Skip to content

deps: update tree-sitter-language-pack requirement from <1.6.3,>=0.6 to >=0.6,<1.12.6#63

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/tree-sitter-language-pack-gte-0.6-and-lt-1.12.6
Open

deps: update tree-sitter-language-pack requirement from <1.6.3,>=0.6 to >=0.6,<1.12.6#63
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/tree-sitter-language-pack-gte-0.6-and-lt-1.12.6

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 13, 2026

Copy link
Copy Markdown

Updates the requirements on tree-sitter-language-pack to permit the latest version.

Release notes

Sourced from tree-sitter-language-pack's releases.

v1.12.5

Fixed

  • build: build.rs no longer forces spurious rebuilds when the crate is consumed from a registry (crates.io) rather than a git checkout. It skips cargo:rerun-if-changed for the query-overlays directory when it does not exist, skips rerun triggers for parser directories under OUT_DIR, and falls back to CARGO_MANIFEST_DIR when the overlay-directory search walks past the filesystem root. Fixes #159.

Maintenance

  • Bump to 1.12.5 and regenerate all bindings, docs, and e2e suites with alef 0.32.11.
  • Update crossbeam-epoch to 0.9.20 (RUSTSEC-2026-0204).

See CHANGELOG.md for details.

Changelog

Sourced from tree-sitter-language-pack's changelog.

[1.12.5] - 2026-07-07

Fixed

  • build: build.rs no longer forces spurious rebuilds when the crate is consumed from a registry (crates.io) rather than a git checkout. It skips cargo:rerun-if-changed for the query-overlays directory when it does not exist, skips rerun triggers for parser directories that live under OUT_DIR, and falls back to CARGO_MANIFEST_DIR when the overlay-directory search walks past the filesystem root. Previously these emitted rerun triggers on nonexistent or generated paths, so cargo rebuilt the crate on every invocation. Fixes #159.

[1.12.3] - 2026-07-02

Fixed

  • python: get_parser() now returns the installed tree_sitter.Parser instead of a vendored parser class. On Python 3.14 the vendored parser produced unusable trees — nodes exposed no type/children and parse(bytes) raised TypeError — while nothing failed at construction, so the breakage was silent. get_parser(name) now builds tree_sitter.Parser(get_language(name)), mirroring get_language() and working across Python versions. Fixes #157.

Changed

  • deps: upgrade dependencies to their latest versions across every language binding (Rust, Python, Node, Ruby, PHP, Go, Java, C#, Elixir, WASM, Dart, Swift, Zig, Kotlin-Android) and refresh grammar revisions and GitHub Actions pins. On wasm32, getrandom moves to 0.4 with the wasm_js feature.
  • Regenerated all bindings with alef 0.30.10, which corrects the generated Python get_parser return annotation (previously an invalid _rust.Parser that broke import on Python < 3.14).

Fixed

  • wasm: skip the tmux grammar on wasm32. Its generated parser.c is ~30MB — under TSLP_WASM_MAX_PARSER_BYTES (40MB) so the size gate doesn't catch it, but it still overruns the clang wasm backend during codegen. Added to DEFAULT_WASM_SKIP_GRAMMARS so the wasm build is clean; it degrades gracefully (absent from STATIC_LANGUAGES).
  • wasm: enable the getrandom js feature for wasm32-unknown-unknown. Build-dependencies (ureq) transitively depend on getrandom, which requires the js feature on that target; without it wasm32 builds failed with "the wasm*-unknown-unknown targets are not supported by default".
  • build: build.rs now reports failed_languages.txt write errors separately (via eprintln) and always surfaces the underlying grammar compilation error even when the write fails.

[1.12.0] - 2026-06-29

Added

  • prefetch: prefetch(&[&str]) downloads (if needed) and loads every requested grammar in one pass, so a subsequent parallel workload only parses. It probes real on-disk loadability rather than has_language, fixing a short-circuit where known-but-not-downloaded grammars were skipped.

... (truncated)

Commits
  • b6bb82f chore(swift): update Package.swift with checksum for v1.12.5
  • 96b3ded fix(ci): resolve alef 0.32.11 vs poly conflicts and build FFI staticlib for s...
  • bc97ced fix: restore docs/skills dropped by version:sync, complete alef 0.32.11 regen
  • 2944f5f chore(release): 1.12.5
  • b61676f chore: cleanup
  • 95dbd42 fix: avoid spurious rebuilds for registry crates (#159)
  • 24d5919 chore(release): 1.12.4
  • 61d8d0c fix(ci): correct Python sdist smoke test to pass bytes to Parser.parse
  • 8aaf6dc fix(ci): hard-kill runaway tree-sitter generate on timeout
  • cdd15e4 fix(ci): add swap to publish clone-vendors shards to prevent OOM
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Updates the requirements on [tree-sitter-language-pack](https://github.com/xberg-io/tree-sitter-language-pack) to permit the latest version.
- [Release notes](https://github.com/xberg-io/tree-sitter-language-pack/releases)
- [Changelog](https://github.com/xberg-io/tree-sitter-language-pack/blob/main/CHANGELOG.md)
- [Commits](xberg-io/tree-sitter-language-pack@v0.6.0...v1.12.5)

---
updated-dependencies:
- dependency-name: tree-sitter-language-pack
  dependency-version: 1.12.5
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jul 13, 2026
@dependabot dependabot Bot requested a review from Cranot as a code owner July 13, 2026 10:35
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jul 13, 2026
@github-actions

Copy link
Copy Markdown

Roam Agent Review

Verdict: SAFE (risk_level low)

blast-radius 0/100 · ai-likelihood 14/100 · rule violations 0 · critique high-severity 0

Verdict: SAFE. All structural signals clean at the configured thresholds.

Next steps

  • No structural concerns at the configured thresholds. Standard review still recommended.

Powered by roam-code — Apache 2.0, 100% local. Customize thresholds in .roam/rules.yml. Docs.

@github-actions

Copy link
Copy Markdown

roam-code Analysis

Mode: incremental (changed-only) — base 6327b178c315912f20b6929e8c9d7bdd28da0e3f, 1 changed+dependent files

Health Score: 78/100 FAIR

health: Fair codebase (78/100) — 48 critical, 7 warnings, focus: god_components
pr-risk: Moderate risk (30/100) — review recommended (risk_level medium) (driver: test_coverage_low)

Health Metrics

Metric Value
Health Score 78/100
Tangle Ratio 0%
Propagation Cost 0.0013
Total Issues 65

PR Risk

Metric Value
Risk Score 30/100

Quality Gate: PASSED

Gate expression: health_score>=50

SARIF Upload

Metric Value
Category roam-code-self-analysis/self-analysis/py3.12
Results Uploaded 82
Full analysis output

health

{
  "_meta": {
    "cache_ttl_s": 300,
    "cacheable": true,
    "index_age_s": 4,
    "index_status": {
      "dirty_files": 0,
      "fresh": false,
      "head_commit": "f79929829e90",
      "hint": "index latest commit 6337be9d7025 != HEAD f79929829e90 — git-derived metrics (commits, churn, co-change, weather) may be stale. Run `roam index --force`.",
      "indexed_commit": "6337be9d7025"
    },
    "latency_ms": null,
    "response_tokens": 4088,
    "roam_version": "13.8.0",
    "timestamp": "2026-07-13T10:38:17Z"
  },
  "actionable_count": 15,
  "actionable_cycles": 0,
  "agent_contract": {
    "confidence": null,
    "facts": [
      "Fair codebase (78/100) — 48 critical, 7 warnings, focus: god_components",
      "health score 78",
      "tangle ratio 0.0",
      "0.0013 propagation cost findings",
      "issue count 65"
    ],
    "next_commands": [
      "roam debt",
      "roam trends --days 30"
    ],
    "risks": []
  },
  "algebraic_connectivity": null,
  "algebraic_connectivity_available": false,
  "bottleneck_thresholds": {
    "p70": 935.7,
    "p90": 5275,
    "population": 2294,
    "utility_multiplier": 1.5
  },
  "category_severity": {
    "bottlenecks": {
      "critical": 15,
      "info": 0,
      "warning": 0
    },
    "cycles": {
      "critical": 0,
      "info": 0,
      "warning": 0
    },
    "god_components": {
      "critical": 33,
      "info": 10,
      "warning": 7
    },
    "layer_violations": {
      "critical": 0,
      "info": 0,
      "warning": 0
    }
  },
  "command": "health",
  "cycles_actionable": 0,
  "cycles_total": 17,
  "framework_filtered": 0,
  "health_score": 78,
  "ignored_cycles": 17,
  "imported_coverable_lines": 0,
  "imported_coverage_files": 0,
  "imported_coverage_pct": null,
  "imported_covered_lines": 0,
  "index_status": {
    "dirty_files": 0,
    "fresh": false,
    "head_commit": "f79929829e90",
    "hint": "index latest commit 6337be9d7025 != HEAD f79929829e90 — git-derived metrics (commits, churn, co-change, weather) may be stale. Run `roam index --force`.",
    "indexed_commit": "6337be9d7025"
  },
  "issue_count": 65,
  "list_counts": {
    "bottlenecks": 15,
    "cycle_break_suggestions": 0,
    "cycles": 17,
    "god_components": 50,
    "layer_violations": 0,
    "next_steps": 2,
    "score_breakdown": 5
  },
  "project": "roam-code",
  "propagation_cost": 0.0013,
  "schema": "roam-envelope-v1",
  "schema_version": "1.1.0",
  "severity": {
    "critical": 48,
    "info": 27,
    "warning": 7
  },
  "summary": {
    "actionable_cycles": 0,
    "algebraic_connectivity": null,
    "algebraic_connectivity_available": false,
    "category_severity": {
      "bottlenecks": {
        "critical": 15,
        "info": 0,
        "warning": 0
      },
      "cycles": {
        "critical": 0,
        "info": 0,
        "warning": 0
      },
      "god_components": {
        "critical": 33,
        "info": 10,
        "warning": 7
      },
      "layer_violations": {
        "critical": 0,
        "info": 0,
        "warning": 0
      }
    },
    "cycles_actionable": 0,
    "cycles_definition": "Cycle counts derived from `roam.graph.cycles.find_cycles(G, min_size=2)` on the symbol graph. `cycles_total` = all SCCs of size >= 2; `cycles_actionable` = SCCs spanning >=2 files AND no test files (same-file and test-only cycles are informational). Run `roam health` for the per-cycle breakdown.",
    "cycles_total": 17,
    "detail_available": true,
    "god_components": 50,
    "god_components_definition": "God components: symbols where `(in_degree + out_degree) > 20` from the `graph_metrics` table, with utility-aware severity bands (standard >50=CRITICAL >30=WARNING; utility >150=CRITICAL >90=WARNING). Run `roam health` for the per-symbol breakdown. Legacy aliases: `god_objects` (fingerprint), `god_classes` (rules).",
    "health_score": 78,
    "health_score_definition": "weighted geometric mean (0-100) of 5 sigmoid health factors: tangle_ratio, god_components, bottlenecks, layer_violations, file_health (+coverage if available).",
    "ignored_cycles": 17,
    "imported_coverage_files": 0,
    "imported_coverage_pct": null,
    "issue_count": 65,
    "partial_success": true,
    "preserved_list_truncations": {},
    "propagation_cost": 0.0013,
    "severity": {
      "critical": 48,
      "info": 27,
      "warning": 7
    },
    "tangle_ratio": 0,
    "tangle_ratio_definition": "fraction of symbols inside non-trivial SCCs; higher = more cyclic coupling.",
    "total_cycles": 17,
    "truncated": true,
    "verdict": "Fair codebase (78/100) — 48 critical, 7 warnings, focus: god_components",
    "warnings_out": [
      "health_algebraic_connectivity_warning:RuntimeWarning:algebraic_connectivity compute failed (ModuleNotFoundError): No module named 'numpy'; returning 0.0 sentinel — value is NOT a legitimate disconnected-graph reading"
    ]
  },
  "tangle_ratio": 0,
  "total_cycles": 17,
  "utility_count": 35,
  "version": "13.8.0",
  "warnings_out": [
    "health_algebraic_connectivity_warning:RuntimeWarning:algebraic_connectivity compute failed (ModuleNotFoundError): No module named 'numpy'; returning 0.0 sentinel — value is NOT a legitimate disconnected-graph reading"
  ]
}

