chore(release): update changelog and bump version to 4.0.0#3975
Conversation
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (3)
💤 Files with no reviewable changes (1)
📝 WalkthroughWalkthroughThis PR finalizes the release version across workspace and package manifests, adds the v4.0.0 changelog entry, and introduces a dashmate config migration that repins Drive ABCI and rs-dapi docker images with test coverage. ChangesRelease v4.0.0 update
Estimated code review effort: 3 (Moderate) | ~20 minutes Possibly related issues
Possibly related PRs
Suggested reviewers: 🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Warning There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure. 🔧 ESLint
ESLint install failed. For unrecoverable errors, disable the tool in CodeRabbit configuration. Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
|
✅ Review complete (commit 217a1e6) |
thepastaclaw
left a comment
There was a problem hiding this comment.
Code Review
Release finalization for Platform 4.0.0 is largely clean — workspace Cargo.toml/lock and all internal Rust crates consistently move rc.2 → 4.0.0, the changelog matches the git range, and the docs branch retargeting from v3.1-dev to v4.0-dev is coherent. However, three published npm packages (dash, @dashevo/wallet-lib, @dashevo/dash-spv) that were on independent major lines (7.x, 11.x, 5.x) are being downgraded to 4.0.0, which is a semver regression against their previously published rc.2 series.
🔴 3 blocking
🤖 Prompt for all review comments with AI agents
These findings are from an automated code review. Verify each finding against the current code and only fix it if needed.
In `packages/js-dash-sdk/package.json`:
- [BLOCKING] packages/js-dash-sdk/package.json:3: `dash` npm package is being downgraded from 7.0.0-rc.2 to 4.0.0
The public npm package `dash` (this workspace) was set to `7.0.0-rc.2` in the prior release bump (#3864, commit 1ba1ca5828) and had been tracking an independent 7.x major line separate from the Platform version. This PR finalizes it to `4.0.0`, which is a semver regression: consumers pinned to `^7.0.0-rc` cannot resolve to the final release, and the npm registry history for `dash` will show a downgrade. Finalizing the 7.0.0-rc.2 line should publish 7.0.0.
In `packages/wallet-lib/package.json`:
- [BLOCKING] packages/wallet-lib/package.json:3: `@dashevo/wallet-lib` is being downgraded from 11.0.0-rc.2 to 4.0.0
The prior release (commit 1ba1ca5828) set `@dashevo/wallet-lib` to `11.0.0-rc.2`, continuing its independent 11.x major line. This PR finalizes it to `4.0.0`, which is a semver downgrade of a published npm package. Consumers pinned to the 11.0.0 rc range will not resolve to this release, and the package's semver history will regress. The natural finalization of `11.0.0-rc.2` is `11.0.0`.
In `packages/dash-spv/package.json`:
- [BLOCKING] packages/dash-spv/package.json:3: `@dashevo/dash-spv` is being downgraded from 5.0.0-rc.2 to 4.0.0
`@dashevo/dash-spv` was on `5.0.0-rc.2` before this PR (commit 1ba1ca5828), on its own 5.x major line. This PR sets it to `4.0.0`, which is a semver downgrade. Finalizing the 5.0.0-rc.2 prerelease should publish `5.0.0`; otherwise the npm registry release will not satisfy any consumer pinned to the 5.x rc line and will appear as a regression.
The version bump flattened every workspace to the root 4.0.0, but yarn.config.cjs requires these three to lead the root major by a fixed offset (dash-spv +1, dash +3, wallet-lib +7). Restore them to the constraint-enforced versions (5.0.0 / 7.0.0 / 11.0.0) so 'yarn constraints' passes. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
thepastaclaw
left a comment
There was a problem hiding this comment.
