KEMBAR78
Build system: revert dependabot updates, use browserstack's action by dgirardi · Pull Request #14026 · prebid/Prebid.js · GitHub
Skip to content

Build system: revert dependabot updates, use browserstack's action #14026

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 15 commits into from
Oct 17, 2025
Merged

Build system: revert dependabot updates, use browserstack's action #14026

merged 15 commits into from
Oct 17, 2025

Conversation

@dgirardi
Copy link
Collaborator

@dgirardi dgirardi commented Oct 16, 2025
edited
Loading

Type of change

  • Build related changes

Description of change

  • update the browserstackLocal logic to use the actions vended by browserstack
  • revert package and package-lock to fb3f801 (the last dependency update that was not triggered by dependabot). I am not sure what dependency can be the culprit, but this revert produced the first test run in a while that doesn't fail due to connectivity issues (https://github.com/dgirardi/Prebid.js/actions/runs/18570283238/job/52942298282)
  • limit dependabot to security updates only

zach-bowman-yahooinc added a commit to zach-bowman-yahooinc/Prebid.js that referenced this pull request Oct 16, 2025
@zach-bowman-yahooinc
Build system: adjust Karma timeout settings
3b5de69 
Reduce browserDisconnectTimeout from 100s to 20s and browserNoActivityTimeout
from 100s to 30s. Increase browserDisconnectTolerance from 1 to 3 to improve
test stability.

Based on changes from prebid#14026
@dgirardi dgirardi changed the title Build system: adjust karma timeouts Build system: revert dependabot updates, use browserstack's action Oct 16, 2025
@coveralls
Copy link
Collaborator

coveralls commented Oct 16, 2025
edited
Loading

Pull Request Test Coverage Report for Build 18595269197

Details

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • 28 unchanged lines in 12 files lost coverage.
  • Overall coverage decreased (-0.01%) to 96.228%
Files with Coverage Reduction New Missed Lines %
libraries/userAgentUtils/index.js 1 96.0%
modules/pubmaticBidAdapter.js 1 87.32%
src/targeting.ts 1 98.36%
test/spec/modules/yieldoneBidAdapter_spec.js 1 99.55%
modules/concertAnalyticsAdapter.js 2 90.24%
modules/yieldoneBidAdapter.js 2 86.52%
test/spec/modules/userId_spec.js 2 99.5%
libraries/connectionInfo/connectionUtils.js 3 23.08%
modules/visxBidAdapter.js 3 93.87%
modules/ssp_genieeBidAdapter.js 4 91.61%
Totals Coverage Status
Change from base Build 18594521186: -0.01%
Covered Lines: 200263
Relevant Lines: 208112
💛 - Coveralls

@ChrisHuie ChrisHuie requested review from ChrisHuie and removed request for jefftmahoney October 16, 2025 20:13
@ChrisHuie ChrisHuie self-requested a review October 16, 2025 21:47
@patmmccann patmmccann assigned patmmccann and unassigned ChrisHuie Oct 17, 2025
patmmccann
patmmccann reviewed Oct 17, 2025
View reviewed changes
.github/workflows/test-chunk.yml
access-key: ${{ secrets.BROWSERSTACK_ACCESS_KEY }}

- name: 'BrowserStackLocal Setup'
uses: 'browserstack/github-actions/setup-local@master'
Copy link
Collaborator

@patmmccann patmmccann Oct 17, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This appears to be the fix, not the package reverts?

Copy link
Collaborator Author

@dgirardi dgirardi Oct 17, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No, it was an earlier attempt that I kept because it's cleaner. You can see it did not run on this PR (needs to be in master to have an effect)

I'm not sure which dependency revert is the fix, can potentially be one of the "invisible" changes from package-lock

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this might be the issue:

"Before the rollbacks, the repo’s toolchain depended on webdriverio 9.20.0, which pulled in the newly released chromium-bidi 8.0.0 and devtools-protocol 0.0.1475386.

PR #14026 pins webdriverio back to 9.18.4. That downgrade also reverts the BiDi stack to chromium-bidi 5.1.0 and devtools-protocol 0.0.1464554—the same versions shipped with the 9.18/9.19 generation."

patmmccann
patmmccann reviewed Oct 17, 2025
View reviewed changes
.github/dependabot.yml
- dependency-name: 'iab-adcom'
- dependency-name: 'iab-native'
- dependency-name: 'iab-openrtb'
- dependency-name: '@types/*'
Copy link
Collaborator

@patmmccann patmmccann Oct 17, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

how about @babel*, eslint* and "@eslint*? those three seem to have frequent and useful updates; and changing weekly above to monthly or querterly if that is supported

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i added those and changed this thing from weekly to quarterly, if you're comfortable with that lets merge

patmmccann
patmmccann reviewed Oct 17, 2025
View reviewed changes
package.json
"@babel/register": "^7.28.3",
"@eslint/compat": "^1.4.0",
"@types/google-publisher-tag": "^1.20250811.1",
"@eslint/compat": "^1.3.1",
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this and eslint in particular appear to have utility to the update

@patmmccann
Change dependency update schedule to monthly
c35ed23 
Changed the update schedule for GitHub Actions and npm dependencies from weekly to monthly. Added additional dependencies to the allow list.
@patmmccann
Update Babel dependencies in dependabot configuration
e5e9655
@patmmccann
Change npm dependency update interval to quarterly
9d733eb
@patmmccann patmmccann merged commit 5b961a9 into master Oct 17, 2025
57 of 62 checks passed
@patmmccann patmmccann deleted the karma-timeouts branch October 17, 2025 17:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@patmmccann patmmccann patmmccann left review comments

@ChrisHuie ChrisHuie ChrisHuie approved these changes

@mkomorski mkomorski Awaiting requested review from mkomorski

Assignees

@patmmccann patmmccann

@mkomorski mkomorski

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@dgirardi @coveralls @patmmccann @ChrisHuie @mkomorski