Bump @percy/cli from 1.30.6 to 1.31.5#1180
Conversation
dependabot
bot
added
dependencies
|
👋 Thanks for contributing! We will assign a reviewer within the next two weeks. In the meantime, please ensure that:
We'll be in touch! 😊 |
rtibblesbot
left a comment
rtibblesbot
left a comment
There was a problem hiding this comment.
Preliminary Dependency Review
Package: @percy/cli 1.30.6 → 1.31.5
Semver risk: Minor
Dependency type: devDependency
CI status: All substantive checks pass (frontend tests, lint, netlify deploy). The only failing check is "Check if author is contributor" — an org governance workflow expected to fail for dependabot.
Branch status: Stale — PR is 77 days old (created Dec 10, 2025). Automatic rebases were disabled after 30 days.
Preliminary Assessment
This is a low-risk minor bump of a dev-only visual testing CLI tool. The version range in package.json (^1.28.7) already accepts 1.31.x, so this PR only updates the lockfile. Key changes in 1.31.x include async DOM serialization for blob URL handling and lazy-loaded image support — backward compatible per the release notes.
However, the branch is stale (>30 days old). While it remains mergeable and CI passes, the lockfile may not reflect the latest transitive dependency state.
Action needed: A maintainer with push access should run
@dependabot rebaseto refresh this branch, after which a full review can proceed.
@rtibblesbot's comments are generated by an LLM, and should be evaluated accordingly
How was this generated?
Reviewed the pull request diff checking for:
- Correctness: bugs, edge cases, undocumented behavior, resource leaks, hardcoded values
- Design: unnecessary complexity, naming, readability, comment accuracy, redundant state
- Architecture: duplicated concerns, minimal interfaces, composition over inheritance
- Testing: behavior-based assertions, mocks only at hard boundaries, accurate coverage
- Completeness: missing dependencies, unupdated usages, i18n, accessibility, security
- Principles: DRY (same reason to change), SRP, Rule of Three (no premature abstraction)
- Checked CI status and linked issue acceptance criteria
- For UI changes: inspected screenshots for layout, visual completeness, and consistency
|
@dependabot rebase |
Bumps [@percy/cli](https://github.com/percy/cli/tree/HEAD/packages/cli) from 1.30.6 to 1.31.5. - [Release notes](https://github.com/percy/cli/releases) - [Commits](https://github.com/percy/cli/commits/v1.31.5/packages/cli) --- updated-dependencies: - dependency-name: "@percy/cli" dependency-version: 1.31.5 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
force-pushed
the
dependabot/npm_and_yarn/percy/cli-1.31.5
branch
from
6a32a79 to
2b78a34
Compare
rtibblesbot
left a comment
rtibblesbot
left a comment
There was a problem hiding this comment.
Low-risk minor bump of @percy/cli (1.30.6 → 1.31.5), devDependency only, lockfile-only change. Branch has been rebased per maintainer request.
CI: Frontend tests, lint, and deploy preview all pass. Percy visual tests are in waiting status — this is expected as it likely requires a Percy token or manual approval to proceed.
1 prior finding(s) resolved. (Stale branch — maintainer ran @dependabot rebase.)
No new issues found.
@rtibblesbot's comments are generated by an LLM, and should be evaluated accordingly
How was this generated?
Compared the current PR state against findings from a prior review:
- Retrieved prior bot reviews deterministically via the GitHub API
- Classified each prior finding as RESOLVED, UNRESOLVED, PARTIALLY_ADDRESSED, or CONTESTED
- Only raised NEW findings for newly introduced code
- Reviewed the pull request diff checking for correctness, design, architecture, testing, completeness, and adherence to DRY/SRP principles
- Checked CI status and linked issue acceptance criteria
2 participants
Bumps @percy/cli from 1.30.6 to 1.31.5.
Release notes
Sourced from
@percy/cli's releases.... (truncated)
Commits
835297c🔖 Release v1.31.5 (#2056)c99f0feBump version to 1.31.5-beta.3 across all packages (#2055)e1d5d3c🔖 Release v1.31.5-beta.2 (#2052)074c9bfBumps version to 1.31.5-beta.1 (#2041)06352b6Release v1.31.5-beta.0 (#2040)ae9af70🔖 v1.31.4 (#2026)a0bd772🔖 v1.31.4-beta.2 (#2025)f277b3d🔖 release v1.31.4-beta.1 (#2022)20314c3Release v1.31.4-beta.0e338d1f🔖 Release v1.31.3 (#2012)You can trigger a rebase of this PR by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)