Code Review
Latest push (7d863ae) resolves all three prior blocking version-downgrade findings by restoring the required major-version offsets: dash-spv=5.0.0 (root+1), dash=7.0.0 (root+3), wallet-lib=11.0.0 (root+7). However, the 830fbd9 release commit that populated CHANGELOG.md added 1351 lines that duplicate the entire prior release history — 4.0.0-rc.2/rc.1/beta.4/beta.3/beta.2/beta.1 now appear twice in the file (once at lines 121-253, again starting at line 1352). For a release-preparation PR whose stated purpose is changelog correctness, this remains blocking.
🔴 1 blocking
🤖 Prompt for all review comments with AI agents
These findings are from an automated code review. Verify each finding against the current code and only fix it if needed.
In `CHANGELOG.md`:
- [BLOCKING] CHANGELOG.md:121-253: Release history duplicated in CHANGELOG
The 4.0.0 release commit prepended 1351 lines that include not only the new 4.0.0 section but also fresh copies of 4.0.0-rc.2, 4.0.0-rc.1, 4.0.0-beta.4, 4.0.0-beta.3, 4.0.0-beta.2, and 4.0.0-beta.1. The previous versions of those same sections still exist further down (starting at line 1352), so every pre-release section from 4.0.0-rc.2 through 4.0.0-beta.1 is now present twice. Since this PR's whole purpose is producing a correct 4.0.0 changelog, only the new 4.0.0 section (lines 1-119) should be added; the duplicated tail (lines 121-1351 of the additions) needs to be dropped so the file resumes cleanly with the pre-existing 4.0.0-rc.2 block. Re-running the changelog generator against the correct base (post-4.0.0-rc.2 tag) rather than an empty base should produce the intended diff.
The changelog was generated with base v3.0.2, so conventional-changelog re-emitted every release from 3.1.0-dev.1 through 4.0.0-rc.2 — sections that already exist further down in CHANGELOG.md, duplicating each one. Keep only the new 4.0.0 section and let the file resume at the pre-existing 4.0.0-rc.2 block (1231 duplicated lines removed). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
thepastaclaw
left a comment
There was a problem hiding this comment.
Code Review
Prior blocking CHANGELOG duplication finding is FIXED — the current head cleanly removes the duplicated pre-release sections. New delta review carries forward one release-metadata consistency suggestion: the standalone qa-contract package still declares the SDK dependency as ^4.0.0-rc.2 while this release bumps the SDK to 4.0.0 final. No blockers remain.
🟡 2 suggestion(s)
Findings not posted inline (1)
These findings could not be anchored to the current diff, but they are still part of this review.
- [SUGGESTION]
qa-contract/package.json:19: Stale rc.2 SDK range in standalone qa-contract package — This PR bumpspackages/js-evo-sdk/package.jsonand the rest of the workspace from4.0.0-rc.2to the final4.0.0, but the standaloneqa-contractpackage still declares@dashevo/evo-sdkat^4.0.0-rc.2. Its README documents standalonenpm installas the intended path (qa-contract is in...
🤖 Prompt for all review comments with AI agents
These findings are from an automated code review. Verify each finding against the current code and only fix it if needed.
In `qa-contract/package.json`:
- [SUGGESTION] qa-contract/package.json:19: Stale rc.2 SDK range in standalone qa-contract package
This PR bumps `packages/js-evo-sdk/package.json` and the rest of the workspace from `4.0.0-rc.2` to the final `4.0.0`, but the standalone `qa-contract` package still declares `@dashevo/evo-sdk` at `^4.0.0-rc.2`. Its README documents standalone `npm install` as the intended path (qa-contract is intentionally not a Yarn workspace member), so the range publicly advertises the RC version for this in-repo consumer at the 4.0.0 tag. The caret range does accept 4.0.0 semver-wise, so this is not a functional break — but a release/version-bump PR is the right moment to normalize the range so no consumer install log references the RC.
