chore: merge main into dependency-cooldown branch and fix audit vulnerabilities#97
Draft
Copilot wants to merge 13 commits intoclaude/dependency-breach-cooldown-bagsGfrom
Draft
Conversation
zghalintで確立した設定とスキルをreview-codecommit向けに適応して移植: - settings.json: effortLevel, language, SessionStartフック(bun install), permissions - update-plan skill: プランモード検証スキル(既存update-designの10カテゴリ評価を流用) https://claude.ai/code/session_01A8TVGsDKAQwp8GJnDiP9B5
Add design document for line number gutter display and ]c/[c change navigation. Covers component design, state transitions, edge cases, TDD strategy, and consistency checks against existing design docs. https://claude.ai/code/session_019VGi6GMhSS1eT3HbDbCPzd
Address 6 review findings (2 P1, 4 P2): - P1: Fix formatGutter truthiness check to use !== undefined - P1: Add pendingBracket visual feedback design in footer - P2: Document n/N vs ]c/[c wrap-around behavior difference - P2: Add timeout-less UX impact analysis for 2-key sequence - P2: Add commit view line number gutter to edge case table - P2: Add roadmap.md update to out-of-scope section https://claude.ai/code/session_015NbnHYsXMH45WpAakjZoki
Add before/after line numbers to add, delete, and context diff lines using a dimColor gutter format (e.g. " 3 4 │ "). Header and comment lines are unaffected. https://claude.ai/code/session_015NbnHYsXMH45WpAakjZoki
Add Vim-style ]c (next change) and [c (previous change) keybindings to jump between add/delete lines in the PR detail diff view. Uses a pendingBracket state for 2-key sequence handling with visual feedback in the footer. https://claude.ai/code/session_015NbnHYsXMH45WpAakjZoki
Update requirements.md, roadmap.md, README.md, and design doc to reflect the implemented line number gutter and ]c/[c change line jump features. https://claude.ai/code/session_015NbnHYsXMH45WpAakjZoki
Add overrides for smol-toml (>=1.6.1), vite (>=7.3.2), and picomatch (>=4.0.4) to fix 8 audit vulnerabilities (4 high, 4 moderate). Create bunfig.toml with minimumReleaseAge=604800 (7 days) as supply chain attack mitigation. https://claude.ai/code/session_01MyQde86BJvKTRRWRCumL5j
Co-authored-by: watany-dev <76135106+watany-dev@users.noreply.github.com>
Agent-Logs-Url: https://github.com/watany-dev/review-codecommit/sessions/2b66be8f-e9cf-4296-b8fa-b101d7975d15 Co-authored-by: watany-dev <76135106+watany-dev@users.noreply.github.com>
Copilot created this pull request from a session on behalf of
watany-dev
April 30, 2026 08:03
View session
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
PR #92 had merge conflicts with
main(which had advanced through PRs #93–#96) and two new audit vulnerabilities surfaced after the merge.Conflict resolution
bunfig.toml: keptminimumReleaseAgeExcludesfrommainalongside the existingminimumReleaseAge = 604800package.json/bun.lock: mergedviteoverride frommainwithsmol-tomlandpicomatchoverrides from the PR branchAudit fixes
Two vulnerabilities exposed after the merge:
fast-xml-parser— bumped override floor from>=5.5.7→>=5.7.0(GHSA-gh4j-gqv2-49f6)postcss— added override>=8.5.10(GHSA-qx2v-qp2m-jg93)