Skip to content

chore(deps): autoupdate 2026-06-22#48

Merged
github-actions[bot] merged 1 commit into
mainfrom
dependencies/auto-2026-06-22
Jun 22, 2026
Merged

chore(deps): autoupdate 2026-06-22#48
github-actions[bot] merged 1 commit into
mainfrom
dependencies/auto-2026-06-22

Conversation

@vzakharchenko

@vzakharchenko vzakharchenko commented Jun 22, 2026

Copy link
Copy Markdown
Member

Automated dependency update produced by .github/workflows/autoupdate.yml via scripts/update-dependencies.sh. Will auto-merge once required checks pass (see .github/workflows/automerge.yml).

Summary by CodeRabbit

  • Chores
    • Updated a key framework dependency to the latest major version in the sample application.

@vzakharchenko vzakharchenko added the dependencies_updated Automated dependency updates label Jun 22, 2026
@github-actions github-actions Bot enabled auto-merge June 22, 2026 20:52
@coderabbitai

coderabbitai Bot commented Jun 22, 2026

Copy link
Copy Markdown

Review Change Stack

📝 Walkthrough

Walkthrough

The @forge/bridge dependency in the sample app's frontend package.json is upgraded from ^5.17.0 to ^6.0.0. No other files or dependencies are modified.

Changes

@forge/bridge Major Version Bump

Layer / File(s) Summary
@forge/bridge version bump
examples/atlassian-connect-forge-spring-boot-sample/frontend/package.json
@forge/bridge version constraint changed from ^5.17.0 to ^6.0.0.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Possibly related PRs

Poem

🐇 A bunny hops in, version in paw,
Swaps five for six without a flaw.
@forge/bridge now leaps up high,
One line changed — oh my, oh my!
The carrot of progress tastes just right. 🥕

🚥 Pre-merge checks | ✅ 3 | ❌ 2

❌ Failed checks (1 warning, 1 inconclusive)

Check name Status Explanation Resolution
Description check ⚠️ Warning The PR description is minimal and lacks most required template sections (Summary, Type of change, Modules touched, Breaking change, How tested, Checklist), though it explains the automated nature of the update. Fill in the required template sections, particularly documenting the breaking change (v5.17.0 to v6.0.0), testing steps, and confirming which modules were touched.
Title check ❓ Inconclusive The title 'chore(deps): autoupdate 2026-06-22' is vague and generic, using a date-based description rather than clearly summarizing the main change (updating @forge/bridge to v6.0.0). Consider a more descriptive title like 'chore(deps): upgrade @forge/bridge to v6.0.0' to better communicate the specific dependency update.
✅ Passed checks (3 passed)
Check name Status Explanation
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch dependencies/auto-2026-06-22

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@sonarqubecloud

Copy link
Copy Markdown

@qltysh

qltysh Bot commented Jun 22, 2026

Copy link
Copy Markdown

Qlty


Coverage Impact

This PR will not change total coverage.

🚦 See full report on Qlty Cloud »

🛟 Help
  • Diff Coverage: Coverage for added or modified lines of code (excludes deleted files). Learn more.

  • Total Coverage: Coverage for the whole repository, calculated as the sum of all File Coverage. Learn more.

  • File Coverage: Covered Lines divided by Covered Lines plus Missed Lines. (Excludes non-executable lines including blank lines and comments.)

    • Indirect Changes: Changes to File Coverage for files that were not modified in this PR. Learn more.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@examples/atlassian-connect-forge-spring-boot-sample/frontend/package.json`:
- Line 17: The `@forge/bridge` dependency version ^6.0.0 specified in the
package.json does not exist on npm, which will cause installation to fail.
Update the version from ^6.0.0 to 5.17.0 (the current available version on npm),
verify the version exists in the official npm registry, and test the updated
dependency against the invokeRemote and invokeService API calls used in forge.ts
and container.ts to ensure compatibility.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 8305492e-8549-4ff9-8ec7-40a900b15b6d

📥 Commits

Reviewing files that changed from the base of the PR and between 619eda7 and 41aec27.

