Skip to content

chore(runtime):SP-4382 bump runtime container to v1.52.1#56

Merged
agustingroh merged 1 commit into
mainfrom
chore/SP-4382-bump-runtime-to-v1.52.1
May 11, 2026
Merged

chore(runtime):SP-4382 bump runtime container to v1.52.1#56
agustingroh merged 1 commit into
mainfrom
chore/SP-4382-bump-runtime-to-v1.52.1

Conversation

@agustingroh
Copy link
Copy Markdown
Collaborator

@agustingroh agustingroh commented May 11, 2026
edited by coderabbitai Bot
Loading

Summary by CodeRabbit

  • Chores
    • Extended version updated to 1.7.1
    • Code scanner runtime container upgraded to the latest compatible version for improved stability, security, and performance

Review Change Stack

@agustingroh agustingroh requested a review from eeisegn May 11, 2026 13:30
@coderabbitai
Copy link
Copy Markdown

coderabbitai Bot commented May 11, 2026
edited
Loading

📝 Walkthrough

Walkthrough

This PR upgrades the scanoss-py dependency from v1.46.0 to v1.52.1 and bumps the extension version to 1.7.1. Version metadata in package manifests and task definitions are incremented, the runtime container image reference is updated in code and configuration, and documentation and changelog entries are added to reflect the upgrade.

Changes

Extension Version and Dependency Upgrade

Layer / File(s) Summary
Version Metadata Updates
codescantask/package.json, vss-extension.json, vss-extension-dev.json, codescantask/task.json		 Package version bumped to 1.7.1; extension manifest versions updated to 1.7.1 and 1.8.0 (dev); task patch version incremented to 1.
Runtime Container Configuration
codescantask/app.input.ts, codescantask/task.json		 RUNTIME_CONTAINER constant and task input default updated from ghcr.io/scanoss/scanoss-py:v1.46.0 to ghcr.io/scanoss/scanoss-py:v1.52.1.
Documentation and Changelog Updates
codescantask/services/scan.service.ts, OVERVIEW.md, CHANGELOG.md		 JSDoc comment for Options.runtimeContainer updated; OVERVIEW.md action input table reflects new default image; CHANGELOG.md entry created for v1.7.1 release with upgrade note and version link references added.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Possibly related PRs

  • scanoss/ado-code-scan#55: Updates the same runtime container default across task and app configuration files.
  • scanoss/ado-code-scan#54: Modifies the same configuration entries and documentation for RUNTIME_CONTAINER and runtimeContainer defaults.

Suggested labels

enhancement

Suggested reviewers

  • eeisegn

Poem

🐰 Hops through dependencies, version by version,
From forty-six to fifty-two, a scanner's ascension,
Manifests aligned, docs gleam bright,
One-point-seven-one shines forth in the night!

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title clearly and specifically describes the main change: bumping the runtime container to v1.52.1, which is the primary modification across all files in this changeset.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch chore/SP-4382-bump-runtime-to-v1.52.1

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@agustingroh agustingroh changed the title chore(runtime):SP-4382 bomp runtime container to v1.52.1 chore(runtime):SP-4382 bump runtime container to v1.52.1 May 11, 2026
@agustingroh agustingroh force-pushed the chore/SP-4382-bump-runtime-to-v1.52.1 branch from 555ca9c to 8f1342e Compare May 11, 2026 13:31
@agustingroh agustingroh force-pushed the chore/SP-4382-bump-runtime-to-v1.52.1 branch from 8f1342e to 7542d10 Compare May 11, 2026 14:02
coderabbitai[bot]
coderabbitai Bot reviewed May 11, 2026
View reviewed changes
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@codescantask/app.input.ts`:
- Line 40: RUNTIME_CONTAINER is set to a mutable tag which allows image drift;
replace the tag value ("ghcr.io/scanoss/scanoss-py:v1.52.1") with the immutable
digest form ("ghcr.io/scanoss/scanoss-py@sha256:<resolved_digest>") in
codescantask/app.input.ts (RUNTIME_CONTAINER), and make the identical digest
substitution for every other occurrence (task.json, scan.service.ts, and any
docs) so all defaults reference the same sha256 digest string for reproducible,
pinned runtime images.

In `@vss-extension-dev.json`:
- Line 5: The DEV manifest's "version" field currently reads "1.8.0" and must be
changed to match the release artifacts' "1.7.1"; update the "version" value in
vss-extension-dev.json (the "version" property) from 1.8.0 to 1.7.1 so the
manifest aligns with the rest of this release cycle and avoids packaging/publish
traceability issues.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 53ea8409-778a-49c3-aa7d-f57ea1bfbc45

📥 Commits

Reviewing files that changed from the base of the PR and between 059e918 and 7542d10.

⛔ Files ignored due to path filters (1)
  • codescantask/package-lock.json is excluded by !**/package-lock.json
📒 Files selected for processing (8)
  • CHANGELOG.md
  • OVERVIEW.md
  • codescantask/app.input.ts
  • codescantask/package.json
  • codescantask/services/scan.service.ts
  • codescantask/task.json
  • vss-extension-dev.json
  • vss-extension.json

Comment thread codescantask/app.input.ts
Comment thread vss-extension-dev.json
@agustingroh agustingroh merged commit 4d05da0 into main May 11, 2026
2 checks passed
@agustingroh agustingroh deleted the chore/SP-4382-bump-runtime-to-v1.52.1 branch May 11, 2026 14:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@eeisegn eeisegn eeisegn approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@agustingroh @eeisegn