- [SUGGESTION] qa-contract/package.json:19: Stale rc.2 SDK range in standalone qa-contract package
This PR bumps `packages/js-evo-sdk/package.json` and the rest of the workspace from `4.0.0-rc.2` to the final `4.0.0`, but the standalone `qa-contract` package still declares `@dashevo/evo-sdk` at `^4.0.0-rc.2`. Its README documents standalone `npm install` as the intended path (qa-contract is intentionally not a Yarn workspace member), so the range publicly advertises the RC version for this in-repo consumer at the 4.0.0 tag. The caret range does accept 4.0.0 semver-wise, so this is not a functional break — but a release/version-bump PR is the right moment to normalize the range so no consumer install log references the RC.
The drive and rs-dapi image tags derive from the package major version, but the migrate runner is strictly version-gated and the only 4.x migration (4.0.0-rc.3) refreshes tenderdash + the rate limiter, not the platform images. Operators upgrading from a 4.0.0 prerelease (or an older major) therefore keep their stale drive:4-rc / drive:3 tag instead of moving to drive:4 / rs-dapi:4. The legacy 0.25.x migrations refresh these from the base config, but only fire for configs old enough to cross them, so recent upgraders skip them. Add a 4.0.0 migration that re-pins platform.drive.abci and platform.dapi.rsDapi from the base config. Test would have caught this in CI: the new regression test migrates a config already at 4.0.0-rc.2 (past the 0.25.x refreshes) and asserts the images land on the base tags — fails before the migration, passes after. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
thepastaclaw
left a comment
There was a problem hiding this comment.
Code Review
Carried-forward prior finding: qa-contract/package.json still declares @dashevo/evo-sdk at ^4.0.0-rc.2 while packages/js-evo-sdk is now at final 4.0.0 — verified against SHA 217a1e6. No new findings in the latest delta (drive/rs-dapi image re-pin migration mirrors the neighboring tenderdash pattern and includes a unit test).
🟡 2 suggestion(s)
Findings not posted inline (1)
These findings could not be anchored to the current diff, but they are still part of this review.
- [SUGGESTION]
qa-contract/package.json:19: Stale rc.2 SDK range in standalone qa-contract package — This release PR bumpspackages/js-evo-sdk/package.jsonto the final4.0.0(verified at line 3), but the standaloneqa-contractpackage still declares@dashevo/evo-sdkat^4.0.0-rc.2. Sinceqa-contractis intentionally kept outside the Yarn workspace and installed directly via `npm ins...
🤖 Prompt for all review comments with AI agents
These findings are from an automated code review. Verify each finding against the current code and only fix it if needed.
In `qa-contract/package.json`:
- [SUGGESTION] qa-contract/package.json:19: Stale rc.2 SDK range in standalone qa-contract package
This release PR bumps `packages/js-evo-sdk/package.json` to the final `4.0.0` (verified at line 3), but the standalone `qa-contract` package still declares `@dashevo/evo-sdk` at `^4.0.0-rc.2`. Since `qa-contract` is intentionally kept outside the Yarn workspace and installed directly via `npm install`, the 4.0.0 release tag publicly advertises an RC-based SDK dependency for this in-repo consumer. The caret range does resolve to 4.0.0, so this is not a functional break — but a release/version-bump PR is the right moment to normalize the range so no install log or lockfile references the RC prerelease.
- [SUGGESTION] qa-contract/package.json:19: Stale rc.2 SDK range in standalone qa-contract package
This release PR bumps `packages/js-evo-sdk/package.json` to the final `4.0.0` (verified at line 3), but the standalone `qa-contract` package still declares `@dashevo/evo-sdk` at `^4.0.0-rc.2`. Since `qa-contract` is intentionally kept outside the Yarn workspace and installed directly via `npm install`, the 4.0.0 release tag publicly advertises an RC-based SDK dependency for this in-repo consumer. The caret range does resolve to 4.0.0, so this is not a functional break — but a release/version-bump PR is the right moment to normalize the range so no install log or lockfile references the RC prerelease.
Issue being fixed or feature implemented
Release new Dash Platform version
What was done?
How Has This Been Tested?
None
Breaking Changes
None
Checklist:
For repository code-owners and collaborators only
Summary by CodeRabbit