BOT: Dart Dependency Updater

[jpeiffer]

PR created automatically

dependencies:

• pointycastle: 3.9.1 --> 4.0.0

dev_dependencies:

• flutter_lints: 5.0.0 --> 6.0.0
• test: 1.25.12 --> 1.29.0

Error!!!

Resolving dependencies...


Because template_expressions depends on encrypt ^5.0.3 which depends on pointycastle ^3.6.2, pointycastle ^3.6.2 is required.
So, because template_expressions depends on pointycastle ^4.0.0, version solving failed.


You can try the following suggestion to make the pubspec resolve:
* Consider downgrading your constraint on pointycastle: dart pub add pointycastle:^3.9.1

Summary by CodeRabbit

• Chores
  • Updated version to 3.3.1+3
  • Upgraded dependencies: pointycastle (v4.0.0), flutter_lints (v6.0.0), and test (v1.29.0)

[coderabbitai]

Walkthrough

Version bump to 3.3.1+3 with documentation of automated dependency updates and pubspec.yaml modifications. Changes include dependency upgrades (pointycastle, test, flutter_lints to major versions), version increment, and quote formatting standardization across the manifest file.

Changes

Cohort / File(s)	Summary
Documentation CHANGELOG.md	Added changelog entry for version 3.3.1+3 (February 10, 2026) documenting automated dependency updates.
Configuration pubspec.yaml	Version bumped from 3.3.1+2 to 3.3.1+3. Dependencies updated: pointycastle ^3.9.1 → ^4.0.0, flutter_lints ^5.0.0 → ^6.0.0, test ^1.25.12 → ^1.29.0. Quote formatting standardized to double-quotes throughout file.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Title check	❓ Inconclusive	The title 'BOT: Dart Dependency Updater' is vague and generic. While it indicates automated dependency updates are involved, it lacks specificity about which dependencies were updated or the nature of the changes, making it unclear to someone scanning the history.	Consider a more specific title like 'Update Dart dependencies: pointycastle, flutter_lints, and test' to clearly indicate the main changes and affected packages.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch dart_update_1770691579785

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In `@pubspec.yaml`:
- Line 20: The pubspec currently pins pointycastle: ^4.0.0 which conflicts with
encrypt: ^5.0.3; update dependencies so the solver can resolve: either revert
pointycastle to ^3.9.1 (change the pointycastle entry) or replace encrypt:
^5.0.3 with encrypt_next: ^5.0.5+ (change the encrypt dependency name and
version) and run pub get to verify resolution; ensure only one of these changes
is applied and confirm no other package pins pointycastle to an incompatible
range.

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🌐 Web query:

Dart encrypt package 5.0.3 pointycastle dependency

💡 Result:

Web search failed: Server error: no LLM provider could handle the message

---

🌐 Web query:

Dart encrypt package latest version pointycastle 4.0.0 support

💡 Result:

• encrypt (original package) latest version: 5.0.3 (published ~2 years ago). [1]
• pointycastle 4.0.0: released 2025-02-12 and requires Dart SDK >= 3.2. [2][3]
• Does encrypt support pointycastle 4.0.0? Not in practice, because encrypt 5.0.3 targets Dart SDK >= 2.18 [1], while pointycastle 4.0.0 requires >= 3.2 [3]—so the constraints don’t line up.

If you need PointyCastle 4.x, use a maintained fork that targets modern Dart, e.g. encrypt_next (latest 5.0.5, Dart SDK >= 3.3). [4]

Sources:
[1] https://pub.dev/packages/encrypt/versions
[2] https://pub.dev/packages/pointycastle/changelog
[3] https://pub.dev/packages/pointycastle/versions
[4] https://pub.dev/packages/encrypt_next/versions

---

🏁 Script executed:

# Check if there's a CI logs or pubspec lock file that shows the error
git ls-files | grep -E "(\.github|pubspec\.lock|\.gitlab|\.circleci)" | head -20

Repository: peiffer-innovations/template_expressions

Length of output: 302

---

🏁 Script executed:

# Look for any CI configuration or logs
find . -type f -name "*.yml" -o -name "*.yaml" | grep -E "(workflow|pipeline|ci)" | head -10

Repository: peiffer-innovations/template_expressions

Length of output: 235

---

🏁 Script executed:

# Check the CI workflow that likely runs dependency resolution
cat -n .github/workflows/pull_request.yml

Repository: peiffer-innovations/template_expressions

Length of output: 460

---

🏁 Script executed:

# Check pubspec.yaml to see all the changes
cat -n pubspec.yaml

Repository: peiffer-innovations/template_expressions

Length of output: 2147

---

🏁 Script executed:

# Search for pointycastle dependency constraints in pubspec.yaml
rg "pointycastle|encrypt" pubspec.yaml -A 1 -B 1

Repository: peiffer-innovations/template_expressions

Length of output: 216

---

🌐 Web query:

encrypt 5.0.3 pointycastle version constraint dependency pubspec

💡 Result:

For encrypt: ^5.0.3, the compatible pointycastle line to pin/override in your pubspec.yaml is:

dependencies:
  encrypt: ^5.0.3
  pointycastle: ^3.7.3

If pointycastle is coming in transitively (and you can’t change the upstream constraint), add:

dependency_overrides:
  pointycastle: ^3.7.3

This pairing (encrypt: ^5.0.3 with pointycastle: ^3.7.3) is commonly used to satisfy version solving for projects on that encrypt release. [1]

Sources:
[1] https://libraries.io/pub/yxr_flutter_basic

---

🏁 Script executed:

# Check if there's a pubspec.lock file showing resolved versions
cat -n pubspec.lock | head -50

Repository: peiffer-innovations/template_expressions

Length of output: 128

---

🏁 Script executed:

# Look for any CI failure logs or recent PR context
git log --oneline -20

Repository: peiffer-innovations/template_expressions

Length of output: 124

---

pointycastle: ^4.0.0 is incompatible with encrypt: ^5.0.3 — dependency resolution will fail.

encrypt: ^5.0.3 (line 12) was published before pointycastle 4.0.0 existed and its transitive dependency on pointycastle 3.x creates an unsatisfiable constraint. While the project's Dart SDK target (3.0.0+) is technically compatible with both individually, the pub solver cannot resolve both constraints simultaneously.

Revert pointycastle to ^3.9.1, or alternatively upgrade to encrypt_next: ^5.0.5+ (a maintained fork that supports pointycastle 4.x with Dart SDK >= 3.3).

Suggested fix: revert pointycastle

-  pointycastle: "^4.0.0"
+  pointycastle: "^3.9.1"

🤖 Prompt for AI Agents

In `@pubspec.yaml` at line 20, The pubspec currently pins pointycastle: ^4.0.0
which conflicts with encrypt: ^5.0.3; update dependencies so the solver can
resolve: either revert pointycastle to ^3.9.1 (change the pointycastle entry) or
replace encrypt: ^5.0.3 with encrypt_next: ^5.0.5+ (change the encrypt
dependency name and version) and run pub get to verify resolution; ensure only
one of these changes is applied and confirm no other package pins pointycastle
to an incompatible range.