Draft
Conversation
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
evan-masseau
added a commit
that referenced
this pull request
Apr 10, 2026
The usage() function now accepts an exit code parameter, defaulting to 0 for help output. Invalid options now exit with code 1 to properly signal CI/CD pipeline failures on misconfiguration. Fixes: Cursor Bugbot report on #339 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, have a team admin enable autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit d16eab9. Configure here.
Wiz Scan Summary
To detect these findings earlier in the dev lifecycle, try using Wiz Code VS Code Extension. |
ab1470
pushed a commit
that referenced
this pull request
Apr 21, 2026
The usage() function now accepts an exit code parameter, defaulting to 0 for help output. Invalid options now exit with code 1 to properly signal CI/CD pipeline failures on misconfiguration. Fixes: Cursor Bugbot report on #339 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Also updates bump-version.sh to accept CLI arguments (-v, -a, -s, --skip-native, --skip-install) so it can run non-interactively. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The usage() function now accepts an exit code parameter, defaulting to 0 for help output. Invalid options now exit with code 1 to properly signal CI/CD pipeline failures on misconfiguration. Fixes: Cursor Bugbot report on #339 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add require_arg helper that rejects missing or flag-like values passed to -v, -a, and -s options. Prevents silent corruption of version files when e.g. `./bump-version.sh -v --skip-native` is run. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* feat: Add form lifecycle event bridge for in-app forms (#334) * fix: batch dependabot security updates for transitive deps (#335) fix: batch security updates for transitive dependencies Consolidates 6 dependabot security PRs into a single lockfile update: - handlebars 4.7.8→4.7.9 (8 security advisories) - picomatch 2.3.1→2.3.2 (CVE-2026-33671, CVE-2026-33672) - fast-xml-parser 4.5.3→4.5.5 (prototype pollution, entity expansion) - flatted 3.3.3→3.4.2 (CWE-1321) - tar 7.5.7→7.5.11 (symlink escape via drive-relative paths) - basic-ftp 5.1.0→5.2.0 (skip invalid filenames) All are transitive dependencies (lockfile-only, no source changes). Closes #331, closes #330, closes #328, closes #325, closes #322, closes #316 Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * feat: add form lifecycle event bridge for in-app forms Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * chore: configure native SDK deps for form lifecycle hooks testing Android SDK: 0a48d79980dc3f276422cf9c42ff145eb39f364a iOS SDK branch: feat/form-lifecycle-hooks Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix: unregister native lifecycle handler during re-registration When registerFormLifecycleHandler is called again without explicit cleanup, the re-registration path now tears down the native handler before re-registering, matching the cleanup function's behavior. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix: clear native mock between lifecycle tests to match re-registration behavior The unregister test was failing because prior tests left the native unregisterFormLifecycleHandler mock dirty — the re-registration path now calls native unregister, so the mock accumulates calls across tests. Also added assertion that re-registration calls native unregister. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix(forms): validate required bridge message fields (MAGE-484) (#340) * fix(forms): throw on missing required fields in bridge message parsing Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix: correct JSDoc and add integration tests for lifecycle event parsing Fix JSDoc that said "logs a warning" when the code actually uses console.error. Add integration tests to index.test.tsx verifying that parseFormLifecycleEvent is correctly wired into the native event listener (invalid events filtered, valid events forwarded, deepLinkUrl defaults). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix(forms): validate deepLinkUrl as required on CTA events, normalize log level to warn Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * fix(forms): allow empty buttonLabel on CTA events A CTA button with no text label is still a valid click event. Only formId and formName require non-empty strings. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * docs(forms): remove internal implementation details from public API docs Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com> * fix(forms): default buttonLabel to empty string instead of rejecting Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…nt-available (#333) * feat(example/ios): differentiate pure silent push from standard push with content-available didReceiveRemoteNotification fires for both pure silent pushes and standard pushes with content-available. Add the delegate method with differentiation: only pure silent pushes (no aps.alert) are forwarded to PushNotificationsHelper.handleSilentPush for background processing. Standard pushes with content-available are left to willPresent/didReceive. Shows a debug alert when isDebug=YES, consistent with existing pattern. Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com> * chore: add NSLog for content-avail push
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Also updates bump-version.sh to accept CLI arguments (-v, -a, -s, --skip-native, --skip-install) so it can run non-interactively.
Description
Due Diligence
Release/Versioning Considerations
PatchContains internal changes or backwards-compatible bug fixes.MinorContains changes to the public API.MajorContains breaking changes.Changelog / Code Overview
Test Plan
Related Issues/Tickets