Chore: Speed-up deployments in tests by Meldiron · Pull Request #11539 · appwrite/appwrite

Meldiron · 2026-03-13T16:05:17Z

What does this PR do?

(Provide a description of what this PR does and why it's needed.)

Test Plan

(Write your test plan here. If you changed any code, please provide us with clear instructions on how you verified your changes work. Screenshots may also be helpful.)

Related PRs and Issues

(Related PR or issue)

Checklist

Have you read the Contributing Guidelines on issues?
If the PR includes a change to an API's metadata (desc, label, params, etc.), does it also include updated API specs and example docs?

coderabbitai · 2026-03-13T16:05:38Z

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 1bdae362-1656-4c49-99b2-99b644205073

📥 Commits

Reviewing files that changed from the base of the PR and between b028b31 and 7e6db9a.

⛔ Files ignored due to path filters (3)

composer.lock is excluded by !**/*.lock
package-lock.json is excluded by !**/package-lock.json
tests/resources/sites/astro-static/package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (4)

tests/e2e/Services/Functions/FunctionsCustomServerTest.php
tests/e2e/Services/Sites/SitesCustomServerTest.php
tests/resources/functions/.gitignore
tests/resources/sites/.gitignore

🚧 Files skipped from review as they are similar to previous changes (2)

tests/resources/functions/.gitignore
tests/e2e/Services/Sites/SitesCustomServerTest.php

📝 Walkthrough

Walkthrough

The pull request replaces npm install with npm ci in e2e tests and adds node_modules/ to two test resources .gitignore files. In tests/e2e/Services/Functions/FunctionsCustomServerTest.php a single setup command is changed from bash setup.sh && npm install to bash setup.sh && npm ci. In tests/e2e/Services/Sites/SitesCustomServerTest.php multiple npm install occurrences are replaced with npm ci. Two files under tests/resources have node_modules/ appended to their .gitignore. No other logic or signatures were modified.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

🚥 Pre-merge checks | ✅ 1 | ❌ 2

❌ Failed checks (2 warnings)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The description provided is the standard contribution template with no actual content filled in, making it completely unrelated to the specific changes in the changeset.	Fill in the PR description with details about the changes made: explain why npm ci is preferred over npm install for tests, describe the .gitignore updates, and provide a test plan demonstrating the performance improvement.
Docstring Coverage	⚠️ Warning	Docstring coverage is 9.09% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (1 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'Chore: Speed-up deployments in tests' directly aligns with the changeset, which replaces npm install with npm ci and adds node_modules/ to .gitignore to optimize test performance.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings (stacked PR)
📝 Generate docstrings (commit on current branch)

🧪 Generate unit tests (beta)

Create PR with unit tests
Post copyable unit tests in a comment
Commit unit tests in branch chore-speedup-tests

