chore(deps): bump @opencode-ai/sdk from 1.3.0 to 1.4.3#332
chore(deps): bump @opencode-ai/sdk from 1.3.0 to 1.4.3#332dependabot[bot] wants to merge 1 commit intomainfrom
Conversation
Bumps [@opencode-ai/sdk](https://github.com/sst/opencode-sdk-js) from 1.3.0 to 1.4.3. - [Release notes](https://github.com/sst/opencode-sdk-js/releases) - [Changelog](https://github.com/anomalyco/opencode-sdk-js/blob/main/CHANGELOG.md) - [Commits](https://github.com/sst/opencode-sdk-js/commits) --- updated-dependencies: - dependency-name: "@opencode-ai/sdk" dependency-version: 1.4.3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
LabelsThe following labels could not be found: Please fix the above issues or remove invalid values from |
|
Codex usage limits have been reached for code reviews. Please check with the admins of this repo to increase the limits by adding credits. |
Issue Linking ReminderThis PR doesn't appear to have a linked issue. Consider linking to:
Using If this PR doesn't need an issue, you can ignore this message. |
✔️ Bundle Size Analysis
Bundle breakdown |
![claude[bot]](https://avatars.githubusercontent.com/in/1236702?s=60&v=4){kind=small}
There was a problem hiding this comment.
LGTM — straightforward lockfile-only dependency bump with no bugs found.
Extended reasoning...
Overview
This PR updates @opencode-ai/sdk from 1.3.0 to 1.4.3 in pnpm-lock.yaml. The only other change is the addition of cross-spawn@7.0.6 as a new transitive dependency of the SDK. No application code is modified.
Security Risks
Minimal. cross-spawn is a well-known, widely-used utility for cross-platform child process spawning. No auth, crypto, or data-exposure concerns arise from this change.
Level of Scrutiny
Low. This is a routine Dependabot lockfile bump touching a single file. The version jump (1.3.0 → 1.4.3) is a minor/patch range, and the bug hunting system found no issues.
Other Factors
No prior reviews from me on this PR. No outstanding unresolved comments. The change is entirely mechanical and follows the project's existing dependency management pattern.
Bumps @opencode-ai/sdk from 1.3.0 to 1.4.3.
Commits
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)