chore: update CI sample update script

[ymc9]

Summary by CodeRabbit

• Chores
  • Updated package update workflow to reference latest versions instead of pre-release versions.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Caution

Review failed

The pull request is closed.

📝 Walkthrough

Walkthrough

Updated the GitHub Actions workflow to reference the latest package tag instead of the next tag, modifying step names, npm install commands, and commit messages accordingly.

Changes

Cohort / File(s)	Summary
Workflow tag reference updates .github/workflows/update-samples.yml	Changed package tag references from @next to @latest across step names, loop comments, npm install commands, and commit messages

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Possibly related PRs

• chore: add sample update workflow #353 — Modifies the same workflow file and updates the package install step tag references
• chore: fix sample update workflow #355 — Updates the same workflow file but targets changes to the generation command execution

Poem

🐰 Hopping through workflows with glee,
From "next" to "latest," we now see,
Fresh packages in place,
At a swifter pace,
The most current release—that's the key! ✨

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch chore/ci-sample-update

---

📜 Recent review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 6891412 and 8181499.

📒 Files selected for processing (1)

• .github/workflows/update-samples.yml

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[claude]

Claude finished @ymc9's task —— View job

---

Code Review for CI Sample Update Script

Review Checklist:

• Read and analyze the workflow file changes
• Check for code quality and best practices
• Identify potential bugs or issues
• Assess performance considerations
• Review security concerns
• Evaluate test coverage implications

Summary

This PR updates the CI workflow to use @latest instead of @next for @zenstackhq package updates in sample repositories. The changes are straightforward and well-executed.

Review Findings

✅ Code Quality & Best Practices

• Clean implementation: The changes are minimal and focused, updating only the necessary strings
• Consistent naming: All references (step name, comments, npm install commands, commit message) are updated consistently
• Clear intent: The change from @next to @latest is semantically correct for stable releases

✅ No Bugs or Issues Identified

• The workflow logic remains sound
• Conditional execution (if: steps.check-package.outputs.exists == 'true') is preserved
• Error handling and empty package checks are maintained
• Git operations follow proper practices with user configuration

✅ Performance Considerations

• No performance impact: The change doesn't affect workflow execution time
• Efficient package detection: Uses jq for JSON parsing which is appropriate
• Matrix strategy: Properly uses fail-fast: false to allow independent repo updates

✅ Security Assessment

• Token usage: Properly uses secrets.PAT_TOKEN for authentication
• Permissions: Maintains minimal contents: read permissions for the main job
• Git configuration: Uses appropriate bot credentials for commits
• No sensitive data exposure: Workflow doesn't leak sensitive information

✅ Workflow Robustness

• Conditional execution: Only runs when repos are found (if: ${{ needs.update-samples.outputs.repos != '[]' }})
• Package existence check: Validates package.json exists before Node.js operations
• Change detection: Only commits when actual changes are detected
• Proper error handling: Each step can fail independently without breaking the entire workflow

Recommendation

✅ APPROVE - This is a well-implemented change that correctly updates the workflow to use stable releases instead of pre-release versions. The implementation is thorough, consistent, and maintains all existing safeguards.

The change aligns with typical release workflows where sample repositories should track stable releases rather than pre-release versions, ensuring users get working examples with tested functionality.

---

[Copilot]

Pull request overview

This PR updates the CI workflow for sample repositories to use the "latest" npm distribution tag instead of "next" when updating @zenstackhq packages. This is a straightforward refactoring that changes the target version for automated package updates.

• Changed npm install commands from @next to @latest tag
• Updated all associated comments, step names, and commit messages for consistency

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.