chore(deps-dev): bump pnpm from 9.15.0 to 10.0.0#2
Closed
dependabot[bot] wants to merge 1 commit intomainfrom
Closed
chore(deps-dev): bump pnpm from 9.15.0 to 10.0.0#2dependabot[bot] wants to merge 1 commit intomainfrom
dependabot[bot] wants to merge 1 commit intomainfrom
Conversation
Bumps [pnpm](https://github.com/pnpm/pnpm/tree/HEAD/pnpm) from 9.15.0 to 10.0.0. - [Release notes](https://github.com/pnpm/pnpm/releases) - [Changelog](https://github.com/pnpm/pnpm/blob/main/pnpm/CHANGELOG.md) - [Commits](https://github.com/pnpm/pnpm/commits/v10.0.0/pnpm) --- updated-dependencies: - dependency-name: pnpm dependency-version: 10.0.0 dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
added
dependencies
Author
|
Superseded by #15. |
evanob
pushed a commit
that referenced
this pull request
Mar 19, 2026
Fixes sentry errors [#1](https://electricsql-04.sentry.io/issues/74727274/) and [#2](https://electricsql-04.sentry.io/issues/74727257) I have marked the `:disk_full` error as retryable, since storage might be freed up automatically or added by the db administrator as a response to this error and should thus not shut down the system. I have marked the `:duplicate_file` for the replication slot specifically as retryable as well, as it is a tmp file for an atomic write that seems like a race. Interesting that this occurred and might be worth looking into if it keeps occurring.
evanob
pushed a commit
that referenced
this pull request
Mar 19, 2026
…sql#3715) ### 🔗 Context When this workflow is called by the Changesets workflow, the `github.event_name` context variable evaluates to `push` (the parent's trigger) rather than `workflow_call`. This caused our previous logic to skip the release flow and default to canary builds. So the most recent [package publishing](https://github.com/electric-sql/electric/actions/runs/21003147814/job/60379128532) only pushed canary images: ``` #1 [internal] pushing docker.io/electricsql/electric:canary #1 0.000 pushing sha256:e372c6ad86713cdbf726bbef83920eb32ecf9034d3794abde8d9fa73805413b1 to docker.io/electricsql/electric:canary #1 DONE 1.9s #1 [internal] pushing docker.io/electricsql/electric-canary:3516b9780 #1 0.000 pushing sha256:e372c6ad86713cdbf726bbef83920eb32ecf9034d3794abde8d9fa73805413b1 to docker.io/electricsql/electric-canary:3516b9780 #1 ... #2 [internal] pushing docker.io/electricsql/electric-canary:latest #2 0.000 pushing sha256:e372c6ad86713cdbf726bbef83920eb32ecf9034d3794abde8d9fa73805413b1 to docker.io/electricsql/electric-canary:latest #2 DONE 1.8s #1 [internal] pushing docker.io/electricsql/electric-canary:3516b9780 #1 DONE 1.8s ``` ### 🛠️ Changes - Updated `derive_build_vars` job to prioritize `inputs.release_tag` and `github.event.release.tag_name` over the event name string. - Refactored shell logic to use more idiomatic `-n` (non-zero string) checks. <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Refactor** * Simplified the Docker Hub image sync workflow's release detection logic to prioritize explicit release tags and fallback to commit-based runs, preserving existing behavior for release and manual triggers. <sub>✏️ Tip: You can customize this high-level summary in your review settings.</sub> <!-- end of auto-generated comment: release notes by coderabbit.ai -->
evanob
pushed a commit
that referenced
this pull request
Mar 19, 2026
## What changed Adds a comprehensive multi-tier testing DSL for the \`ShapeStream\` state machine — plus four production bug fixes that the new invariant checks caught. Test count goes from ~45 to 293. --- ## Reviewer guidance ### Root cause (production fixes) Writing the tests exposed four real bugs by making invariants machine-checkable for the first time: 1. **\`ErrorState\` silently dropped 5 delegation getters.** \`staleCacheBuster\`, \`staleCacheRetryCount\`, \`sseFallbackToLongPolling\`, \`consecutiveShortSseConnections\`, and \`replayCursor\` were missing on \`ErrorState\` — falling through to base-class defaults (\`undefined\`/\`0\`/\`false\`) instead of delegating to \`previousState\`. If you hit an error while in stale-retry or SSE-fallback mode, the state machine was reporting the wrong values for those fields. 2. **\`PausedState.handleResponseMetadata\` silently unpaused on \`ignored\`/\`stale-retry\`.** The method delegated to \`previousState\` and re-wrapped only the \`accepted\` arm. For \`ignored\` and \`stale-retry\` it returned the inner transition as-is, dropping the paused wrapper. If a stream was paused and an in-flight response resolved as stale, the stream could accidentally unpause. 3. **\`previousState\` types were too wide.** \`PausedState.previousState: ShapeStreamState\` allowed \`Paused(Paused(X))\` chains; \`ErrorState.previousState: ShapeStreamState\` allowed \`Error(Error(X))\` chains. The constructors now actively unwrap same-type nesting. 4. **\`ResponseMetadataTransition\` \`stale-retry\` arm typed as \`StaleRetryState\`.** Had to widen to \`ShapeStreamState\` to accommodate fix #2 (a \`PausedState\` can now legally return itself for a \`stale-retry\` action). All call sites verified safe — \`client.ts\` reads \`exceededMaxRetries\` then uses \`this.