feat/uis-package-bump-automation

[Frederick-88]

related PRs = https://github.com/InjectiveLabs/injective-uis/pull/21

Summary by CodeRabbit

• Chores
  • Updated the automated package bump workflow to include an additional downstream app target.
  • The new bump job runs on a fresh Ubuntu environment and uses the shared package-bump action, with a post-install command set to keep UI packages in sync.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: aa4b45e1-1652-4d2d-9b9d-c5e032992fc8

📥 Commits

Reviewing files that changed from the base of the PR and between 8525964 and c241e80.

📒 Files selected for processing (1)

• .github/workflows/package-bump.yaml

---

📝 Walkthrough

Walkthrough

The workflow adds a new package-bump-uis job. It runs on ubuntu-latest, uses the shared package-bump action for injective-uis on the dev branch, passes secrets.UIS_GH_TOKEN, and runs pnpm update:injectivelabs as the post-install command.

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Title check	❓ Inconclusive	The title is related to the change but reads like a branch name and is too vague to describe the actual automation added.	Rename it to describe the main change, such as adding UIS package-bump automation to the workflow.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feat/uis-package-bump-automation

---

_{Comment @coderabbitai help to get the list of available commands.}

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.github/workflows/package-bump.yaml:
- Line 150: The package-bump workflow is using a mutable action reference, which
should be locked down for supply-chain safety. Update the
`InjectiveLabs/github-fe/actions/package-bump` usage in the workflow to
reference a full commit SHA instead of `@master`, and keep the action reference
pinned in that step so it cannot drift unexpectedly.
- Around line 144-148: The package-bump-uis job is currently configured to run
independently, unlike the other bump jobs in the workflow. Update the
package-bump-uis job in package-bump.yaml to declare a dependency on
package-bump-layer using the same job naming convention already used by the
surrounding jobs, so the sequencing matches the cross-repo bump flow.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 06a1cc79-f9ab-47f3-8e1e-bba14e8788a7

📥 Commits

Reviewing files that changed from the base of the PR and between 5f79a97 and 8525964.

📒 Files selected for processing (1)

• .github/workflows/package-bump.yaml