Skip to content

release: v2.6.8 (#1142) #1143

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Sep 30, 2025
Merged

release: v2.6.8 (#1142) #1143

merged 2 commits into from
Sep 30, 2025

Conversation

@transphorm
Copy link
Member

@transphorm transphorm commented Sep 30, 2025
edited by coderabbitai bot
Loading

  • update readme

  • fix ios deploy pipeline

  • kick off during staging merge

Summary by CodeRabbit

  • Documentation

    • README updated to add Aadhaar support, expanded FAQ/coverage details, and refreshed project ideas.

  • Chores

    • CI/workflows standardized caching, added internal repo authentication, updated deploy triggers and added CI triggers for the mobile SDK package.
    • Android demo build environment updated (NDK version bump).

  • Breaking Changes

    • SDK: analytics tracking is now synchronous; a previously exposed proving state field has been removed.

@transphorm
fix ios deploy workflow for v2.6.8 (#1142)
cac9659 
* update readme

* fix ios deploy pipeline

* kick off during staging merge
@coderabbitai
Copy link
Contributor

coderabbitai bot commented Sep 30, 2025
edited
Loading

Walkthrough

Updates CI/CD workflows to add staging triggers, standardize gem caching around Gemfile.lock with a consolidated cache-version, and inject SELFXYZ_INTERNAL_REPO_PAT for authenticated internal repo access. Docs updated to add Aadhaar; mobile SDK alpha API/state and an Android NDK version bump were also changed.

Changes

Cohort / File(s) Summary of Changes
Auto-deploy workflow
.github/workflows/mobile-deploy-auto.yml		 Trigger branches changed to include staging; deployment track mapping updated so staging maps to internal testing while main remains production.
Mobile deploy workflow (caching & auth)
.github/workflows/mobile-deploy.yml		 Replaced multi-key restore approach with lock-file: app/Gemfile.lock + consolidated cache-version; added SELFXYZ_INTERNAL_REPO_PAT env to iOS/Android dependency steps; unified gem cache handling across iOS/Android.
E2E / demo CI workflows
.github/workflows/mobile-e2e.yml, .github/workflows/mobile-sdk-demo-ci.yml		 Added path filters for packages/mobile-sdk-alpha/** to pull_request triggers so changes in the alpha package run CI/E2E.
Docs
README.md		 Added Aadhaar to supported documents and FAQ; updated coverage/FAQ wording and project idea examples.
Mobile SDK (API)
packages/mobile-sdk-alpha/src/client.ts		 trackEvent changed from async Promise<void> to synchronous void; internal adapter reference switched to _adapters.analytics and call no longer returns a promise (public API signature changed).
State initialization
packages/mobile-sdk-alpha/src/proving/provingMachine.ts		 Removed selfApp field from the exported/initial ProvingState (no longer initialized in the store return).
Android demo build
packages/mobile-sdk-demo/android/build.gradle		 Bumped ndkVersion in buildscript ext from 27.0.1171801427.0.12077973.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  actor Dev
  participant GH as GitHub Actions
  participant Cache as Cache Service
  participant iOS as iOS Build Steps
  participant Android as Android Build Steps
  participant Internal as Internal Repo (PAT)

  Dev->>GH: Push to staging or main
  alt push to staging
    GH->>GH: Trigger mobile-deploy-auto.yml (staging)
    GH->>iOS: Run iOS build steps (uses SELFXYZ_INTERNAL_REPO_PAT)
    iOS->>Cache: Restore gems via Gemfile.lock + cache-version
    GH->>Android: Run Android install deps (uses SELFXYZ_INTERNAL_REPO_PAT)
    Android->>Cache: Restore gems via Gemfile.lock + cache-version
    GH->>GH: Deploy to internal testing track
  else push to main
    GH->>GH: Trigger mobile-deploy-auto.yml (main)
    GH->>iOS: Build + deps (PAT + cache)
    GH->>Android: Build + deps (PAT + cache)
    GH->>GH: Deploy to production track
  end
  Note over Cache: Single-source cache key derived from Gemfile.lock + cache-version
Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

Suggested labels

codex

Suggested reviewers

  • remicolin
  • aaronmgdr
  • shazarre

Poem

Staging wakes, the CI fleet sings,
Locks and caches tighten strings.
PATs open the private gate,
Docs now list Aadhaar on the slate.
Small edits hum — builds align, deploys take flight.

