ci(nightly): re-pin bundle lfx deps to lfx-nightly during nightly build#13208
Merged
Conversation
The nightly pipeline renames the workspace `lfx` package to `lfx-nightly`
in `src/lfx/pyproject.toml` and the root workspace dep, but leaves each
`src/bundles/*/pyproject.toml`'s `"lfx>=X.Y,<Z"` pin unchanged. With the
workspace `lfx` gone and PyPI still on lfx 0.4.3, the create-nightly-tag
job's `uv lock` fails:
× No solution found when resolving dependencies for split [...]
╰─▶ Because only lfx<=0.4.3 is available and lfx-arxiv depends on
lfx>=0.5.0,<0.6.0, we can conclude that lfx-arxiv's requirements
are unsatisfiable.
`update_lfx_version.py` now also rewrites the `lfx` (or already-rewritten
`lfx-nightly`) specifier in every `src/bundles/*/pyproject.toml` to
`lfx-nightly==<dev version>`, mirroring how `update_lf_base_dependency`
re-pins the lfx dep inside `langflow-base`. The lookahead in the regex
prevents matching sibling packages like `lfx-arxiv` / `lfx-duckduckgo`.
No-op when no bundle pyprojects exist (e.g. on main today), so this is
safe to merge ahead of the bundle extraction landing on main. Restored
the guarded `git add src/bundles/*/pyproject.toml` step so the modified
bundle pyprojects ride the same commit/tag as the rest of the nightly
version bumps.
Cherry-pick to release-1.10.0 to unblock nightlies cut from that branch.
Contributor
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (3)
WalkthroughThe PR integrates bundle-level LFX dependency pinning into nightly builds. A Python utility now rewrites LFX dependency specifications in bundle ChangesNightly Bundle Dependency Synchronization
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~20 minutes Possibly related PRs
Suggested labels
Important Pre-merge checks failedPlease resolve all errors before merging. Addressing warnings is optional. ❌ Failed checks (1 error, 1 warning)
✅ Passed checks (7 passed)
✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #13208 +/- ##
==========================================
- Coverage 53.12% 53.06% -0.07%
==========================================
Files 2033 2033
Lines 184171 184171
Branches 26195 27723 +1528
==========================================
- Hits 97843 97725 -118
- Misses 85219 85337 +118
Partials 1109 1109
Flags with carried forward coverage won't be shown. Click here to find out more. 🚀 New features to boost your workflow:
|
Contributor
Frontend Unit Test Coverage ReportCoverage Summary
Unit Test Results
|
erichare
added a commit
that referenced
this pull request
May 19, 2026
… (#13210) * ci: stop publishing -nightly bundle variants; release bundles on demand (#13206) Bundles (lfx-arxiv, lfx-duckduckgo) change infrequently enough that a nightly cadence is overkill. Drop the rename-to-`-nightly` and bundle publish lanes from the nightly pipeline and add a dedicated workflow_dispatch-only release_bundles.yml for purposeful releases. - nightly_build.yml: drop update_bundle_versions.py invocation and the src/bundles/*/pyproject.toml git-add guard. - release_nightly.yml: remove build-nightly-bundles and publish-nightly-bundles jobs; untether test-cross-platform and publish-nightly-main from them. - release_bundles.yml (new): build all src/bundles/* wheels, run a cross-OS install smoke test, then publish to PyPI under their stable names. Tolerates already-published versions so re-runs without a version bump are no-ops. release.yml still owns bundle publishing as part of main releases. Manual follow-up (PyPI admin): delete the lfx-arxiv-nightly and lfx-duckduckgo-nightly projects from PyPI. * ci(release_bundles): build lfx wheel locally for smoke test (#13207) The release_bundles.yml smoke test installs bundle wheels into a fresh