Fix Tauri Rust crate / npm package version mismatch#70
Draft
RemcoDewlde with Copilot wants to merge 4 commits into
Draft
Fix Tauri Rust crate / npm package version mismatch#70RemcoDewlde with Copilot wants to merge 4 commits into
RemcoDewlde with Copilot wants to merge 4 commits into
Conversation
Co-authored-by: RemcoDewlde <23398387+RemcoDewlde@users.noreply.github.com>
…lnerability Co-authored-by: RemcoDewlde <23398387+RemcoDewlde@users.noreply.github.com>
Copilot
AI
changed the title
[WIP] Update CI/CD pipeline for feature branches and PRs
CI/CD feature branch support, package upgrades to latest, and vuln remediation (v0.3.0)
Mar 15, 2026
There was a problem hiding this comment.
Pull request overview
Updates the project’s release pipeline and PR validation while upgrading frontend/Tauri dependencies and bumping the app version to 0.3.0 to address known vulnerabilities and improve CI coverage.
Changes:
- Added a new PR validation workflow that type-checks, builds the frontend, and builds the Tauri app on Ubuntu.
- Upgraded GitHub Actions usage in the release workflow, added caching, and switched installs to
npm ci. - Upgraded npm packages (incl. Tauri/React/TS), removed
npmas a runtime dependency, and synced version to0.3.0.
Reviewed changes
Copilot reviewed 6 out of 7 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
src-tauri/tauri.conf.json |
Bumps Tauri app version to 0.3.0. |
src-tauri/Cargo.toml |
Bumps Rust crate version to 0.3.0. |
package.json |
Bumps app version and upgrades/removes dependencies. |
package-lock.json |
Regenerates lockfile for upgraded deps and removed npm. |
README.md |
Updates badges/versions and adds PR check badge. |
.github/workflows/publish_and_release.yml |
Adds manual dispatch, action upgrades, caching, and npm ci. |
.github/workflows/pr_check.yml |
New PR workflow for type-check + builds. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
+107
to
110
| uses: actions/github-script@v7 | ||
| env: | ||
| release_id: ${{ needs.create-release.outputs.release_id }} | ||
| with: |
| "dom-to-image-more": "^3.7.2", | ||
| "framer-motion": "^11.18.2", | ||
| "get-nonce": "^1.0.1", | ||
| "install": "^0.13.0", |
Comment on lines
+64
to
+68
| "prettier": "^3.8.1", | ||
| "prettier-plugin-tailwindcss": "^0.7.2", | ||
| "tailwindcss": "^3.4.19", | ||
| "typescript": "^5.9.3", | ||
| "vite": "6.4.1" |
| node-version: lts/* | ||
| cache: 'npm' | ||
| - name: get version | ||
| run: echo "PACKAGE_VERSION=$(node -p "require('./package.json').version")" >> $GITHUB_ENV |
Co-authored-by: RemcoDewlde <23398387+RemcoDewlde@users.noreply.github.com>
Copilot
AI
changed the title
CI/CD feature branch support, package upgrades to latest, and vuln remediation (v0.3.0)
Fix Tauri Rust crate / npm package version mismatch
Mar 15, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Tauri npm packages were updated to
2.10.x/2.4.xbutCargo.tomlkept loose"2"version constraints, leavingCargo.lockpinned to old crate versions (e.g.tauri = "2.1.1"). Tauri CLI enforces matching major.minor between Rust crates and JS packages, causing the build to abort.Changes
src-tauri/Cargo.toml— Pinned each crate to the minor version matching its npm counterpart:tauri"2""2.10"@tauri-apps/api ^2.10.1tauri-build"2""2.5"tauri-plugin-fs"2""2.4"@tauri-apps/plugin-fs ^2.4.5tauri-plugin-store"2""2.4"@tauri-apps/plugin-store ^2.4.2tauri-plugin-updater"2""2.10"@tauri-apps/plugin-updater ^2.10.0src-tauri/Cargo.lock— Refreshed viacargo update; crates now resolve totauri 2.10.3,tauri-plugin-fs 2.4.5,tauri-plugin-store 2.4.2,tauri-plugin-updater 2.10.0.📍 Connect Copilot coding agent with Jira, Azure Boards or Linear to delegate work to Copilot in one click without leaving your project management tool.