Bump rowbot/url from 1.1.1 to 4.1.0#370
Open
dependabot[bot] wants to merge 1 commit into
Open
Conversation
dj4oC
reviewed
Jul 8, 2026
dj4oC
left a comment
Contributor
There was a problem hiding this comment.
Dependabot PR (rowbot/url 1.1.1 → 4.1.0), auto-rebase disabled after >30 days open.
- Security: no findings — routine dev-dependency bump, no CVE indicated in the bump itself.
- Stability: no findings.
- Performance: no findings.
- Test coverage: n/a (dependency bump only).
- TODOs found: none.
- Dependency touched: yes — confirmed covered by
dependabot.yml(this PR is Dependabot's own output). - CI status: failing —
Commits / Validate semantic commits. All PHP Unit/Code Style jobs pass. This is very likely the same systemic cause seen across multiple ownCloud repos right now: Dependabot's default commit message (Bump X from Y to Z) doesn't satisfy this repo's conventional-commit lint rule, so every Dependabot PR here fails that one check regardless of the bump's safety. Fix belongs at the repo config level — either set acommit-message.prefixindependabot.yml(e.g.chore(deps)) so generated commits pass the lint, or add a lint-config exception fordependabot[bot]-authored commits. Not something to patch on this individual PR branch. - Stale review: no (no named human reviewer requested).
Verdict
Commenting — not approving while CI is red; the fix needed is a one-time repo config change (see above), not a per-PR change.
🤖 Automated review by Claude Code (security · stability · performance · coverage)
Generated by Claude Code
dj4oC
approved these changes
Jul 9, 2026
dj4oC
left a comment
Contributor
There was a problem hiding this comment.
- Security: no findings
- Stability: no findings — routine composer patch bump, no breaking change
- Performance: no findings
- Test coverage: N/A (dependency bump only)
- TODOs found: none
- Dependency touched: yes — confirmed covered by dependabot.yml (composer ecosystem)
- CI status: all green
- Stale review: no
Dependabot fast-lane: CI green, no open questions, no CVE regression. Auto-merging per policy.
Generated by Claude Code
Member
|
@dependabot rebase |
Bumps [rowbot/url](https://github.com/TRowbotham/URL-Parser) from 1.1.1 to 4.1.0. - [Release notes](https://github.com/TRowbotham/URL-Parser/releases) - [Changelog](https://github.com/TRowbotham/URL-Parser/blob/master/CHANGELOG.md) - [Commits](TRowbotham/URL-Parser@1.1.1...4.1.0) --- updated-dependencies: - dependency-name: rowbot/url dependency-version: 4.1.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
beed938 to
173665f
Compare
Member
|
Holding: CI is failing (not a rebase conflict). Failing check(s): Commits / Validate semantic commits, lint. A rebase won't fix this — needs a human/upstream fix. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps rowbot/url from 1.1.1 to 4.1.0.
Release notes
Sourced from rowbot/url's releases.
... (truncated)
Changelog
Sourced from rowbot/url's changelog.
... (truncated)
Commits
3087a67Prepare 4.1.0 release1931bb6Fix tests7b1697fSync tests with changes in the WPTe5aaf70Bump rowbot/idna version07b9606Bump codecov action12b2a29Document URL::parse()b18f073Fix condition for installing dependencies5e0d0f7Test on PHP 8.4d7f106cRevert "Downgrade ubuntu to avoid broken runner"81cfac1Downgrade ubuntu to avoid broken runner