Skip to content

fix!: Shift our prior breaking change to gracefully leverage our UCP transition schema#196

Merged
drewolson-google merged 2 commits intomainfrom
raginpirate/transition_fulfillment_id_to_optional
Feb 25, 2026
Merged

fix!: Shift our prior breaking change to gracefully leverage our UCP transition schema#196
drewolson-google merged 2 commits intomainfrom
raginpirate/transition_fulfillment_id_to_optional

Conversation

@raginpirate
Copy link
Contributor

@raginpirate raginpirate commented Feb 20, 2026

Description

A quick fix to leverage the new ucp transition schema introduced by Universal-Commerce-Protocol/ucp-schema#6 for the accidentally breaking schema diff merged in #143

Type of change

  • Bug fix (non-breaking change which fixes an issue)
  • Breaking change (fix or feature that would cause existing
    functionality to not work as expected, including removal of schema files
    or fields    )

Is this a Breaking Change or Removal?

If you checked "Breaking change" above, or if you are removing any schema
files or fields:

  • I have added ! to my PR title (e.g., feat!: remove field).
  • I have added justification below.
## Breaking Changes / Removal Justification

This corrects the breaking change accidentally introduced in https://github.com/Universal-Commerce-Protocol/ucp/pull/143
Marking this fix as breaking as well since we're swinging back to the right state, in a technically re-breaking way.

Checklist

  • My code follows the style guidelines of this project
  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • My changes generate no new warnings
  • I have added tests that prove my fix is effective or that my feature works
  • New and existing unit tests pass locally with my changes
  • Any dependent changes have been merged and published in downstream modules

@raginpirate raginpirate self-assigned this Feb 20, 2026
@raginpirate raginpirate requested a review from a team February 20, 2026 16:54
@github-actions
Copy link
Contributor

github-actions bot commented Feb 20, 2026

Super-linter summary

Language Validation result
BIOME_LINT Pass ✅
GIT_MERGE_CONFLICT_MARKERS Pass ✅
JSON Pass ✅
PRE_COMMIT Pass ✅
TRIVY Fail ❌

Super-linter detected linting errors

For more information, see the
GitHub Actions workflow run

Powered by Super-linter

TRIVY 

Report Summary

┌───────────────────┬──────┬─────────────────┬───────────────────┬─────────┐
│      Target       │ Type │ Vulnerabilities │ Misconfigurations │ Secrets │
├───────────────────┼──────┼─────────────────┼───────────────────┼─────────┤
│ package-lock.json │ npm  │        1        │         -         │    -    │
├───────────────────┼──────┼─────────────────┼───────────────────┼─────────┤
│ uv.lock           │  uv  │        0        │         -         │    -    │
└───────────────────┴──────┴─────────────────┴───────────────────┴─────────┘
Legend:
- '-': Not scanned
- '0': Clean (no security findings detected)


For OSS Maintainers: VEX Notice
--------------------------------
If you're an OSS maintainer and Trivy has detected vulnerabilities in your project that you believe are not actually exploitable, consider issuing a VEX (Vulnerability Exploitability eXchange) statement.
VEX allows you to communicate the actual status of vulnerabilities in your project, improving security transparency and reducing false positives for your users.
Learn more and start using VEX: https://trivy.dev/docs/v0.69/guide/supply-chain/vex/repo#publishing-vex-documents

To disable this notice, set the TRIVY_DISABLE_VEX_NOTICE environment variable.


package-lock.json (npm)
=======================
Total: 1 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 1, CRITICAL: 0)

┌───────────┬────────────────┬──────────┬────────┬───────────────────┬───────────────┬───────────────────────────────────────────────────┐
│  Library  │ Vulnerability  │ Severity │ Status │ Installed Version │ Fixed Version │                       Title                       │
├───────────┼────────────────┼──────────┼────────┼───────────────────┼───────────────┼───────────────────────────────────────────────────┤
│ minimatch │ CVE-2026-26996 │ HIGH     │ fixed  │ 3.1.2             │ 10.2.1        │ minimatch has a ReDoS via repeated wildcards with │
│           │                │          │        │                   │               │ non-matching literal in pattern...                │
│           │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2026-26996        │
└───────────┴────────────────┴──────────┴────────┴───────────────────┴───────────────┴───────────────────────────────────────────────────┘

@raginpirate raginpirate force-pushed the raginpirate/transition_fulfillment_id_to_optional branch from 1738e95 to 418e51e Compare February 20, 2026 23:56
@raginpirate raginpirate requested a review from a team as a code owner February 20, 2026 23:56
@github-actions
Copy link
Contributor

github-actions bot commented Feb 20, 2026

Super-linter summary

Language Validation result
BIOME_LINT Pass ✅
GIT_MERGE_CONFLICT_MARKERS Pass ✅
JSON Pass ✅
PRE_COMMIT Pass ✅
TRIVY Pass ✅

All files and directories linted successfully

For more information, see the
GitHub Actions workflow run

Powered by Super-linter

@raginpirate raginpirate force-pushed the raginpirate/transition_fulfillment_id_to_optional branch from 418e51e to 2618274 Compare February 23, 2026 12:42
@github-actions
Copy link
Contributor

github-actions bot commented Feb 23, 2026

Super-linter summary

Language Validation result
BIOME_LINT Pass ✅
GIT_MERGE_CONFLICT_MARKERS Pass ✅
JSON Pass ✅
PRE_COMMIT Pass ✅
TRIVY Pass ✅

All files and directories linted successfully

For more information, see the
GitHub Actions workflow run

Powered by Super-linter

@wry-ry wry-ry force-pushed the raginpirate/transition_fulfillment_id_to_optional branch from 2618274 to 5827f2d Compare February 24, 2026 06:43
@github-actions
Copy link
Contributor

github-actions bot commented Feb 24, 2026

Super-linter summary

Language Validation result
BIOME_LINT Pass ✅
GIT_MERGE_CONFLICT_MARKERS Pass ✅
JSON Pass ✅
PRE_COMMIT Pass ✅
TRIVY Pass ✅

All files and directories linted successfully

For more information, see the
GitHub Actions workflow run

Powered by Super-linter

@igrigorik igrigorik added the TC review Ready for TC review label Feb 25, 2026
@igrigorik igrigorik added this to the Working Draft milestone Feb 25, 2026
@github-actions
Copy link
Contributor

github-actions bot commented Feb 25, 2026

Super-linter summary

Language Validation result
BIOME_LINT Pass ✅
GIT_MERGE_CONFLICT_MARKERS Pass ✅
JSON Pass ✅
PRE_COMMIT Pass ✅
TRIVY Pass ✅

All files and directories linted successfully

For more information, see the
GitHub Actions workflow run

Powered by Super-linter

@drewolson-google drewolson-google merged commit bdbebfa into main Feb 25, 2026
11 checks passed
@drewolson-google drewolson-google deleted the raginpirate/transition_fulfillment_id_to_optional branch February 25, 2026 13:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@igrigorik igrigorik igrigorik approved these changes

@drewolson-google drewolson-google drewolson-google approved these changes

Assignees

@raginpirate raginpirate

Labels

TC review Ready for TC review

Projects

None yet

Milestone

Working Draft

Development

Successfully merging this pull request may close these issues.

3 participants

@raginpirate @igrigorik @drewolson-google