📝 Coding Plan

Generate coding plan for human review comments

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

github-actions · 2026-03-13T16:06:46Z

Security Scan Results for PR

Docker Image Scan Results

Package	Version	Vulnerability	Severity
imagemagick	7.1.2.13-r0	CVE-2026-25897	CRITICAL
imagemagick	7.1.2.13-r0	CVE-2026-25898	CRITICAL
imagemagick	7.1.2.13-r0	CVE-2026-25968	CRITICAL
imagemagick	7.1.2.13-r0	CVE-2026-25971	CRITICAL
imagemagick	7.1.2.13-r0	CVE-2026-25983	CRITICAL
imagemagick	7.1.2.13-r0	CVE-2026-25986	CRITICAL
imagemagick	7.1.2.13-r0	CVE-2026-25987	CRITICAL
imagemagick	7.1.2.13-r0	CVE-2026-26284	CRITICAL
imagemagick	7.1.2.13-r0	CVE-2026-24481	HIGH
imagemagick	7.1.2.13-r0	CVE-2026-24485	HIGH
imagemagick	7.1.2.13-r0	CVE-2026-25794	HIGH
imagemagick	7.1.2.13-r0	CVE-2026-25795	HIGH
imagemagick	7.1.2.13-r0	CVE-2026-25796	HIGH
imagemagick	7.1.2.13-r0	CVE-2026-25798	HIGH
imagemagick	7.1.2.13-r0	CVE-2026-25799	HIGH
imagemagick	7.1.2.13-r0	CVE-2026-25965	HIGH
imagemagick	7.1.2.13-r0	CVE-2026-25966	HIGH
imagemagick	7.1.2.13-r0	CVE-2026-25967	HIGH
imagemagick	7.1.2.13-r0	CVE-2026-25969	HIGH
imagemagick	7.1.2.13-r0	CVE-2026-25970	HIGH
imagemagick	7.1.2.13-r0	CVE-2026-25985	HIGH
imagemagick	7.1.2.13-r0	CVE-2026-25988	HIGH
imagemagick	7.1.2.13-r0	CVE-2026-25989	HIGH
imagemagick	7.1.2.13-r0	CVE-2026-26066	HIGH
imagemagick	7.1.2.13-r0	CVE-2026-26283	HIGH
imagemagick	7.1.2.13-r0	CVE-2026-27798	HIGH
imagemagick-c++	7.1.2.13-r0	CVE-2026-25897	CRITICAL
imagemagick-c++	7.1.2.13-r0	CVE-2026-25898	CRITICAL
imagemagick-c++	7.1.2.13-r0	CVE-2026-25968	CRITICAL
imagemagick-c++	7.1.2.13-r0	CVE-2026-25971	CRITICAL
imagemagick-c++	7.1.2.13-r0	CVE-2026-25983	CRITICAL
imagemagick-c++	7.1.2.13-r0	CVE-2026-25986	CRITICAL
imagemagick-c++	7.1.2.13-r0	CVE-2026-25987	CRITICAL
imagemagick-c++	7.1.2.13-r0	CVE-2026-26284	CRITICAL
imagemagick-c++	7.1.2.13-r0	CVE-2026-24481	HIGH
imagemagick-c++	7.1.2.13-r0	CVE-2026-24485	HIGH
imagemagick-c++	7.1.2.13-r0	CVE-2026-25794	HIGH
imagemagick-c++	7.1.2.13-r0	CVE-2026-25795	HIGH
imagemagick-c++	7.1.2.13-r0	CVE-2026-25796	HIGH
imagemagick-c++	7.1.2.13-r0	CVE-2026-25798	HIGH
imagemagick-c++	7.1.2.13-r0	CVE-2026-25799	HIGH
imagemagick-c++	7.1.2.13-r0	CVE-2026-25965	HIGH
imagemagick-c++	7.1.2.13-r0	CVE-2026-25966	HIGH
imagemagick-c++	7.1.2.13-r0	CVE-2026-25967	HIGH
imagemagick-c++	7.1.2.13-r0	CVE-2026-25969	HIGH
imagemagick-c++	7.1.2.13-r0	CVE-2026-25970	HIGH
imagemagick-c++	7.1.2.13-r0	CVE-2026-25985	HIGH
imagemagick-c++	7.1.2.13-r0	CVE-2026-25988	HIGH