Pre-merge checks and finishing touches

❌ Failed checks (1 warning, 1 inconclusive)
Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 33.33% which is insufficient. The required threshold is 80.00%. You can run @coderabbitai generate docstrings to improve docstring coverage.
Title Check ❓ Inconclusive The provided title “release: v2.6.8 (#1142)” is too generic and only indicates a version bump without summarizing the key changes such as the README updates, iOS pipeline fixes, and staging merge triggers, so it does not clearly convey the primary purpose of this pull request. Please revise the title to succinctly reflect the main changes—such as fixing the iOS deploy pipeline, updating documentation, and enabling staging triggers for version 2.6.8—so reviewers can immediately grasp the PR’s intent.
✅ Passed checks (1 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
✨ Finishing touches
  • 📝 Generate Docstrings
🧪 Generate unit tests
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch dev

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share
🧪 Early access (Sonnet 4.5): enabled

We are currently testing the Sonnet 4.5 model, which is expected to improve code review quality. However, this model may lead to increased noise levels in the review comments. Please disable the early access features if the noise level causes any inconvenience.

Note:

  • Public repositories are always opted into early access features.
  • You can enable or disable early access features from the CodeRabbit UI or by updating the CodeRabbit configuration file.

Comment @coderabbitai help to get the list of available commands and usage tips.

coderabbitai[bot]
coderabbitai bot reviewed Sep 30, 2025
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

🧹 Nitpick comments (1)
README.md (1)

23-23: Consider adjusting heading hierarchy for better document structure.

The heading jumps from h2 to h4, which can impact accessibility and document navigation. Consider changing #### Is my document supported? to ### Is my document supported? (using h3 instead of h4).

As per static analysis tools (markdownlint).

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 8b164eb and cac9659.

📒 Files selected for processing (3)
  • .github/workflows/mobile-deploy-auto.yml (2 hunks)
  • .github/workflows/mobile-deploy.yml (3 hunks)
  • README.md (3 hunks)
🧰 Additional context used
📓 Path-based instructions (1)
.github/workflows/**/*.{yml,yaml}

📄 CodeRabbit inference engine (AGENTS.md)

.github/workflows/**/*.{yml,yaml}: In GitHub Actions workflows, use shared composite caching actions from .github/actions (cache-yarn, cache-bundler, cache-gradle, cache-pods)
Do not call actions/cache directly; rely on the shared composite caching actions
When using cache actions, optionally pass cache-version (often with GH_CACHE_VERSION and tool version) for stable keys

Files:

  • .github/workflows/mobile-deploy-auto.yml
  • .github/workflows/mobile-deploy.yml
🪛 markdownlint-cli2 (0.18.1)
README.md

23-23: Heading levels should only increment by one level at a time
Expected: h3; Actual: h4

(MD001, heading-increment)

🔇 Additional comments (4)
.github/workflows/mobile-deploy-auto.yml (1)

6-6: LGTM! Branch trigger aligned with deployment strategy.

The workflow now correctly triggers on staging merges and maps staging to internal testing track. This aligns with the PR objective to fix the iOS deploy workflow.

Also applies to: 49-52

.github/workflows/mobile-deploy.yml (3)

180-181: LGTM! Caching refactored to use lock-file approach.

The switch from key/restore-keys to lock-file-based caching with app/Gemfile.lock simplifies cache configuration and aligns with the coding guidelines for using shared composite actions.

As per coding guidelines.

729-730: LGTM! Android gems caching consistent with iOS approach.

The caching configuration matches the iOS implementation, providing consistency across both platforms.

As per coding guidelines.

232-232: Ensure SELFXYZ_INTERNAL_REPO_PAT has minimal required scopes
This token is used in your GitHub Actions workflow, iOS Podfile, Android CI build script, and setup-private-modules script to clone private repos—verify it’s scoped to only what’s needed (e.g. read-only contents: read and, if applicable, packages: read) with no extra permissions.

