fix(release): include lockfile changes in has_changes()#4020
Closed
Will-hxw wants to merge 1 commit intomodelcontextprotocol:mainfrom
Closed
fix(release): include lockfile changes in has_changes()#4020Will-hxw wants to merge 1 commit intomodelcontextprotocol:mainfrom
Will-hxw wants to merge 1 commit intomodelcontextprotocol:mainfrom
Conversation
has_changes() only considered .py and .ts files, causing packages with only lockfile changes to be skipped during version bump. Now also checks for common lockfile names: uv.lock, package-lock.json, pnpm-lock.yaml, yarn.lock. Fixes #3870
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
has_changes()inscripts/release.pynow also checks for lockfile changes (uv.lock,package-lock.json,pnpm-lock.yaml,yarn.lock) in addition to.pyand.tsfilesWhy
Issue #3870: When a package only has lockfile changes between release tags,
has_changes()returnedFalsebecause it only checked.pyand.tssuffixes. This causedpyproject.tomlversions to be skipped during version bump (e.g.,src/git/stayed at0.6.2instead of the CalVer tag), breaking SBOM/CVE scanners that key off the version field.Fix
Validation
scripts/release.py), no runtime code changesRelated
🤖 Generated with Claude Code