⛔ Files ignored due to path filters (1)
  • examples/atlassian-connect-forge-spring-boot-sample/frontend/package-lock.json is excluded by !**/package-lock.json
📒 Files selected for processing (1)
  • examples/atlassian-connect-forge-spring-boot-sample/frontend/package.json

},
"dependencies": {
"@forge/bridge": "^5.17.0",
"@forge/bridge": "^6.0.0",

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "== package.json dependency line =="
rg -n '"`@forge/bridge`"\s*:' examples/atlassian-connect-forge-spring-boot-sample/frontend/package.json

echo
echo "== lockfile resolved version =="
rg -n '"`@forge/bridge`"|\"version\": \"6\.0\.0\"|\"resolved\": \"https://registry\.npmjs\.org/@forge/bridge/-/bridge-6\.0\.0\.tgz\"' \
  examples/atlassian-connect-forge-spring-boot-sample/frontend/package-lock.json -C2

echo
echo "== frontend imports from `@forge/bridge` =="
rg -n --type=ts --type=tsx --type=js --type=jsx --type=mjs --type=cjs \
  'from\s+["'\'']`@forge/bridge`["'\'']|require\(\s*["'\'']`@forge/bridge`["'\'']\s*\)' \
  examples/atlassian-connect-forge-spring-boot-sample/frontend -C2 || true

echo
echo "== symbol-level usage candidates =="
rg -n --type=ts --type=tsx --type=js --type=jsx \
  '\b(invoke|view|requestJira|requestConfluence|router|events|showFlag|modal|theme)\b' \
  examples/atlassian-connect-forge-spring-boot-sample/frontend -C1 || true

Repository: forge-sql-orm/atlassian-runtime-bridge

Length of output: 408


🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "== package.json dependency line =="
rg -n '`@forge/bridge`' examples/atlassian-connect-forge-spring-boot-sample/frontend/package.json

echo
echo "== lockfile version info =="
rg -n '`@forge/bridge`' examples/atlassian-connect-forge-spring-boot-sample/frontend/package-lock.json -A 2 -B 1 | head -50

echo
echo "== frontend imports from `@forge/bridge` =="
rg -n 'from.*`@forge/bridge`|require.*`@forge/bridge`' examples/atlassian-connect-forge-spring-boot-sample/frontend --type=ts --type=tsx --type=js --type=jsx || echo "(no direct imports found)"

echo
echo "== frontend source files =="
find examples/atlassian-connect-forge-spring-boot-sample/frontend -type f \( -name "*.ts" -o -name "*.tsx" -o -name "*.js" -o -name "*.jsx" \) | grep -v node_modules | head -20

Repository: forge-sql-orm/atlassian-runtime-bridge

Length of output: 2533


🌐 Web query:

@forge/bridge v6.0.0 release notes breaking changes migration

💡 Result:

I can’t find any official Atlassian Forge source that describes “@forge/bridge v6.0.0” or “@forge/bridge v6.0.0 release notes / breaking changes / migration”. In the official Forge ecosystem, the bridge package historically jumped major versions without a dedicated per-major “v6.0.0” migration guide being discoverable from the official docs. For example, Atlassian’s Forge changelog page is the source of truth, but it doesn’t surface a specific “bridge v6.0.0 breaking changes migration” artifact in the results I found [1]. What I did find (and what’s likely the source of the confusion): 1) The value “v6.0.0” in your query resolves to a completely unrelated project (electron/forge), not the Atlassian @forge/bridge package, because electron/forge has a “v6.0.0” release page with breaking-change text [2]. 2) Community discussion indicates that Atlassian sometimes records breaking changes for @forge/bridge major bumps as scattered entries across the main Forge changelog rather than a dedicated migration page per major version [3]. 3) The official @forge/bridge docs explain how to use @forge/bridge generally, but not a “v6.0.0” migration [4]. Next steps (fast way to get the real answer): - Confirm the package/version you mean: a) Atlassian Forge package: @forge/bridge (please provide the exact version string you’re targeting and whether it’s 4.x→5.x, 5.x→6.x, etc.). b) If you really meant “forge” tooling: electron/forge (it has a v6.0.0 release with breaking changes, but that’s not @forge/bridge) [2]. - If you confirm the exact @forge/bridge version, I can re-run the search specifically for that version’s changelog/CHANGELOG.md entry inside the @forge/bridge package or the matching Forge changelog entries [1]. If you reply with the exact version you’re migrating FROM and TO (e.g., “@forge/bridge 5.1.0 -> 6.0.0”), I’ll produce a precise, source-backed list of breaking changes and a concrete migration checklist.

Citations:


🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "== Check all imports/requires in frontend code =="
rg -n "^import|^export|require\(" examples/atlassian-connect-forge-spring-boot-sample/frontend/src --type=ts -A 1 | head -100

echo
echo "== Check for `@forge` references anywhere =="
rg -n "`@forge`" examples/atlassian-connect-forge-spring-boot-sample/frontend/src --type=ts || echo "(no `@forge` references found)"

echo
echo "== Check package.json to understand if `@forge/bridge` is direct or transitive =="
cat examples/atlassian-connect-forge-spring-boot-sample/frontend/package.json | grep -A 10 '"dependencies"'

Repository: forge-sql-orm/atlassian-runtime-bridge

Length of output: 8644


🌐 Web query:

