Conversation
Automated version bump after PyPI release. Co-authored-by: openhands <openhands@all-hands.dev>
all-hands-bot
left a comment
all-hands-bot
left a comment
There was a problem hiding this comment.
🟡 Acceptable - But Verify Before Merge
Taste Rating: This is an automated dependency bump, which is fine, but it hides significant architectural changes in the transitive dependency tree.
KEY INSIGHT: This "routine" version bump adds 15+ new transitive dependencies and removes the entire openapi-core validation stack. Major version bumps in cyclopts (3→4) and fastmcp (2→3) could introduce breaking changes.
CRITICAL ISSUES:
- No Evidence: PR description lacks proof that this upgrade works (see inline comment)
- Major Version Bumps: Transitive dependencies have breaking-change-risk upgrades that need verification
VERDICT: ✅ Worth merging IF CI passes and manual smoke test confirms nothing broke. ❌ Do not merge without runtime verification.
See inline comments for details.
| dependencies = [ | ||
| "openhands-sdk==1.11.5", | ||
| "openhands-tools==1.11.5", | ||
| "openhands-sdk==1.13.1", |
There was a problem hiding this comment.
🟠 Important - Major Version Bump Risk: These SDK updates pull in major version bumps of transitive dependencies:
cyclopts: 3.23.1 → 4.9.0 (major version change)fastmcp: 2.12.2 → 3.1.0 (major version change)mcp: 1.13.1 → 1.26.0 (significant jump)
Major version changes can introduce breaking API changes. Have you verified that:
- All tests pass (
make test,make test-snapshots,make test-binary)? - The CLI still runs without errors (
uv run openhands --help)? - A basic conversation flow works end-to-end?
Also notable: This bump adds 15+ new transitive dependencies (redis, fakeredis, keyring, lupa, beartype, etc.) and removes the openapi-core validation stack. This is a significant architectural change in the SDK, not just a patch-level bump.
| "Programming Language :: Python :: 3.13", | ||
| ] | ||
| dependencies = [ | ||
| "openhands-sdk==1.11.5", | ||
| "openhands-tools==1.11.5", | ||
| "openhands-sdk==1.13.1", | ||
| "openhands-tools==1.13.1", |
There was a problem hiding this comment.
🟠 Important - Missing Evidence Section:
The PR description should include an Evidence section proving this upgrade works. For a dependency bump this significant, include:
## Evidence
### Test Results
- `make test` - ✅ All unit/integration tests pass
- `make test-snapshots` - ✅ No UI regressions
- `make test-binary` - ✅ PyInstaller build works
### Smoke Test
```bash
$ uv run openhands --help
[output showing CLI works]
$ uv run openhands
[screenshot or description of successful TUI startup]
Without evidence, we're trusting that an automated bump of packages with major version changes doesn't break anything. That's not pragmatic - it's gambling.
Coverage Report •
|
2 participants
Automated Version Bump
This PR updates the following packages to version 1.13.1:
openhands-sdkopenhands-toolsTriggered by: Release of software-agent-sdk v1.13.1
This PR was automatically created by the version-bump-prs workflow.
🚀 Try this PR