Conversation
…hanced testing capabilities
…to use filter for improved dependency management
…esting, and improved Playwright caching
…ance in error handling and functional programming
…d discoverability and SEO
…e `resultfy()` for improved readability and best practices
…iseLike objects with improved type guard and test coverage
…olution and maintainability
… for improved compatibility
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
| # Validate semantic versioning format | ||
| if [[ ! $VERSION =~ ^[0-9]+\.[0-9]+\.[0-9]+(-[a-zA-Z0-9.]+)?(\+[a-zA-Z0-9.]+)?$ ]]; then | ||
| echo "Error: Tag must follow semantic versioning (e.g., v1.0.0)" | ||
| exit 1 |
There was a problem hiding this comment.
Semver validation rejects valid prerelease tags
Medium Severity
The tag regex in publish.yml does not allow - inside prerelease or build identifiers, so valid SemVer tags like v1.2.3-beta-1 fail validation. This makes Validate tag format reject legitimate release tags and blocks publishing.
| run: pnpm --filter tryless lint | ||
| - name: Get Playwright version | ||
| id: playwright-version | ||
| run: echo "version=$(pnpm --filter tryless list @playwright/test --depth=0 --json | jq -r '.[0].version')" >> $GITHUB_OUTPUT |
There was a problem hiding this comment.
Playwright cache key uses wrong dependency
Medium Severity
The cache key reads @playwright/test version, but package/package.json depends on playwright instead. This makes steps.playwright-version.outputs.version resolve to null, so the browser cache key is not tied to the actual Playwright runtime version.
Additional Locations (1)
| ): any { | ||
| const error = fnError ?? UnknownError; | ||
| if (fn instanceof Promise) { | ||
| if (isThenable(fn)) { |
There was a problem hiding this comment.
Direct thenables can still throw synchronously
Low Severity
When resultfy receives a direct thenable, it calls fn.then(...) outside any try/catch. If that then implementation throws synchronously, resultfy throws instead of returning an Err, which breaks the “always return result” behavior for PromiseLike inputs.
…ting output extensions and configuration
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
Bugbot Autofix is OFF. To automatically fix reported issues with Cloud Agents, enable Autofix in the Cursor dashboard.
| try { | ||
| const result = (fn as (...args: any[]) => any)(...args); | ||
| if (result instanceof Promise) { | ||
| if (isThenable(result)) { |
There was a problem hiding this comment.
Resultfy typings mismatch thenable runtime behavior
Medium Severity
resultfy now treats any thenable via isThenable, but its overloads still model only Promise. Calls like resultfy(promiseLike) remain incorrectly typed, and functions returning PromiseLike are typed as synchronous Ok while runtime returns a Promise. This breaks resultfy’s TypeScript contract and can cause incorrect consumer control flow.
Additional Locations (2)
1 participant
📝 Description
🎯 Type of Change
🔗 Related Issue
Fixes #(issue number)
🧪 Testing
Test Configuration:
📋 Checklist
💻 Code Changes
Added
Changed
Removed
📸 Screenshots / Examples
// Example usage of new feature/fix🤔 Additional Notes
📚 Documentation
Thank you for contributing to Tryless! 🎉
Note
Medium Risk
Medium risk because it changes the package’s ESM entrypoints (
.mjs/exports) and adjustsresultfy()promise detection to treat any thenable as async, which can affect consumer bundling/runtime behavior and edge-case values.Overview
CI/CD hardening and speedups. CI is split into parallel
lintandtypecheckjobs gating a multi-Node (20/22) test matrix, with Playwright browser caching, failure artifact upload, and a finalci-successaggregator for branch protection.Safer publishing. The publish workflow now validates semver tag format, enforces tag/version match with
package/package.json, requires a matchingCHANGELOG.mdentry, runs typecheck, caches/installs Playwright browsers, and verifies package contents beforenpm publish.ESM + API improvements. The package switches ESM output from
dist/index.esm.jstodist/index.mjs(Rollup +package.jsonmodule/exportsupdates) and updates e2e imports accordingly;resultfy()now detects thenables via a newisThenableguard (instead ofinstanceof Promise) and adds tests for PromiseLike/proxy promises. Documentation/metadata are updated (README examples favorresultfy, changelog entries added, version bumped to1.5.8, keywords/description refreshed).Written by Cursor Bugbot for commit 60164aa. This will update automatically on new commits. Configure here.