imagemagick-c++	7.1.2.13-r0	CVE-2026-25989	HIGH
imagemagick-c++	7.1.2.13-r0	CVE-2026-26066	HIGH
imagemagick-c++	7.1.2.13-r0	CVE-2026-26283	HIGH
imagemagick-c++	7.1.2.13-r0	CVE-2026-27798	HIGH
imagemagick-dev	7.1.2.13-r0	CVE-2026-25897	CRITICAL
imagemagick-dev	7.1.2.13-r0	CVE-2026-25898	CRITICAL
imagemagick-dev	7.1.2.13-r0	CVE-2026-25968	CRITICAL
imagemagick-dev	7.1.2.13-r0	CVE-2026-25971	CRITICAL
imagemagick-dev	7.1.2.13-r0	CVE-2026-25983	CRITICAL
imagemagick-dev	7.1.2.13-r0	CVE-2026-25986	CRITICAL
imagemagick-dev	7.1.2.13-r0	CVE-2026-25987	CRITICAL
imagemagick-dev	7.1.2.13-r0	CVE-2026-26284	CRITICAL
imagemagick-dev	7.1.2.13-r0	CVE-2026-24481	HIGH
imagemagick-dev	7.1.2.13-r0	CVE-2026-24485	HIGH
imagemagick-dev	7.1.2.13-r0	CVE-2026-25794	HIGH
imagemagick-dev	7.1.2.13-r0	CVE-2026-25795	HIGH
imagemagick-dev	7.1.2.13-r0	CVE-2026-25796	HIGH
imagemagick-dev	7.1.2.13-r0	CVE-2026-25798	HIGH
imagemagick-dev	7.1.2.13-r0	CVE-2026-25799	HIGH
imagemagick-dev	7.1.2.13-r0	CVE-2026-25965	HIGH
imagemagick-dev	7.1.2.13-r0	CVE-2026-25966	HIGH
imagemagick-dev	7.1.2.13-r0	CVE-2026-25967	HIGH
imagemagick-dev	7.1.2.13-r0	CVE-2026-25969	HIGH
imagemagick-dev	7.1.2.13-r0	CVE-2026-25970	HIGH
imagemagick-dev	7.1.2.13-r0	CVE-2026-25985	HIGH
imagemagick-dev	7.1.2.13-r0	CVE-2026-25988	HIGH
imagemagick-dev	7.1.2.13-r0	CVE-2026-25989	HIGH
imagemagick-dev	7.1.2.13-r0	CVE-2026-26066	HIGH
imagemagick-dev	7.1.2.13-r0	CVE-2026-26283	HIGH
imagemagick-dev	7.1.2.13-r0	CVE-2026-27798	HIGH
imagemagick-heic	7.1.2.13-r0	CVE-2026-25897	CRITICAL
imagemagick-heic	7.1.2.13-r0	CVE-2026-25898	CRITICAL
imagemagick-heic	7.1.2.13-r0	CVE-2026-25968	CRITICAL
imagemagick-heic	7.1.2.13-r0	CVE-2026-25971	CRITICAL
imagemagick-heic	7.1.2.13-r0	CVE-2026-25983	CRITICAL
imagemagick-heic	7.1.2.13-r0	CVE-2026-25986	CRITICAL
imagemagick-heic	7.1.2.13-r0	CVE-2026-25987	CRITICAL
imagemagick-heic	7.1.2.13-r0	CVE-2026-26284	CRITICAL
imagemagick-heic	7.1.2.13-r0	CVE-2026-24481	HIGH
imagemagick-heic	7.1.2.13-r0	CVE-2026-24485	HIGH
imagemagick-heic	7.1.2.13-r0	CVE-2026-25794	HIGH
imagemagick-heic	7.1.2.13-r0	CVE-2026-25795	HIGH
imagemagick-heic	7.1.2.13-r0	CVE-2026-25796	HIGH
imagemagick-heic	7.1.2.13-r0	CVE-2026-25798	HIGH
imagemagick-heic	7.1.2.13-r0	CVE-2026-25799	HIGH
imagemagick-heic	7.1.2.13-r0	CVE-2026-25965	HIGH
imagemagick-heic	7.1.2.13-r0	CVE-2026-25966	HIGH
imagemagick-heic	7.1.2.13-r0	CVE-2026-25967	HIGH
imagemagick-heic	7.1.2.13-r0	CVE-2026-25969	HIGH
imagemagick-heic	7.1.2.13-r0	CVE-2026-25970	HIGH
imagemagick-heic	7.1.2.13-r0	CVE-2026-25985	HIGH
