Update mobile apps to 1.1.186, fix bundlesize #13664
Conversation
|
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 2 potential issues.
Bugbot Autofix is OFF. To automatically fix reported issues with Cloud Agents, enable Autofix in the Cursor dashboard.
This is the final PR Bugbot will review for you during this billing cycle
Your free Bugbot reviews will reset on March 5
Details
You are on the Bugbot Free tier. On this plan, Bugbot will review limited PRs each billing cycle.
To receive Bugbot reviews on all of your PRs, visit the Cursor dashboard to activate Pro and start your 14-day free trial.
| "analyze": "env-cmd ./env/.env.bundle npm run build:prod", | ||
| "analyze:ssr": "env-cmd ./env/.env.bundle npm run build:ssr:prod", | ||
| "bundlesize:prod": "bundlesize --config bundlesize.prod.config.json", | ||
| "postinstall": "node scripts/apply-bundlesize-patch.js", |
There was a problem hiding this comment.
Postinstall references missing patch script file
High Severity
The newly added postinstall script references scripts/apply-bundlesize-patch.js, but this file does not exist anywhere in the repository. Every npm install for the @audius/web package will fail with a "Cannot find module" error, breaking the install process for all developers and CI pipelines.
| "browserify-zlib": "0.2.0", | ||
| "buffer": "6.0.3", | ||
| "bundlesize": "1.0.0-beta.2", | ||
| "bundlesize": "0.18.2", |
There was a problem hiding this comment.
Lock file bundlesize version mismatches package.json
Medium Severity
The package-lock.json entry for packages/web was changed to list bundlesize as 0.18.2, but packages/web/package.json still specifies "bundlesize": "1.0.0-beta.2" in devDependencies. This mismatch will cause npm ci to fail and npm install to regenerate the lock file with unintended changes.
1 participant
Note
Medium Risk
Includes native mobile dependency/version bumps and modifies install-time behavior via a new
postinstallscript, which can affect CI/build reproducibility if the patch script or dependency resolutions differ across environments.Overview
Bumps the mobile app release versions (Android
versionNameto1.1.518, iOSCFBundleShortVersionStringto1.1.186) and updates iOS CocoaPods lockfile entries, includingreact-native-netinfoand@react-native-clipboard/clipboardversions and their resolved paths.Fixes web build tooling by downgrading
bundlesizeto0.18.2, adding apostinstallhook to apply a local bundlesize patch, and updatingpackage-lock.jsonwith newly-resolved dependency entries (e.g.,bn.js,redux,symbol-observable,@types/bn.js).Written by Cursor Bugbot for commit d593fa2. This will update automatically on new commits. Configure here.