Skip to content

ci: fix vendoring completely#7328

Merged
BridgeAR merged 4 commits intomasterfrom
BridgeAR/2026-01-23-fix-vendoring-completely
Jan 26, 2026
Merged

ci: fix vendoring completely#7328
BridgeAR merged 4 commits intomasterfrom
BridgeAR/2026-01-23-fix-vendoring-completely

Conversation

@BridgeAR
Copy link
Copy Markdown
Member

@BridgeAR BridgeAR commented Jan 24, 2026

The vendoring still had two issues.

  1. Updated dev dependencies should also run the vendoring, since
    these may change how the bundle is minified. This is not taken
    into account.
  2. The artificat generated was added to the repository. That way
    we actually also added the patch file itself to the repository.
    That works once, while creating the second patch would not
    conflict. This is fixed by generating the file outside of the
    repository and only applying ./vendor as patch.
    The patch file is now ignored, to further mitigate the risk for
    this to happen again in case the code is refactored,

@BridgeAR
ci: fix vendoring completely
d91e711 
The vendoring still had two issues.

1. Updated dev dependencies should also run the vendoring, since
   these may change how the bundle is minified. This is not taken
   into account.
2. The artificat generated was added to the repository. That way
   we actually also added the patch file itself to the repository.
   That works once, while creating the second patch would not
   conflict. This is fixed by generating the file outside of the
   repository and only applying ./vendor as patch.
   The patch file is now ignored, to further mitigate the risk for
   this to happen again in case the code is refactored,
@BridgeAR
chore: fix type error and improve error output while bundling
1d6e7d0
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Jan 24, 2026
edited
Loading

Overall package size

Self size: 4.45 MB
Deduped: 5.29 MB
No deduping: 5.29 MB

Dependency sizes | name | version | self size | total size | |------|---------|-----------|------------| | import-in-the-middle | 2.0.3 | 76.87 kB | 808.03 kB | | dc-polyfill | 0.1.10 | 26.73 kB | 26.73 kB |

🤖 This report was automatically generated by heaviest-objects-in-the-universe

@codecov
Copy link
Copy Markdown

codecov bot commented Jan 24, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 86.06%. Comparing base (e6e966d) to head (4aaf00b).
⚠️ Report is 1 commits behind head on master.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #7328      +/-   ##
==========================================
+ Coverage   84.91%   86.06%   +1.14%     
==========================================
  Files         515      515              
  Lines       22221    22221              
==========================================
+ Hits        18870    19125     +255     
+ Misses       3351     3096     -255
Flag Coverage Δ
aiguard-macos 99.09% <ø> (ø)
aiguard-ubuntu 99.09% <ø> (ø)
aiguard-windows 99.09% <ø> (ø)
apm-capabilities-tracing-macos 57.84% <ø> (ø)
apm-capabilities-tracing-ubuntu 57.84% <ø> (ø)
apm-capabilities-tracing-windows 57.45% <ø> (ø)
apm-integrations-child-process 99.19% <ø> (ø)
apm-integrations-couchbase-18 100.00% <ø> (ø)
apm-integrations-couchbase-eol 100.00% <ø> (ø)
appsec-express 62.46% <ø> (ø)
appsec-fastify 58.48% <ø> (ø)
appsec-graphql 53.41% <ø> (ø)
appsec-kafka 43.98% <ø> (ø)
appsec-ldapjs 46.04% <ø> (ø)
appsec-lodash 47.29% <ø> (ø)
appsec-macos ?
appsec-mongodb-core 51.82% <ø> (ø)
appsec-mongoose 50.73% <ø> (ø)
appsec-mysql 54.20% <ø> (ø)
appsec-node-serialize 43.92% <ø> (ø)
appsec-passport 48.10% <ø> (ø)
appsec-postgres 54.55% <ø> (ø)
appsec-sourcing 33.80% <ø> (ø)
appsec-template 43.92% <ø> (ø)
appsec-ubuntu 93.74% <ø> (ø)
appsec-windows 93.74% <ø> (?)
llmobs-ai 52.09% <ø> (ø)
llmobs-anthropic 42.73% <ø> (ø)
llmobs-bedrock 40.06% <ø> (ø)
llmobs-google-genai 45.89% <ø> (ø)
llmobs-langchain 50.15% <ø> (ø)
llmobs-openai 55.62% <ø> (?)
llmobs-vertex-ai 44.48% <ø> (ø)
platform-core 87.23% <ø> (ø)
platform-instrumentations-misc 73.68% <ø> (ø)
platform-shimmer 98.82% <ø> (ø)
platform-unit-guardrails 89.47% <ø> (ø)
profiling-macos 70.74% <ø> (ø)
profiling-ubuntu 70.74% <ø> (ø)
profiling-windows 74.18% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@BridgeAR BridgeAR marked this pull request as ready for review January 24, 2026 13:26
@BridgeAR BridgeAR requested a review from a team as a code owner January 24, 2026 13:26
@pr-commenter
Copy link
Copy Markdown

pr-commenter bot commented Jan 24, 2026
edited
Loading

Benchmarks

Benchmark execution time: 2026-01-26 12:08:37

Comparing candidate commit 4aaf00b in PR branch BridgeAR/2026-01-23-fix-vendoring-completely with baseline commit e6e966d in branch master.

