Skip to content

Bump backend dependencies, run codespell #8507

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Apr 9, 2025
Merged

Bump backend dependencies, run codespell #8507

merged 3 commits into from
Apr 9, 2025

Conversation

fm3
Copy link
Member

@fm3 fm3 commented Apr 7, 2025
edited
Loading

Some housekeeping

Steps to test:

  • CI should be enough
  • Maybe install a dev deployment and annotate some.
  • I also tested that I can still load a dataset from Google Cloud Storage
  • Updated changelog
  • Needs datastore update after deployment

@fm3 fm3 self-assigned this Apr 7, 2025
@coderabbitai coderabbitai
Copy link
Contributor

coderabbitai bot commented Apr 7, 2025
edited
Loading

📝 Walkthrough

Walkthrough

This pull request makes several configuration and dependency updates. The changes include modifications to the spell-check configuration, an addition to the changelog for backend dependency upgrades, updates to Scala, SBT, and plugin versions in the build system, and multiple dependency version bumps. In addition, minor comment corrections were made in both JavaScript and SQL schema files to improve clarity. No public API declarations were altered.

Changes

File(s) Change Summary
.codespellrc Appended a JSON file pattern to skip and added "DoubleClick" to the ignore-words-list.
CHANGELOG.unreleased.md Added a new unreleased entry noting backend dependency upgrades.
build.sbt, project/build.properties, project/plugins.sbt Upgraded Scala (2.13.14 → 2.13.16), Scapegoat (2.1.6 → 3.1.8), SBT (1.10.1 → 1.10.11), and updated various SBT plugins (Play, Buildinfo, Scalafmt, Scapegoat).
project/Dependencies.scala Updated dependency versions including Brotli, Play Framework, commons libraries, Google Cloud Storage, Slick, and PostgreSQL.
frontend/…/jobs.ts, frontend/…/utils.glsl.ts Corrected comments by changing "arithmetics" to "arithmetic" for improved clarity.
tools/postgres/schema.sql Fixed comment typos by correcting "commited" to "committed" in transaction state descriptions.

Suggested reviewers

  • normanrz
  • frcroth

Poem

I'm a rabbit skipping through code so fine,
Hopping over changes line by line.
From configs to dependencies, a merry parade,
Corrections and upgrades, a brigade well-laid.
With every hop and tweak I cheer—
A carrot-filled commit, bringing code cheer!
🐇🥕

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between b4ab9f3 and ef72260.

📒 Files selected for processing (1)
  • CHANGELOG.unreleased.md (1 hunks)
🚧 Files skipped from review as they are similar to previous changes (1)
  • CHANGELOG.unreleased.md
⏰ Context from checks skipped due to timeout of 90000ms (1)
  • GitHub Check: circleci_build
🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Generate unit testing code for this file.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai generate unit testing code for this file.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and generate unit testing code.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai generate docstrings to generate docstrings for this PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai plan to trigger planning for file edits and PR creation.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

@coderabbitai coderabbitai
Copy link
Contributor

coderabbitai bot commented Apr 7, 2025

Important

Review skipped

Draft detected.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share
🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Generate unit testing code for this file.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai generate unit testing code for this file.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and generate unit testing code.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai generate docstrings to generate docstrings for this PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai plan to trigger planning for file edits and PR creation.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

@fm3 fm3 marked this pull request as ready for review April 7, 2025 14:54
coderabbitai[bot]
coderabbitai bot reviewed Apr 7, 2025
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

🧹 Nitpick comments (2)
frontend/javascripts/oxalis/shaders/utils.glsl.ts (1)

384-387: Refined Comment for Clarity in Large Interval Scaling

The comment on line 386 has been updated from "doing further arithmetics" to "doing further arithmetic." This minor editorial change improves the grammatical correctness and clarity of the code without impacting functionality.

tools/postgres/schema.sql (1)

357-367: Enhanced Spelling in Enum Comments

The comments describing the transaction and credit states in the schema have been updated to fix misspellings (e.g., "committed" now appears where "commited" was previously used). These adjustments—such as in the descriptions for the "Complete," "Spent," and "Refunded" states—are purely editorial but enhance the overall readability and professionalism of the database schema documentation.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between da1a95f and b4ab9f3.

📒 Files selected for processing (9)
  • .codespellrc (1 hunks)
  • CHANGELOG.unreleased.md (1 hunks)
  • build.sbt (1 hunks)
  • frontend/javascripts/admin/api/jobs.ts (1 hunks)
  • frontend/javascripts/oxalis/shaders/utils.glsl.ts (1 hunks)
  • project/Dependencies.scala (3 hunks)
  • project/build.properties (1 hunks)
  • project/plugins.sbt (1 hunks)
  • tools/postgres/schema.sql (1 hunks)
⏰ Context from checks skipped due to timeout of 90000ms (1)
  • GitHub Check: circleci_build
🔇 Additional comments (18)
frontend/javascripts/admin/api/jobs.ts (1)

78-84: Editorial Correction in JobCreditCostInfo Comment

The comment for the JobCreditCostInfo type now correctly uses "arithmetic" (instead of the previous "arithmetics") when describing that the front-end should not perform any arithmetic operations on the cost value. This refinement improves the documentation clarity.

project/build.properties (1)

1-1: SBT version update looks good.

This update from SBT 1.10.1 to 1.10.11 represents a minor version bump that likely includes bug fixes and performance improvements.

.codespellrc (2)

3-3: Skip pattern addition looks good.

Adding the JSON files in the migration-unified-annotation-versioning directory to the skip list makes sense to avoid false positives in technical content.

6-6: Word addition to ignore list looks good.

Adding 'DoubleClick' to the ignore-words-list is appropriate as it's a valid technical term in UI/UX contexts that might otherwise be flagged as a spelling error.

