Conversation
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 2ffef053ee
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| # Update version in package.json | ||
| cd ui/desktop | ||
| npm version ${{ inputs.version }} --no-git-tag-version --allow-same-version | ||
| pnpm version ${{ inputs.version }} --no-git-tag-version --allow-same-version |
There was a problem hiding this comment.
When inputs.version is provided, this step calls pnpm version before the workflow activates Hermit (the toolchain setup happens later in the Activate hermit and set CARGO_HOME step), so release/tag builds can fail immediately with pnpm: command not found on runners that do not have pnpm preinstalled. This makes the Linux desktop bundle path depend on runner image state instead of the repo-managed toolchain.
Useful? React with 👍 / 👎.
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 227e9cf082
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
|
|
||
| - name: Install Dependencies | ||
| run: source ../../bin/activate-hermit && npm ci | ||
| run: source ../../bin/activate-hermit && pnpm install --frozen-lockfile |
There was a problem hiding this comment.
The desktop-lint job now installs dependencies from pnpm-lock.yaml (pnpm install --frozen-lockfile), but the guard step still runs check-lockfile-platforms.sh, which is hardcoded to inspect package-lock.json and npm-specific paths (ui/desktop/scripts/check-lockfile-platforms.sh:2-26). This means CI can report the lockfile check as healthy while the actual lockfile used in builds (pnpm-lock.yaml) is never validated, so cross-platform dependency regressions can slip through until later platform-specific bundle jobs fail.
Useful? React with 👍 / 👎.
1 participant
Summary
Type of Change
AI Assistance
Testing
Related Issues
Relates to #ISSUE_ID
Discussion: LINK (if any)
Screenshots/Demos (for UX changes)
Before:
After: