chore(shipjs): updated version

[egordidenko]

Description

Checklist

• Tests (if applicable)
• Documentation (if applicable)
• Changelog stub (or use conventional commit messages)

Summary by CodeRabbit

• Chores
  • Upgraded a core dependency to the latest version, which brings enhanced performance, improved reliability, and access to new enhancements for a smoother user experience.

[coderabbitai]

Walkthrough

The pull request updates the shipjs dependency version in the package.json file for the @uploadcare/file-uploader package. The version is upgraded from ^0.0.8 to ^0.27.0, reflecting an update that likely includes new features, improvements, or bug fixes.

Changes

File(s)	Change Summary
package.json	Updated shipjs dependency from ^0.0.8 to ^0.27.0

Possibly related PRs

• сhore/update-soc-2 #789: Shows a downgrade of the shipjs dependency, highlighting a direct conflict in the versioning approach.

Suggested reviewers

• nd0ut

Warning

Review ran into problems

🔥 Problems

Errors were encountered while retrieving linked issues.

Errors (1)

• JIRA integration encountered authorization issues. Please disconnect and reconnect the integration in the CodeRabbit UI.

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 5e261db and 5f6f1bd.

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (1)

• package.json (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms (1)

• GitHub Check: Analyze (javascript)

🔇 Additional comments (2)

package.json (2)

72-72: Update PR description with migration steps.

Since this is a major version update of shipjs (from ^0.0.8 to ^0.27.0), please update the PR description with:

1. Reason for the update
2. Link to the changelog
3. Any breaking changes and required migration steps
4. Verification steps for the release process

---

120-120:

❓ Verification inconclusive

Verify the new shipjs version's compatibility and security.

This is a significant version update from ^0.0.8 to ^0.27.0. Let's verify the version's validity and check for any security concerns.

---

🏁 Script executed:

#!/bin/bash
# Description: Check npm registry for shipjs version info and security advisories

# Check if version exists and get its publish date
npm view [email protected] time.modified

# Check for any security advisories
npm audit [email protected]

Length of output: 438

---

🌐 Web query:

What are the breaking changes between shipjs 0.0.8 and 0.27.0?

💡 Result:

Between shipjs 0.0.8 and shipjs 0.27.0, several breaking changes were introduced:

---

Major Breaking Changes

1. ES Modules & Node.js Requirement (v0.27.0)

   • Code migrated to ES Modules[1][9].
   • Requires Node.js ≥18[1][9].

2. Git Configuration Requirement (v0.25.x)

   • Requires git email and name to be set before using shipjs trigger[1].

3. Monorepo Configuration Changes

   • In v0.23.x: Ship.js now updates versions in monorepo.mainVersionFile instead of monorepo.readVersionFrom[1].
   • In v0.18.x: Fixed incorrect branch handling for mergeStrategy scenarios[1].

4. GitHub Token Enforcement (v0.11.x)

   • GITHUB_TOKEN became mandatory for GitHub operations[1][8].

5. Renamed Configuration Parameters

   • pullRequestReviewer → pullRequestReviewers (array only)[1].
   • pullRequestTeamReviewer → pullRequestTeamReviewers (array only)[1].

6. Deprecated Features

   • Removed mergeStrategy options (toSameBranch, toReleaseBranch) in v0.20.x[1].
   • Removed Slack’s releaseStart notification hook[1].

---

Key Version-Specific Changes

Version	Breaking Change
v0.27.x	ES Modules adoption
v0.23.x	Monorepo version-file logic updated
v0.20.x	Branch filtering required for CI workflows
v0.19.x	Default removal of testCommandBeforeRelease

For detailed migration steps, refer to ShipJS’s changelog[1][9].

Citations:

• 1: https://github.com/algolia/shipjs/blob/main/CHANGELOG.md
• 2: https://classic.yarnpkg.com/en/package/browsertime
• 3: ftp://ftp.netbsd.org/pub/NetBSD/NetBSD-current/pkgsrc/README-all.html
• 4: https://docs.ropensci.org/git2r/news/index.html
• 5: https://supermarket.chef.io/cookbooks/git/versions/10.1.0
• 6: https://android.googlesource.com/platform/external/rust/crates/rusqlite/+/93c8cc61e4753e8db9b57fbc2e3e9274495e9809%5E1..93c8cc61e4753e8db9b57fbc2e3e9274495e9809/
• 7: https://docs.conveyordata.com/release-notes/
• 8: https://cran.r-project.org/web/packages/git2r/news/news.html
• 9: https://github.com/algolia/shipjs/releases
• 10: https://classic.yarnpkg.com/en/package/@apollo/rover

---

Action Required: Verify ShipJS 0.27.0 Upgrade for Compatibility and Security

The dependency update from ShipJS 0.0.8 to 0.27.0 introduces significant changes that may impact the release process. Please address the following:

• ES Modules & Node.js: ShipJS 0.27.0 now uses ES Modules and requires Node.js ≥18. Confirm that the build and release environments are updated accordingly.
• Git Configuration & Environment Changes: The upgrade enforces new Git configuration (e.g., email and name setup) and changes mandatory environment variables (such as requiring a GITHUB_TOKEN). Verify that these adjustments are integrated in your workflow.
• Monorepo and Config Parameter Updates: Note the renaming of configuration fields (e.g., pullRequestReviewer → pullRequestReviewers) and modified monorepo settings. Ensure that any ShipJS-related configuration files and scripts (like the shipjs prepare command on line 72) are updated to reflect these changes.
• Security Audit: The automated npm audit could not run due to a missing lockfile. Please generate a lockfile (using npm i --package-lock-only) and manually verify the security status of ShipJS 0.27.0.

Additionally, update the PR description with detailed migration steps and reference the ShipJS changelog for guidance on breaking changes.

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR. (Beta)
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.