venv, which makes uv resolve their `lfx>=X.Y,<Z` pin against PyPI. When bundles are released ahead of a matching lfx (typical case — bundles ship more often than lfx bumps land on PyPI), the resolve fails: Because only lfx<=0.4.3 is available and lfx-arxiv==0.1.0 depends on lfx>=0.5.0,<0.6.0, we can conclude that lfx-arxiv==0.1.0 cannot be used. Build the lfx wheel from the current ref in the build-bundles job and install it alongside the bundle wheels in the smoke test. The lfx wheel ships as a separate `dist-lfx-smoketest` artifact and is NOT included in the publish-bundles step — only the `dist-bundles` artifact gets pushed to PyPI. * ci(nightly): re-pin bundle lfx deps to lfx-nightly during nightly build (#13208) The nightly pipeline renames the workspace `lfx` package to `lfx-nightly` in `src/lfx/pyproject.toml` and the root workspace dep, but leaves each `src/bundles/*/pyproject.toml`'s `"lfx>=X.Y,<Z"` pin unchanged. With the workspace `lfx` gone and PyPI still on lfx 0.4.3, the create-nightly-tag job's `uv lock` fails: × No solution found when resolving dependencies for split [...] ╰─▶ Because only lfx<=0.4.3 is available and lfx-arxiv depends on lfx>=0.5.0,<0.6.0, we can conclude that lfx-arxiv's requirements are unsatisfiable. `update_lfx_version.py` now also rewrites the `lfx` (or already-rewritten `lfx-nightly`) specifier in every `src/bundles/*/pyproject.toml` to `lfx-nightly==<dev version>`, mirroring how `update_lf_base_dependency` re-pins the lfx dep inside `langflow-base`. The lookahead in the regex prevents matching sibling packages like `lfx-arxiv` / `lfx-duckduckgo`. No-op when no bundle pyprojects exist (e.g. on main today), so this is safe to merge ahead of the bundle extraction landing on main. Restored the guarded `git add src/bundles/*/pyproject.toml` step so the modified bundle pyprojects ride the same commit/tag as the rest of the nightly version bumps. Cherry-pick to release-1.10.0 to unblock nightlies cut from that branch.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
uv lockin the nightlycreate-nightly-tagjob fails on branches that ship bundle pyprojects (e.g.release-1.10.0):Same shape as #13207. Nightly renames the workspace
lfxpackage tolfx-nightlyand updates the workspace dep in the root pyproject, but eachsrc/bundles/*/pyproject.tomlstill pins"lfx>=0.5.0,<0.6.0"against the package name that no longer exists in the workspace — and PyPI only haslfx 0.4.3.What changed
scripts/ci/update_lfx_version.py— addedupdate_lfx_dep_in_bundles(lfx_version). Iteratessrc/bundles/*/pyproject.tomland rewrites any"lfx[<>=!~]..."or already-rewritten"lfx-nightly==..."spec to"lfx-nightly==<dev version>". A regex lookahead requires a version operator immediately after the package name, so sibling packages likelfx-arxiv/lfx-duckduckgoare not matched. Called fromupdate_lfx_for_nightlyafter the existing SDK rewrite..github/workflows/nightly_build.yml— restored the guardedgit add src/bundles/*/pyproject.tomlstep so the rewritten bundle pyprojects ride the same commit/tag as the other version bumps.No-op on branches without bundle pyprojects (e.g.
maintoday), so this is safe to merge ahead of the bundle extraction landing onmain.Verification
Inline regex tests covered:
"lfx>=0.5.0,<0.6.0""lfx-nightly==<v>""lfx-nightly==0.5.0.dev10""lfx-nightly==<v>"(idempotent re-runs)"lfx-arxiv>=0.1.0""lfx-duckduckgo>=0.1.0""defusedxml>=0.7.1,<1.0.0"Functional test against a fake workspace with three bundle pyprojects (one with
lfx>=..., one already onlfx-nightly==..., one with nolfxdep) confirmed the script rewrites only the first two and skips the third.Cherry-pick to
release-1.10.0to unblock nightlies cut from that branch.Summary by CodeRabbit