pr-risk

{
  "_meta": {
    "cache_ttl_s": 60,
    "cacheable": true,
    "index_age_s": 5,
    "index_status": {
      "dirty_files": 0,
      "fresh": false,
      "head_commit": "f79929829e90",
      "hint": "index latest commit 6337be9d7025 != HEAD f79929829e90 — git-derived metrics (commits, churn, co-change, weather) may be stale. Run `roam index --force`.",
      "indexed_commit": "6337be9d7025"
    },
    "latency_ms": null,
    "response_tokens": 861,
    "roam_version": "13.8.0",
    "timestamp": "2026-07-13T10:38:18Z"
  },
  "actor": null,
  "agent_contract": {
    "confidence": null,
    "facts": [
      "Moderate risk (30/100) — review recommended (risk_level medium) (driver: test_coverage_low)",
      "risk score 30",
      "2 risk rank findings",
      "1 changed files",
      "1 lines added"
    ],
    "next_commands": [],
    "risks": [
      "pr-risk: moderate (30/100) on 6327b178c315912f20b6929e8c9d7bdd28da0e3f..HEAD — driver: test_coverage_low"
    ]
  },
  "author": null,
  "blast_radius_pct": 0,
  "bus_factor_risk": 0,
  "change_shape": "mixed",
  "changed_files": 1,
  "closest_historical_pattern": null,
  "closest_similarity": 0,
  "cluster_spread": 0,
  "clusters_touched": 0,
  "command": "pr-risk",
  "coupling_score": 0,
  "dead_code": [],
  "dead_exports": 0,
  "familiarity": {
    "avg_familiarity": 1,
    "files": [],
    "files_assessed": 0
  },
  "findings": [
    {
      "claim": "pr-risk: moderate (30/100) on 6327b178c315912f20b6929e8c9d7bdd28da0e3f..HEAD — driver: test_coverage_low",
      "confidence": "heuristic",
      "evidence": {
        "actor": null,
        "author": null,
        "blast_radius_pct": 0,
        "bus_factor_risk": 0,
        "changed_files_count": 1,
        "commit_range": "6327b178c315912f20b6929e8c9d7bdd28da0e3f..HEAD",
        "coupling_score": 0,
        "created_at_epoch": 1783939098,
        "diff_id": "81721e058d77",
        "familiarity_risk": 0,
        "file_list": [
          "pyproject.toml"
        ],
        "hotspot_score": 0,
        "label": "6327b178c315912f20b6929e8c9d7bdd28da0e3f..HEAD",
        "lines_added": 1,
        "lines_removed": 1,
        "minor_risk": 0,
        "novelty_score": 0,
        "reductive_change": false,
        "risk_level": "moderate",
        "risk_score": 30,
        "staged": false,
        "test_coverage_pct": 0,
        "top_driver": "test_coverage_low"
      },
      "finding_id_str": "pr-risk:composite-risk-score:81721e058d77",
      "kind": "pr-risk:composite-risk-score",
      "severity": "medium",
      "source_detector": "pr-risk",
      "source_version": "1.0.0",
      "subject_id": null,
      "subject_kind": "commit"
    }
  ],
  "hotspot_score": 0,
  "label": "6327b178c315912f20b6929e8c9d7bdd28da0e3f..HEAD",
  "layer_spread": 0,
  "layers_touched": 0,
  "lines_added": 1,
  "lines_removed": 1,
  "minor_risk": {
    "files": [],
    "files_assessed": 0,
    "minor_files": 0
  },
  "novelty_score": 0,
  "per_file": [
    {
      "blast": 0,
      "churn": 535,
      "is_test": false,
      "lines_added": 1,
      "lines_removed": 1,
      "path": "pyproject.toml",
      "symbols": 0
    }
  ],
  "project": "roam-code",
  "reductive_change": false,
  "reductive_discount_applied": false,
  "risk_level": "moderate",
  "risk_level_canonical": "medium",
  "risk_rank": 2,
  "risk_score": 30,
  "schema": "roam-envelope-v1",
  "schema_version": "1.1.0",
  "suggested_reviewers": [
    {
      "actor": "Cranot",
      "author": "Cranot",
      "lines": 372
    },
    {
      "actor": "dependabot[bot]",
      "author": "dependabot[bot]",
      "lines": 1
    }
  ],
  "summary": {
    "change_shape": "mixed",
    "changed_files": 1,
    "findings_count": 1,
    "lines_added": 1,
    "lines_removed": 1,
    "partial_success": false,
    "risk_level": "moderate",
    "risk_level_canonical": "medium",
    "risk_rank": 2,
    "risk_score": 30,
    "score_classification": "classified",
    "verdict": "Moderate risk (30/100) — review recommended (risk_level medium) (driver: test_coverage_low)"
  },
  "test_coverage_pct": 0,
  "total_clusters": 13021,
  "total_layers": 31,
  "version": "13.8.0",
  "warnings_out": []
}

roam-code analysis | Commands: health pr-risk

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants