Skip to content

Release: merge release/solid-logic-202603192325 into main#220

Open
bourgeoa wants to merge 1 commit intomainfrom
release/solid-logic-202603192325
Open

Release: merge release/solid-logic-202603192325 into main#220
bourgeoa wants to merge 1 commit intomainfrom
release/solid-logic-202603192325

Conversation

@bourgeoa
Copy link
Contributor

@bourgeoa bourgeoa commented Mar 19, 2026

Automated stable release preparation.

Copilot AI review requested due to automatic review settings March 19, 2026 23:26
Copilot AI reviewed Mar 19, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Automated stable release merge that adjusts dependency constraints for SolidOS’s solid-logic package and refreshes the npm lockfile accordingly.

Changes:

  • Pin solid-namespace to 0.5.4 (was ^0.5.4).
  • Bump rdflib peer dependency from ^2.3.5 to ^2.3.6.
  • Update package-lock.json to reflect the above, including transitive updates (notably n3 to 2.0.3).

Reviewed changes

Copilot reviewed 1 out of 2 changed files in this pull request and generated 2 comments.

File Description
package.json Pins solid-namespace and raises the minimum rdflib peer version.
package-lock.json Updates lockfile to match dependency/peerDependency changes and new transitive resolutions.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

package.json
"dependencies": {
"@inrupt/solid-client-authn-browser": "^3.1.1",
"solid-namespace": "^0.5.4"
"solid-namespace": "0.5.4"
Copy link

Copilot AI Mar 19, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

All other dependencies in this package.json use caret ranges, but solid-namespace is now pinned to an exact version. This will prevent consumers from receiving patch updates (including security fixes) automatically. If there's no specific reason to pin, switch back to a range (e.g., ^0.5.4); if pinning is intentional, consider documenting the rationale (or using an override/resolution if the goal is to constrain a transitive dependency).

Suggested change
"solid-namespace": "0.5.4"
"solid-namespace": "^0.5.4"

Copilot uses AI. Check for mistakes.
package.json
},
"peerDependencies": {
"rdflib": "^2.3.5"
"rdflib": "^2.3.6"
Copy link

Copilot AI Mar 19, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bumping the minimum rdflib peer dependency from ^2.3.5 to ^2.3.6 is a compatibility contract change for downstream consumers who currently use 2.3.5. If 2.3.5 is still compatible, consider widening the range to include it; otherwise, ensure this peer requirement change is reflected in the release versioning/changelog as appropriate.

Suggested change
"rdflib": "^2.3.6"
"rdflib": "^2.3.5"

Copilot uses AI. Check for mistakes.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@bourgeoa