chore: bumping expr dependency

[asoorm]

Summary by CodeRabbit

• Chores
  • Updated dependency versions to include latest patches for improved stability.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

Updated the indirect dependency github.com/expr-lang/expr from v1.17.6 to v1.17.7 across three Go module files. No configuration changes, control flow modifications, or public API alterations.

Changes

Cohort / File(s)	Summary
Dependency version bump demo/go.mod, router-tests/go.mod, router/go.mod	Bumped github.com/expr-lang/expr indirect dependency from v1.17.6 to v1.17.7

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Possibly related PRs

• chore(demo): update demo module router dependencies #2364: Updates the same github.com/expr-lang/expr dependency in module files, representing a continuation of earlier bulk dependency updates.

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Title check	✅ Passed	The title 'bumping expr dependency' directly describes the main change: updating the expr dependency version across multiple go.mod files from v1.17.6 to v1.17.7.

✨ Finishing touches

• 📝 Generate docstrings

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

Router-nonroot image scan passed

✅ No security vulnerabilities found in image:

ghcr.io/wundergraph/cosmo/router:sha-ab3a4bc6b1d37403b8b2e8e279112b9e2e9a8e10-nonroot

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between caaf2bd and 302c7eb.

⛔ Files ignored due to path filters (2)

• router-tests/go.sum is excluded by !**/*.sum
• router/go.sum is excluded by !**/*.sum

📒 Files selected for processing (3)

• demo/go.mod (1 hunks)
• router-tests/go.mod (1 hunks)
• router/go.mod (1 hunks)

🧰 Additional context used

🧠 Learnings (3)

📚 Learning: 2025-09-24T12:54:00.765Z

Learnt from: endigma
Repo: wundergraph/cosmo PR: 2222
File: router-tests/websocket_test.go:2238-2302
Timestamp: 2025-09-24T12:54:00.765Z
Learning: The wundergraph/cosmo project uses Go 1.25 (Go 1.25 minimum), so fmt.Appendf and other newer Go standard library functions are available and can be used without compatibility concerns.

Applied to files:

• demo/go.mod

📚 Learning: 2025-09-24T12:54:00.765Z

Learnt from: endigma
Repo: wundergraph/cosmo PR: 2222
File: router-tests/websocket_test.go:2238-2302
Timestamp: 2025-09-24T12:54:00.765Z
Learning: The wundergraph/cosmo project uses Go 1.25 (Go 1.23+ minimum), so fmt.Appendf and other newer Go standard library functions are available and can be used without compatibility concerns.

Applied to files:

• demo/go.mod

📚 Learning: 2025-08-20T22:13:25.222Z

Learnt from: StarpTech
Repo: wundergraph/cosmo PR: 2157
File: router-tests/go.mod:16-16
Timestamp: 2025-08-20T22:13:25.222Z
Learning: github.com/mark3labs/mcp-go v0.38.0 has regressions and should not be used in the wundergraph/cosmo project. v0.36.0 is the stable version that should be used across router-tests and other modules.

Applied to files:

• router/go.mod
• router-tests/go.mod

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (12)

• GitHub Check: build-router
• GitHub Check: build_test
• GitHub Check: image_scan (nonroot)
• GitHub Check: integration_test (./events)
• GitHub Check: build_push_image
• GitHub Check: integration_test (./. ./fuzzquery ./lifecycle ./modules)
• GitHub Check: integration_test (./telemetry)
• GitHub Check: image_scan
• GitHub Check: build_push_image (nonroot)
• GitHub Check: build_test
• GitHub Check: Analyze (javascript-typescript)
• GitHub Check: Analyze (go)

🔇 Additional comments (2)

demo/go.mod (1)

57-57: Indirect dependency aligned with direct dependencies.

The indirect dependency update is aligned with the patch bump across all modules.

router-tests/go.mod (1)

73-73: Consistent version update across all modules.

The test module's indirect dependency is updated consistently with the main changes.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 43.69%. Comparing base (caaf2bd) to head (302c7eb).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files

@@             Coverage Diff             @@
##             main    #2419       +/-   ##
===========================================
- Coverage   90.55%   43.69%   -46.86%     
===========================================
  Files          16      229      +213     
  Lines        3271    23812    +20541     
  Branches      871        0      -871     
===========================================
+ Hits         2962    10405     +7443     
- Misses        309    12320    +12011     
- Partials        0     1087     +1087     

see 245 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[Noroth]

LGTM