for processing (35)
✨ Finishing Touches🧪 Generate unit tests (beta)
Comment |
…fests Remove _registry_module_ids and _validate_manifest_bundle_dependency_refs; nothing references them and they triggered unused-global findings. Made-with: Cursor
Replace relative links to missing local stubs (debug-logging, directory-structure, feature-keys) with canonical core CLI URLs per the modules/core documentation URL contract. Made-with: Cursor
…-aliases fix(tools): remove unused validate_repo_manifests backward-compat aliases
Docs Review failed on PR #140: links to core docs.specfact.io pages for debug-logging, directory-structure, and feature-keys. Extend ALLOWED_CORE_DOCS_ROUTES to match published specfact-cli permalinks. Made-with: Cursor
Assert debug-logging (with fragment), directory-structure, and feature-keys URLs produce no cross-site-link findings. Made-with: Cursor
docs: link core-owned reference pages via docs.specfact.io
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Merges
dev→mainto publish the module bundle dependencies / pip dependencies work: official bundles declare optionalpip_dependenciesinmodule-package.yaml; code-review declaresbundle_dependencies(depends on codebase), bumpscore_compatibility, and ships a new signed release.tools/validate_repo_manifests.pynow validatesbundle_dependenciesentries againstregistry/index.jsonmodule IDs. PyYAML is added to Hatch default andhatch-testsoyaml-lintand unit tests that load the validator keep working.Registry:
registry/index.json, published tarballs, and checksums were updated incrementally ondevwhile the change landed (not only at the final merge). In particular, code-review was published at0.46.0and then superseded by0.46.1;index.jsonlatest_versionfor code-review is0.46.1with the matching artifact and.tar.sig. Older bundle versions onmainremain superseded by the new rows and files in this diff.Refs:
feature/module-bundle-deps-auto-installmerged todev)Scope
packages/(manifest metadata:pip_dependencies,bundle_dependencies, versions)registry/index.json,packages/*/module-package.yaml).github/workflows/*)docs/*,README.md,AGENTS.md) —docs/bundles/code-review/overview.mdscripts/sign-modules.py,scripts/verify-modules-signature.py)Bundle Impact
List impacted bundles and version updates:
nold-ai/specfact-project:0.41.2→0.41.3nold-ai/specfact-backlog:0.41.16→0.41.17nold-ai/specfact-codebase:0.41.3→0.41.4nold-ai/specfact-spec:0.40.16→0.40.17nold-ai/specfact-govern:0.40.19→0.40.20nold-ai/specfact-code-review:0.45.4→0.46.1(intermediate0.46.0registry artifacts remain inregistry/modules/for history; latest is0.46.1)Validation Evidence
Paste command output snippets or link workflow runs.
Required local gates
hatch run formathatch run type-checkhatch run linthatch run yaml-linthatch run check-bundle-importshatch run contract-testhatch run smart-test(orhatch run test)Signature + version integrity (required)
hatch run verify-modules-signature --require-signature --payload-from-filesystem --enforce-version-bumpCI and Branch Protection
verify-module-signaturesquality (3.11)quality (3.12)quality (3.13)Docs / Pages
docs/)docs-pages.yml, if changed)specfact-clidocs updated (if applicable)Checklist