CHANGELOG.unreleased.md (1)

18-18: Changelog entry is appropriate.

The added entry accurately documents the backend dependency upgrades and properly references the PR number, providing clear information for users about the improvements.

build.sbt (2)

4-4: Scala version update looks good.

Updating from Scala 2.13.14 to 2.13.16 is a minor version bump that should maintain compatibility while providing bug fixes and improvements.

5-5:

✅ Verification successful

Verify Scapegoat compatibility.

The update from Scapegoat 2.1.6 to 3.1.8 is a major version change that might introduce new static analysis rules or change existing ones.

🏁 Script executed:

#!/bin/bash
# Check for any CI build logs that might show Scapegoat-related issues
echo "Checking for any build logs with Scapegoat warnings or errors..."

# Look for Scapegoat configuration to ensure it's compatible with the new version
echo "Checking Scapegoat configuration..."
rg -A 3 "scapegoat" --type scala
rg "scapegoatDisabledInspections" --type sbt

# Check if there are any mentions of Scapegoat in the project plugins
echo "Checking Scapegoat plugin configuration..."
cat project/plugins.sbt | grep -i scapegoat

Length of output: 1428

Scapegoat Compatibility Verified

The Scapegoat upgrade to 3.1.8 in build.sbt appears correctly integrated. The configuration (including settings like scapegoatDisabledInspections and scapegoatIgnoredFiles) remains in place, and the Scapegoat plugin in project/plugins.sbt is still declared appropriately. Please double-check the 3.1.8 release notes to ensure that any newly introduced static analysis rules are adequately managed or explicitly disabled if needed.

project/plugins.sbt (4)

2-2: LGTM - Play SBT plugin updated to 3.0.7

This minor version update to the Play Framework SBT plugin (3.0.5 → 3.0.7) aligns with the corresponding Play dependency update in Dependencies.scala.

11-11: LGTM - Scalafmt plugin updated

This patch version update (2.5.2 → 2.5.4) likely contains bug fixes and improvements.

14-14: LGTM - Scapegoat plugin updated to 1.2.12

This update from version 1.2.4 to 1.2.12 likely includes multiple bug fixes and improvements.

5-5:

✅ Verification successful

Verify compatibility with SBT Buildinfo 0.13.0

This update spans two minor versions (0.11.0 → 0.13.0), which could potentially include breaking changes or new configuration requirements.

🏁 Script executed:

#!/bin/bash
# Check for any breaking changes or migration guides in the sbt-buildinfo releases
echo "Checking for sbt-buildinfo release notes..."
curl -s https://api.github.com/repos/sbt/sbt-buildinfo/releases | jq -r '.[] | select(.tag_name=="v0.13.0" or .tag_name=="v0.12.0") | {version: .tag_name, body: .body}'

Length of output: 1689

SBT Buildinfo 0.13.0 Compatibility Verified

The release notes confirm that v0.13.0 mainly introduces a refactor to remove the deprecated java.net.URL constructor and adds cross-publishing support for both sbt 1.x and sbt 2.x (M2). There are no additional breaking changes or new configuration requirements for sbt 1.x users transitioning from earlier versions. If you are using sbt 2.x, please review the provided migration notes.

project/Dependencies.scala (7)

6-6: LGTM - Brotli library updated

Minor version bump for the Brotli compression library from 1.16.0 to 1.17.0.

12-12: LGTM - Play Framework updated to 3.0.7

This patch version update for Play aligns with the corresponding SBT plugin update in plugins.sbt.

18-18: LGTM - Commons IO updated to 2.17.0

Minor version update for Apache Commons IO from 2.16.1 to 2.17.0.

61-61: Google Cloud Storage updated with successful verification

This update spans three minor versions (2.40.1 → 2.43.1), but the PR description confirms that the functionality was tested: "Tested that we can still load a dataset from Google Cloud Storage".

65-65: LGTM - Commons Compress updated to 1.27.1

Minor version update for Apache Commons Compress from 1.26.1 to 1.27.1.

101-107: LGTM - Slick and PostgreSQL libraries updated

Good practice to update all related Slick libraries (slick, slick-hikaricp, slick-codegen) to the same consistent version 3.5.2. The PostgreSQL driver is also updated to the latest patch version.

20-20:

❓ Verification inconclusive

Verify Commons Lang3 compatibility with 3.17.0

This update spans two minor versions (3.15.0 → 3.17.0), which might include more significant changes.

🏁 Script executed:

#!/bin/bash
# Check for breaking changes in commons-lang3 between versions 3.15.0 and 3.17.0
echo "Checking for Apache Commons Lang3 releases..."
curl -s https://api.github.com/repos/apache/commons-lang/releases | jq -r '.[] | select(.tag_name=="rel/commons-lang-3.17.0" or .tag_name=="rel/commons-lang-3.16.0") | {version: .tag_name, body: .body}'

Length of output: 305

Action: Confirm compatibility of Apache Commons Lang3 3.17.0
I ran the release note query for versions 3.16.0 and 3.17.0, which did not reveal any explicit breaking changes. However, since this update spans from 3.15.0 to 3.17.0, please ensure that your integration and regression tests cover any subtle differences in behavior. If your test suite passes without issues, the upgrade should be safe.

@fm3 fm3 requested a review from frcroth April 7, 2025 14:59
@fm3 fm3 merged commit 20248a8 into master Apr 9, 2025
3 checks passed
@fm3 fm3 deleted the codespell-and-backend-deps branch April 9, 2025 07:43
@coderabbitai coderabbitai bot mentioned this pull request May 28, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@frcroth frcroth frcroth approved these changes

Assignees

@fm3 fm3

Labels
backend enhancement refactoring
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@fm3 @frcroth