Found 0 performance improvements and 0 performance regressions! Performance is the same for 230 metrics, 30 unstable metrics.

@BridgeAR BridgeAR enabled auto-merge (squash) January 26, 2026 11:59
@BridgeAR BridgeAR disabled auto-merge January 26, 2026 11:59
@BridgeAR BridgeAR enabled auto-merge (squash) January 26, 2026 12:00
@datadog-official
Copy link
Copy Markdown

datadog-official bot commented Jan 26, 2026
edited
Loading

⚠️ Tests

Fix all issues with Cursor

⚠️ Warnings

🧪 2 Tests failed

IAST - overhead-controller - integration "after each" hook for "should report vulnerability only in the first request" from vulnerability sampling algorithm (Datadog) (Fix with Cursor) 
Cannot read properties of undefined (reading 'kill')

TypeError: Cannot read properties of undefined (reading 'kill')
    at Context.<anonymous> (packages/dd-trace/test/appsec/iast/overhead-controller.integration.spec.js:27:10)
    at process.processImmediate (node:internal/timers:504:21)
IAST - overhead-controller - integration vulnerability sampling algorithm "before each" hook for "should report vulnerability only in the first request" from vulnerability sampling algorithm (Datadog) (Fix with Cursor) 
Timeout of 5000ms exceeded. For async tests and hooks, ensure "done()" is called; if returning a Promise, ensure it resolves. (/Users/runner/work/dd-trace-js/dd-trace-js/packages/dd-trace/test/appsec/iast/overhead-controller.integration.spec.js)

Error: Timeout of 5000ms exceeded. For async tests and hooks, ensure "done()" is called; if returning a Promise, ensure it resolves. (/Users/runner/work/dd-trace-js/dd-trace-js/packages/dd-trace/test/appsec/iast/overhead-controller.integration.spec.js)
    at listOnTimeout (node:internal/timers:605:17)
    at process.processTimers (node:internal/timers:541:7)

ℹ️ Info

❄️ No new flaky tests detected

This comment will be updated automatically if new data arrives.
🔗 Commit SHA: 4aaf00b | Docs | Datadog PR Page | Was this helpful? Give us feedback!

@BridgeAR BridgeAR merged commit 9e11e52 into master Jan 26, 2026
786 of 787 checks passed
@BridgeAR BridgeAR deleted the BridgeAR/2026-01-23-fix-vendoring-completely branch January 26, 2026 12:18
dd-octo-sts bot pushed a commit that referenced this pull request Jan 27, 2026
@BridgeAR @rochdev
ci: fix vendoring completely (#7328)
8de6dbf 
The vendoring still had two issues.

1. Updated dev dependencies should also run the vendoring, since
   these may change how the bundle is minified. This is not taken
   into account.
2. The artifact generated was added to the repository. That way
   we actually also added the patch file itself to the repository.
   That works once, while creating the second patch would not
   conflict. This is fixed by generating the file outside of the
   repository and only applying ./vendor as patch.
   The patch file is now ignored, to further mitigate the risk for
   this to happen again in case the code is refactored,

* chore: fix type error and improve error output while bundling
@dd-octo-sts dd-octo-sts bot mentioned this pull request Jan 27, 2026
Merged
BridgeAR added a commit that referenced this pull request Jan 30, 2026
@BridgeAR
ci: fix vendoring completely (#7328)
f6be24e 
The vendoring still had two issues.

1. Updated dev dependencies should also run the vendoring, since
   these may change how the bundle is minified. This is not taken
   into account.
2. The artifact generated was added to the repository. That way
   we actually also added the patch file itself to the repository.
   That works once, while creating the second patch would not
   conflict. This is fixed by generating the file outside of the
   repository and only applying ./vendor as patch.
   The patch file is now ignored, to further mitigate the risk for
   this to happen again in case the code is refactored,

* chore: fix type error and improve error output while bundling
BridgeAR added a commit that referenced this pull request Feb 22, 2026
@BridgeAR
ci: fix vendoring completely (#7328)
a991125 
The vendoring still had two issues.

1. Updated dev dependencies should also run the vendoring, since
   these may change how the bundle is minified. This is not taken
   into account.
2. The artifact generated was added to the repository. That way
   we actually also added the patch file itself to the repository.
   That works once, while creating the second patch would not
   conflict. This is fixed by generating the file outside of the
   repository and only applying ./vendor as patch.
   The patch file is now ignored, to further mitigate the risk for
   this to happen again in case the code is refactored,

* chore: fix type error and improve error output while bundling
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@watson watson watson approved these changes

Assignees

No one assigned

Labels

semver-patch

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@BridgeAR @watson