@transphorm transphorm changed the title fix ios deploy workflow for v2.6.8 (#1142) ios test build for v2.6.8 (#1142) Sep 30, 2025
@transphorm
small tweaks to bump build v2.6.8 (#1144)
9ebb916 
* small tweaks to bump build

* also run mobile e2e and mobile sdk changes

* run mobile demo on sdk changes
coderabbitai[bot]
coderabbitai bot reviewed Sep 30, 2025
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

🧹 Nitpick comments (1)
packages/mobile-sdk-alpha/src/client.ts (1)

121-126: Document synchronous, fire-and-forget behavior of trackEvent
trackEvent now matches the AnalyticsAdapter signature by returning void and never throws; no callers await it. Add a brief JSDoc above this method to explain that it’s intentionally fire-and-forget and any adapter errors aren’t propagated.

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between cac9659 and 9ebb916.

📒 Files selected for processing (5)
  • .github/workflows/mobile-e2e.yml (1 hunks)
  • .github/workflows/mobile-sdk-demo-ci.yml (1 hunks)
  • packages/mobile-sdk-alpha/src/client.ts (1 hunks)
  • packages/mobile-sdk-alpha/src/proving/provingMachine.ts (0 hunks)
  • packages/mobile-sdk-demo/android/build.gradle (1 hunks)
💤 Files with no reviewable changes (1)
  • packages/mobile-sdk-alpha/src/proving/provingMachine.ts
✅ Files skipped from review due to trivial changes (1)
  • .github/workflows/mobile-e2e.yml
🧰 Additional context used
📓 Path-based instructions (4)
packages/mobile-sdk-alpha/**/*.{ts,tsx}

📄 CodeRabbit inference engine (packages/mobile-sdk-alpha/AGENTS.md)

packages/mobile-sdk-alpha/**/*.{ts,tsx}: Use strict TypeScript type checking across the codebase
Follow ESLint TypeScript-specific rules
Avoid introducing circular dependencies

Files:

  • packages/mobile-sdk-alpha/src/client.ts
**/*.{js,ts,tsx,jsx,sol,nr}

📄 CodeRabbit inference engine (.cursorrules)

**/*.{js,ts,tsx,jsx,sol,nr}: NEVER log sensitive data including PII (names, DOB, passport numbers, addresses), credentials, tokens, API keys, private keys, or session identifiers.
ALWAYS redact/mask sensitive fields in logs using consistent patterns (e.g., ***-***-1234 for passport numbers, J*** D*** for names).

Files:

  • packages/mobile-sdk-alpha/src/client.ts
packages/mobile-sdk-alpha/**/*.{ts,tsx,js,jsx}

⚙️ CodeRabbit configuration file

packages/mobile-sdk-alpha/**/*.{ts,tsx,js,jsx}: Review alpha mobile SDK code for:

  • API consistency with core SDK
  • Platform-neutral abstractions
  • Performance considerations
  • Clear experimental notes or TODOs

Files:

  • packages/mobile-sdk-alpha/src/client.ts
.github/workflows/**/*.{yml,yaml}

📄 CodeRabbit inference engine (AGENTS.md)

.github/workflows/**/*.{yml,yaml}: In GitHub Actions workflows, use shared composite caching actions from .github/actions (cache-yarn, cache-bundler, cache-gradle, cache-pods)
Do not call actions/cache directly; rely on the shared composite caching actions
When using cache actions, optionally pass cache-version (often with GH_CACHE_VERSION and tool version) for stable keys

Files:

  • .github/workflows/mobile-sdk-demo-ci.yml
🧬 Code graph analysis (1)
packages/mobile-sdk-alpha/src/client.ts (2)
packages/mobile-sdk-alpha/src/index.ts (1)
  • TrackEventParams (27-27)
packages/mobile-sdk-alpha/src/types/public.ts (1)
  • TrackEventParams (60-65)
⏰ Context from checks skipped due to timeout of 300000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (5)
  • GitHub Check: android-build-test
  • GitHub Check: analyze-ios
  • GitHub Check: analyze-android
  • GitHub Check: e2e-ios
  • GitHub Check: build-deps
🔇 Additional comments (1)
packages/mobile-sdk-demo/android/build.gradle (1)

7-7: Approve NDK revision bump to 27.0.12077973 – confirmed this release exists in the official NDK Revision History and no security advisories were found.

@transphorm transphorm changed the title ios test build for v2.6.8 (#1142) release: v2.6.8 (#1142) Sep 30, 2025
@transphorm transphorm merged commit a09ff23 into staging Sep 30, 2025
32 checks passed
@coderabbitai coderabbitai bot mentioned this pull request Sep 30, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@remicolin remicolin Awaiting requested review from remicolin

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@transphorm