chore(deps): remove unused @opentelemetry/exporter-jaeger#79
Conversation
Package was never imported in source code. Removing it eliminates dead weight and closes the stale Dependabot PR #74 cleanly. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
|
Warning
|
| Cohort / File(s) | Summary |
|---|---|
Dependency updates package.json |
Bumped @supabase/ssr from ^0.9.0 → ^0.10.2; removed @opentelemetry/exporter-jaeger from devDependencies. No code or public API changes. |
CI workflow .github/workflows/ci.yml |
Upgraded Node.js runtime in jobs from 22 → 24, added npm install -g npm@11 before npm ci, removed key-length logging and hardcoded JWT fallbacks, and changed Supabase key extraction to error and exit (hard failure) when keys are empty. |
Docs/formatting CLAUDE.md |
Minor whitespace/blank-line adjustments in "Active Technologies" and "Recent Changes"; no content changes. |
Estimated code review effort
🎯 3 (Moderate) | ⏱️ ~20 minutes
Poem
🐰 I hopped through deps and CI logs bright,
Bumped a package, set Node to light,
Keys now stern — they must appear,
I nibble code and twitch my ear. 🥕
🚥 Pre-merge checks | ✅ 2 | ❌ 3
❌ Failed checks (2 warnings, 1 inconclusive)
| Check name | Status | Explanation | Resolution |
|---|---|---|---|
| Linked Issues check | Issue #77 (upgrade @supabase/ssr) is addressed; however, Issue #74 (upgrade @opentelemetry/exporter-jaeger to 2.7.0) is resolved by removing the package instead, which contradicts the issue's upgrade requirement. |
Clarify whether removing @opentelemetry/exporter-jaeger entirely was intentional and aligns with issue #74's objectives, or if the package should have been upgraded instead. |
|
| Out of Scope Changes check | Changes to .github/workflows/ci.yml (Node.js 22→24, npm upgrade, hardened key extraction) and CLAUDE.md whitespace are outside the scope of issues #74 (upgrade exporter-jaeger) and #77 (upgrade @supabase/ssr). |
Either align workflow and documentation changes with explicit objectives or defer them to separate PRs focused on CI/documentation updates. | |
| Description check | ❓ Inconclusive | The description covers the root cause, lists key changes, and identifies closed issues, but does not follow the repository's template structure with Type of Change, Related Documents, or Checklist sections. | Consider restructuring the description to match the repository template by adding Type of Change (chore/ci), Related Documents section, and completing the Checklist items. |
✅ Passed checks (2 passed)
| Check name | Status | Explanation |
|---|---|---|
| Title check | ✅ Passed | The title accurately and concisely summarizes the primary change: removal of the unused @opentelemetry/exporter-jaeger dev dependency, matching the main focus of the changeset. |
| Docstring Coverage | ✅ Passed | No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check. |
✏️ Tip: You can configure your own custom pre-merge checks in the settings.
✨ Finishing Touches
🧪 Generate unit tests (beta)
- Create PR with unit tests
- Commit unit tests in branch
chore/remove-unused-jaeger-dep
Comment @coderabbitai help to get the list of available commands and usage tips.
- node-version 22 → 24 (Node 24 LTS, latest stable) - Add 'npm install -g npm@11' in all 3 jobs to match local dev environment (npm 10 vs npm 11 generate incompatible lockfiles — deduplication differs) - Remove hardcoded Supabase demo JWT fallbacks (CWE-321); fail explicitly instead if supabase status does not return keys (supabase CLI ≥ v1.23 always returns keys after supabase start succeeds) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
There was a problem hiding this comment.
🧹 Nitpick comments (1)
.github/workflows/ci.yml (1)
27-29: Consider DRY-ing repeated npm upgrade steps.The same
Upgrade npmstep is duplicated in three jobs. Optional cleanup: extract this setup into a reusable workflow or YAML anchor to reduce maintenance overhead.Also applies to: 60-62, 95-97
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In @.github/workflows/ci.yml around lines 27 - 29, The "Upgrade npm" step is duplicated across three jobs in the CI workflow; replace the repeated step named "Upgrade npm" (the `npm install -g npm@11` step) with a single reusable definition—either extract it into a reusable workflow called by each job or define a YAML anchor/alias for the step and reference that anchor in each job—to avoid repetition and centralize updates.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Nitpick comments:
In @.github/workflows/ci.yml:
- Around line 27-29: The "Upgrade npm" step is duplicated across three jobs in
the CI workflow; replace the repeated step named "Upgrade npm" (the `npm install
-g npm@11` step) with a single reusable definition—either extract it into a
reusable workflow called by each job or define a YAML anchor/alias for the step
and reference that anchor in each job—to avoid repetition and centralize
updates.
CLAUDE.md was previously gitignored; now tracked, prettier check in CI catches formatting issues. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Summary
Root cause of both PRs failing: Dependabot updates
package.jsonbut provides an incomplete lockfile — new transitive deps (magicast@0.3.5, new@opentelemetry/*versions,protobufjs@8.0.1) were missing, causingnpm cito fail with EUSAGE.Changes
@opentelemetry/exporter-jaeger(devDep) — was never imported anywhere insrc/. Dead weight eliminated.@supabase/ssr0.9.0 → 0.10.2 — minor bump, lockfile fully regenerated withnpm install.Closes #74
Closes #77
Test plan
npm run lint— 0 errorsnpm run typecheck— 0 errors🤖 Generated with Claude Code
Summary by CodeRabbit