@forge/bridge npm package what is it used for Atlassian

💡 Result:

The @forge/bridge npm package is a JavaScript API provided by Atlassian that enables Forge apps—specifically those built using UI Kit or Custom UI—to interact securely with the Atlassian platform from the frontend [1][2]. Key functions of the package include: - Communicating with Backend Resolvers: It provides the invoke method, which allows the frontend to call backend functions (resolvers) hosted on the Atlassian platform [3][4]. - Making API Requests: It includes methods like requestConfluence that allow apps to call Atlassian REST APIs directly from the frontend [5]. - Integrating with Remote Backends: It offers the invokeRemote method, which enables apps to perform requests to external, remote backends hosted outside of the Atlassian platform [6]. Essentially, @forge/bridge acts as the secure communication bridge between the client-side user interface of an app and the server-side logic or external services [1][3]. Developers typically import it into their frontend code (e.g., App.js) to trigger these actions [1][2][3]. Note: For specific Jira UI interactions, developers may also use the related @forge/jira-bridge package [7].

Citations:


🌐 Web query:

@forge/bridge v6.0.0 invokeRemote invokeService breaking changes

💡 Result:

As of June 22, 2026, there is no public record of a v6.0.0 release for the @forge/bridge package [1][2]. Recent major version updates for the @forge/bridge package have followed a different versioning path. For instance, developers have observed version shifts such as 4.5.2 to 5.1.0 [1]. Official Atlassian documentation continues to reference invokeRemote and invokeService under the standard @forge/bridge API patterns [3][4][5], with no indicated breaking changes attributed to a v6.0.0 release [1]. It is possible that confusion has arisen from other tools in the ecosystem—such as electron/forge, which has a well-documented v6.0.0 release [6]—or from speculative versioning. If you are encountering issues, ensure you are referencing the official Atlassian documentation for the current API signatures: 1. invokeRemote: Used for proxying requests through the Forge platform. It accepts an input object with path, method, headers, and body [3][4]. 2. invokeService: Used for invoking container services, with distinct import sources depending on whether it is called from the frontend (@forge/bridge) or the backend (@forge/api) [5]. For definitive information on package changes, always consult the CHANGELOG.md file located directly within your local node_modules/@forge/bridge directory or the official Atlassian Developer changelog [1].

Citations:


🌐 Web query:

site:npmjs.com @forge/bridge versions 6.0.0 changelog

💡 Result:

As of June 22, 2026, version 6.0.0 of the @forge/bridge package does not exist [1]. The current version of @forge/bridge on npm is 5.17.0, which was published on June 11, 2026 [1]. There is no publicly available changelog for a 6.0.0 release because that version has not been published [1]. Official release information and changelogs for Forge packages can be tracked through the Atlassian Forge developer changelog page at https://developer.atlassian.com/platform/forge/changelog/ [1].

Citations:


🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "== Inspect forge.ts usage of invokeRemote =="
rg -n "invokeRemote" examples/atlassian-connect-forge-spring-boot-sample/frontend/src/main/resources/javascript/forge.ts -B 2 -A 5

echo
echo "== Inspect container.ts usage of invokeService =="
rg -n "invokeService" examples/atlassian-connect-forge-spring-boot-sample/frontend/src/main/resources/javascript/container.ts -B 2 -A 5

Repository: forge-sql-orm/atlassian-runtime-bridge

Length of output: 1118


@forge/bridge v6.0.0 does not exist on npm; current version is 5.17.0.

This dependency bump would fail at install time. Verify the intended version against the official npm registry and the Atlassian Forge changelog. The code uses invokeRemote and invokeService APIs (in forge.ts and container.ts), so any version update should be tested against those call sites.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@examples/atlassian-connect-forge-spring-boot-sample/frontend/package.json` at
line 17, The `@forge/bridge` dependency version ^6.0.0 specified in the
package.json does not exist on npm, which will cause installation to fail.
Update the version from ^6.0.0 to 5.17.0 (the current available version on npm),
verify the version exists in the official npm registry, and test the updated
dependency against the invokeRemote and invokeService API calls used in forge.ts
and container.ts to ensure compatibility.

@codacy-production

Copy link
Copy Markdown

Up to standards ✅

🟢 Issues 0 issues

Results:
0 new issues

View in Codacy

NEW Get contextual insights on your PRs based on Codacy's metrics, along with PR and Jira context, without leaving GitHub. Enable AI reviewer
TIP This summary will be updated as you push new changes.

@github-actions github-actions Bot merged commit 10d39f6 into main Jun 22, 2026
13 checks passed
@vzakharchenko vzakharchenko deleted the dependencies/auto-2026-06-22 branch June 23, 2026 03:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies_updated Automated dependency updates

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant