rollback fast xml parser#1741
Conversation
|
Warning Rate limit exceeded
To keep reviews running without waiting, you can enable usage-based add-on for your organization. This allows additional reviews beyond the hourly cap. Account admins can enable it under billing. ⌛ How to resolve this issue?After the wait time has elapsed, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout. Please see our FAQ for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: Organization UI Review profile: CHILL Plan: Pro Run ID: ⛔ Files ignored due to path filters (1)
📒 Files selected for processing (2)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Pull request overview
This PR removes the workspace-wide pnpm.overrides constraint for fast-xml-parser (allowing versions <5.7.0 again) and updates AWS SDK dependency versions in the backend, with the corresponding lockfile regeneration.
Changes:
- Remove the
fast-xml-parser@<5.7.0override from the rootpackage.json. - Bump several
@aws-sdk/*dependencies inbackend/package.jsonto^3.1037.0. - Regenerate
pnpm-lock.yaml, introducingfast-xml-parser@5.5.8alongside existing5.7.1and updating multiple AWS/Smithy entries.
Reviewed changes
Copilot reviewed 2 out of 3 changed files in this pull request and generated 3 comments.
| File | Description |
|---|---|
| pnpm-lock.yaml | Reflects override removal and dependency graph updates; currently contains an AWS SDK peer mismatch for DynamoDB packages. |
| package.json | Removes the fast-xml-parser override under pnpm.overrides. |
| backend/package.json | Upgrades AWS SDK packages to ^3.1037.0, which currently conflicts with resolved DynamoDB client version in the lockfile. |
Files not reviewed (1)
- pnpm-lock.yaml: Language not supported
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| "@aws-sdk/client-s3": "^3.1011.0", | ||
| "@aws-sdk/lib-dynamodb": "^3.1011.0", | ||
| "@aws-sdk/s3-request-presigner": "^3.1011.0", | ||
| "@aws-sdk/client-bedrock-runtime": "^3.1037.0", |
There was a problem hiding this comment.
@aws-sdk/lib-dynamodb is bumped to ^3.1037.0, but the lockfile resolves it with @aws-sdk/client-dynamodb@3.1032.0 (peer for lib-dynamodb@3.1037.0 is ^3.1037.0). This peer mismatch can lead to warnings or subtle runtime/type incompatibilities. Align the workspace by upgrading @aws-sdk/client-dynamodb to a compatible version (and/or bump the shared-code package’s AWS SDK versions) so lib-dynamodb and client-dynamodb are on the same minor/patch line.
| "@aws-sdk/client-bedrock-runtime": "^3.1037.0", | |
| "@aws-sdk/client-bedrock-runtime": "^3.1037.0", | |
| "@aws-sdk/client-dynamodb": "^3.1037.0", |
| "@aws-sdk/client-bedrock-runtime": "^3.1037.0", | ||
| "@aws-sdk/client-s3": "^3.1037.0", | ||
| "@aws-sdk/lib-dynamodb": "^3.1037.0", | ||
| "@aws-sdk/s3-request-presigner": "^3.1037.0", |
There was a problem hiding this comment.
The PR title indicates this is a rollback of fast-xml-parser, but this change set also upgrades several AWS SDK packages (and triggers a large pnpm-lock.yaml churn). If the AWS SDK updates are not intentional, consider reverting them and regenerating the lockfile to keep this PR focused; otherwise, please update the PR title/description to reflect the broader dependency upgrade.
| '@aws-sdk/lib-dynamodb': | ||
| specifier: ^3.1011.0 | ||
| version: 3.1032.0(@aws-sdk/client-dynamodb@3.1032.0) | ||
| specifier: ^3.1037.0 | ||
| version: 3.1037.0(@aws-sdk/client-dynamodb@3.1032.0) |
There was a problem hiding this comment.
Lockfile shows @aws-sdk/lib-dynamodb@3.1037.0 being installed with @aws-sdk/client-dynamodb@3.1032.0 (version: 3.1037.0(@aws-sdk/client-dynamodb@3.1032.0)). Since lib-dynamodb@3.1037.0 declares a peer dependency on @aws-sdk/client-dynamodb ^3.1037.0, this resolution is inconsistent. Update dependencies so pnpm resolves a compatible client-dynamodb version (or keep lib-dynamodb at a version compatible with 3.1032.0).
No description provided.