#syncState.staleCacheRetryCount\` after state assignment, so the narrower type was never load-bearing. ### Approach Three testing layers, each catching a different class of bug: **Tier 1 — Fluent scenario builder** reads like prose, automatically running 12+ invariant checks at every transition: \`\`\`ts scenario() .response({ responseHandle: \`h1\` }).expectAction(\`accepted\`).expectKind(\`syncing\`) .messages().expectKind(\`live\`).expectUpToDate(true) .pause().expectKind(\`paused\`) .resume().expectKind(\`live\`) .done() \`\`\` **Tier 2 — Transition truth table** specifies all 7 states × 10 events = 70 cells in a \`Record<ShapeStreamStateKind, Record<EventType, ExpectedBehavior>>\` with no \`Partial\` — TypeScript enforces completeness at compile time. **Tier 3 — Adversarial testing**: seeded fuzz (100 seeds × 30 steps, \`FUZZ_DEEP=1\` for 1000×50), counterexample shrinker, mutation operators (duplicate/reorder/drop events), and algebraic property tests (pause/resume round-trip, error/retry identity, \`withHandle\` preservation, \`markMustRefetch\` reset). The formal specification lives in \`SPEC.md\` — invariants, transition rules, and enforcement method for each. It's the single source of truth; the tests are derived from it. ### Key invariants (auto-checked on every transition) - \`state.kind\` and \`state instanceof XxxState\` always agree (I0) - \`isUpToDate\` is true only when \`LiveState\` is in the delegation chain (I1) - All transitions create new objects; no-ops return \`this\` (I2) - \`pause().resume() === state\` (I3) - \`toErrorState(e).retry() === state\` (I4) - \`LiveState\` always has \`lastSyncedAt\` (I5) - \`StaleRetryState\` always has a defined \`staleCacheBuster\` and count > 0 (I6) - \`ReplayingState\` always has \`replayCursor\` (I7) - \`PausedState\`/\`ErrorState\` delegate all field getters to \`previousState\` (I8, I9) - No same-type nesting (\`Paused(Paused(X))\` → \`Paused(X)\`, etc.) (I12) ### Non-goals - No changes to the observable behavior of \`ShapeStream\` from the outside — the fixes are all correctness improvements in edge cases (paused + stale response, errored + delegation). - The handful of tests that verify SSE internals (\`consecutiveShortSseConnections\`, \`suppressBatch\`) stay in direct-construction style; the DSL deliberately abstracts those details. - No nightly-only split for tier-3 tests — CI time hasn't been a problem in practice. ### Trade-offs - The DSL adds ~725 lines of test support code, but individual tests are much shorter, and invariant checking is automatic at every step rather than per-test. - The truth table is verbose but acts as a reviewable specification artifact — it's the single source of truth for "what should happen when event X hits state Y." --- ## Verification \`\`\`bash # Unit tests (293 tests, ~4s) cd packages/typescript-client && pnpm vitest run --config vitest.unit.config.ts # Deep fuzz (1000 seeds × 50 steps) FUZZ_DEEP=1 pnpm vitest run --config vitest.unit.config.ts test/shape-stream-state.test.ts # Reproduce a specific fuzz failure by seed FUZZ_SEED=42 pnpm vitest run --config vitest.unit.config.ts test/shape-stream-state.test.ts # Type check pnpm tsc --noEmit \`\`\` ## Files changed | File | Description | |------|-------------| | \`src/shape-stream-state.ts\` | **Production fixes:** \`ErrorState\` delegation getters, \`PausedState.handleResponseMetadata\` exhaustive handling, \`previousState\` type narrowing, same-type nesting guards, \`ShapeStreamActiveState\` union type | | \`SPEC.md\` | **New.** Formal specification: 7 states, 10 events, 12 invariants, 8 constraints, bidirectional enforcement checklist | | \`test/support/state-machine-dsl.ts\` | **New.** \`ScenarioBuilder\` DSL, \`applyEvent\`, \`assertStateInvariants\`, \`assertReachableInvariants\`, fuzz helpers, mutation operators, factory functions | | \`test/support/state-transition-table.ts\` | **New.** Exhaustive truth table (70 cells) | | \`test/support/mock-fetch-harness.ts\` | **New.** \`MockFetchHarness\` response queue, \`mockVisibilityApi\` (extracted from \`client.test.ts\`), \`createMockShapeStream\` factory | | \`test/shape-stream-state.test.ts\` | **Rewritten.** Converted to DSL, added ~248 tests across all three tiers | | \`test/client.test.ts\` | **Minor.** Import \`mockVisibilityApi\` from shared harness; fast backoff in isConnected recovery test | --- 🤖 Generated with [Claude Code](https://claude.com/claude-code) --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps pnpm from 9.15.0 to 10.0.0.
Release notes
Sourced from pnpm's releases.
... (truncated)
Changelog
Sourced from pnpm's changelog.
... (truncated)
Commits
42ecf04chore(release): 10.0.0c0c63efdocs: update yearsdde650bfix: ensure that recursivepnpm update --latest \<pkg>updates only the spec...c5080dechore(release): 10.0.0-rc.3cc3bbc9fix: don't load side-effects cache for packages that are not allowed to be bu...12aebe2docs:READMEadd Bluesky link (#8937)9591a18feat: configurational dependencies (#8915)52204d5chore: pd should not switch to another version of pnpm (#8930)c7eefddfix:pnpm update --filter --latestshould only change relevant packages and...e103abechore(release): 10.0.0-rc.2Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.