Skip to content

chore: add breaking API change detection#53

Merged
timonrieger merged 3 commits intomainfrom
check-breaking
Feb 4, 2026
Merged

chore: add breaking API change detection#53
timonrieger merged 3 commits intomainfrom
check-breaking

Conversation

@timonrieger
Copy link
Owner

@timonrieger timonrieger commented Feb 4, 2026
edited by coderabbitai bot
Loading

Summary by CodeRabbit

  • New Features
    • Automated detection of breaking API changes when syncing updates.
    • Generated API changelog included in sync pull requests, presented in a collapsible section.
    • Pull request descriptions now display a clear "Breaking Changes?" indicator and the formatted changelog.
    • Sync PR header updated to include a linkified client message with the release tag.

@coderabbitai
Copy link
Contributor

coderabbitai bot commented Feb 4, 2026
edited
Loading

📝 Walkthrough

Walkthrough

Adds two OpenAPI comparison steps to the upstream sync GitHub Actions workflow: one to detect breaking changes and one to generate a changelog. The PR body is updated to include a breaking-changes indicator and a collapsible changelog section populated from the changelog step output.

Changes

Cohort / File(s) Summary
GitHub Actions workflow
\.github/workflows/upstream-sync.yml		 Adds two steps using oasdiff-action: breaking (checks for breaking API changes between stored_tag and tag_to_use, continues on error) and changelog (produces markdown changelog). Updates PR body to include "Breaking Changes?" line sourced from the breaking step outcome and a collapsible "Changelog" block populated with oasdiff_changelog.outputs.changelog. Retains existing commit, branch, client generation, and PR creation flow.

Sequence Diagram(s)

sequenceDiagram
    participant Workflow as "GitHub Actions\n(upstream-sync.yml)"
    participant OASDiffBreaking as "oasdiff-action/breaking"
    participant OASDiffChangelog as "oasdiff-action/changelog"
    participant GitHubAPI as "GitHub API\n(create PR)"
    participant Repo as "Repository\n(specs & tags)"

    Workflow->>Repo: read `stored_tag` and `tag_to_use` specs
    Workflow->>OASDiffBreaking: run breaking check (base=stored_tag, rev=tag_to_use)
    OASDiffBreaking-->>Workflow: outcome (ok|breaking) [continues on error]
    Workflow->>OASDiffChangelog: run changelog (base=stored_tag, rev=tag_to_use)
    OASDiffChangelog-->>Workflow: outputs.changelog (markdown)
    Workflow->>GitHubAPI: create/update PR with body including breaking indicator and collapsible changelog
    GitHubAPI-->>Repo: PR created/updated
Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

🐰 I nibbled specs under moonlight bright,
Found breaks and notes to set things right,
A changelog tucked in a cozy fold,
I hopped to PRs — the story told.
🥕✨

🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title mentions breaking API change detection, but the changeset also adds changelog generation as a significant feature. The title is partially related but incomplete.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch check-breaking

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@timonrieger timonrieger changed the title chore: add API change detection and changelog generation to upstream sync workflow chore: add breaking API change detection Feb 4, 2026
@timonrieger timonrieger merged commit 2198575 into main Feb 4, 2026
8 of 10 checks passed
@timonrieger timonrieger deleted the check-breaking branch February 4, 2026 23:03
coderabbitai[bot]
coderabbitai bot reviewed Feb 4, 2026
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Fix all issues with AI agents 
In @.github/workflows/upstream-sync.yml:
- Line 176: The current check uses steps.oasdiff_breaking.outcome == 'failure'
which can be true for non-breaking failures; change the condition to explicitly
verify the step's conclusion and/or its breaking output from the
oasdiff_breaking step (for example require steps.oasdiff_breaking.conclusion ==
'failure' AND steps.oasdiff_breaking.outputs.breaking == 'true', or just check
steps.oasdiff_breaking.outputs.breaking == 'true' if the action sets that),
and/or add a PR-body note when the check is true to prompt manual verification;
update the workflow expression referencing the oasdiff_breaking step
accordingly.
🧹 Nitpick comments (2)
.github/workflows/upstream-sync.yml (2)

87-87: Pin action to a specific SHA (same concern as above).

Same security recommendation applies here. Additionally, consider adding continue-on-error: true for resilience—if the changelog generation fails (e.g., network issues fetching the OpenAPI specs), the PR creation will be blocked entirely. You may want the sync PR to still be created with a note that changelog generation failed.

78-78: Pin oasdiff-action to a specific SHA for supply chain security.

Both usages of oasdiff-action (breaking at line 78 and changelog at line 87) are referenced as @main, which is inconsistent with other actions in this workflow that are pinned to specific commit SHAs (e.g., actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8). Using @main exposes the workflow to potential supply chain attacks if the upstream repository is compromised.

.github/workflows/upstream-sync.yml
Automatically generated sync to Immich ${{ steps.tag_to_use.outputs.tag }}.
Automatically generated client for [Immich ${{ steps.tag_to_use.outputs.tag }}](https://github.com/immich-app/immich/releases/tag/${{ steps.tag_to_use.outputs.tag }}).

**Breaking Changes?:** ${{ steps.oasdiff_breaking.outcome == 'failure' }}
Copy link
Contributor

@coderabbitai coderabbitai bot Feb 4, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

Potential false positive if the breaking check fails for non-breaking reasons.

The expression steps.oasdiff_breaking.outcome == 'failure' will evaluate to true if the step fails for any reason (network timeout, malformed spec, etc.), not just when actual breaking changes are detected. This could mislead reviewers.

Consider checking the step's conclusion alongside its outputs, or documenting in the PR body that a true value warrants manual verification.

🤖 Prompt for AI Agents 
In @.github/workflows/upstream-sync.yml at line 176, The current check uses
steps.oasdiff_breaking.outcome == 'failure' which can be true for non-breaking
failures; change the condition to explicitly verify the step's conclusion and/or
its breaking output from the oasdiff_breaking step (for example require
steps.oasdiff_breaking.conclusion == 'failure' AND
steps.oasdiff_breaking.outputs.breaking == 'true', or just check
steps.oasdiff_breaking.outputs.breaking == 'true' if the action sets that),
and/or add a PR-body note when the check is true to prompt manual verification;
update the workflow expression referencing the oasdiff_breaking step
accordingly.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@timonrieger