imagemagick-heic	7.1.2.13-r0	CVE-2026-25988	HIGH
imagemagick-heic	7.1.2.13-r0	CVE-2026-25989	HIGH
imagemagick-heic	7.1.2.13-r0	CVE-2026-26066	HIGH
imagemagick-heic	7.1.2.13-r0	CVE-2026-26283	HIGH
imagemagick-heic	7.1.2.13-r0	CVE-2026-27798	HIGH
imagemagick-jpeg	7.1.2.13-r0	CVE-2026-25897	CRITICAL
imagemagick-jpeg	7.1.2.13-r0	CVE-2026-25898	CRITICAL
imagemagick-jpeg	7.1.2.13-r0	CVE-2026-25968	CRITICAL
imagemagick-jpeg	7.1.2.13-r0	CVE-2026-25971	CRITICAL
imagemagick-jpeg	7.1.2.13-r0	CVE-2026-25983	CRITICAL
imagemagick-jpeg	7.1.2.13-r0	CVE-2026-25986	CRITICAL
imagemagick-jpeg	7.1.2.13-r0	CVE-2026-25987	CRITICAL
imagemagick-jpeg	7.1.2.13-r0	CVE-2026-26284	CRITICAL
imagemagick-jpeg	7.1.2.13-r0	CVE-2026-24481	HIGH
imagemagick-jpeg	7.1.2.13-r0	CVE-2026-24485	HIGH
imagemagick-jpeg	7.1.2.13-r0	CVE-2026-25794	HIGH
imagemagick-jpeg	7.1.2.13-r0	CVE-2026-25795	HIGH
imagemagick-jpeg	7.1.2.13-r0	CVE-2026-25796	HIGH
imagemagick-jpeg	7.1.2.13-r0	CVE-2026-25798	HIGH
imagemagick-jpeg	7.1.2.13-r0	CVE-2026-25799	HIGH
imagemagick-jpeg	7.1.2.13-r0	CVE-2026-25965	HIGH
imagemagick-jpeg	7.1.2.13-r0	CVE-2026-25966	HIGH
imagemagick-jpeg	7.1.2.13-r0	CVE-2026-25967	HIGH
imagemagick-jpeg	7.1.2.13-r0	CVE-2026-25969	HIGH
imagemagick-jpeg	7.1.2.13-r0	CVE-2026-25970	HIGH
imagemagick-jpeg	7.1.2.13-r0	CVE-2026-25985	HIGH
imagemagick-jpeg	7.1.2.13-r0	CVE-2026-25988	HIGH
imagemagick-jpeg	7.1.2.13-r0	CVE-2026-25989	HIGH
imagemagick-jpeg	7.1.2.13-r0	CVE-2026-26066	HIGH
imagemagick-jpeg	7.1.2.13-r0	CVE-2026-26283	HIGH
imagemagick-jpeg	7.1.2.13-r0	CVE-2026-27798	HIGH
imagemagick-jxl	7.1.2.13-r0	CVE-2026-25897	CRITICAL
imagemagick- 10BC0 jxl	7.1.2.13-r0	CVE-2026-25898	CRITICAL
imagemagick-jxl	7.1.2.13-r0	CVE-2026-25968	CRITICAL
imagemagick-jxl	7.1.2.13-r0	CVE-2026-25971	CRITICAL
imagemagick-jxl	7.1.2.13-r0	CVE-2026-25983	CRITICAL
imagemagick-jxl	7.1.2.13-r0	CVE-2026-25986	CRITICAL
imagemagick-jxl	7.1.2.13-r0	CVE-2026-25987	CRITICAL
imagemagick-jxl	7.1.2.13-r0	CVE-2026-26284	CRITICAL
imagemagick-jxl	7.1.2.13-r0	CVE-2026-24481	HIGH
imagemagick-jxl	7.1.2.13-r0	CVE-2026-24485	HIGH
imagemagick-jxl	7.1.2.13-r0	CVE-2026-25794	HIGH
imagemagick-jxl	7.1.2.13-r0	CVE-2026-25795	HIGH
imagemagick-jxl	7.1.2.13-r0	CVE-2026-25796	HIGH
imagemagick-jxl	7.1.2.13-r0	CVE-2026-25798	HIGH
imagemagick-jxl	7.1.2.13-r0	CVE-2026-25799	HIGH
imagemagick-jxl	7.1.2.13-r0	CVE-2026-25965	HIGH
imagemagick-jxl	7.1.2.13-r0	CVE-2026-25966	HIGH
imagemagick-jxl	7.1.2.13-r0	CVE-2026-25967	HIGH
imagemagick-jxl	7.1.2.13-r0	CVE-2026-25969	HIGH
imagemagick-jxl	7.1.2.13-r0	CVE-2026-25970	HIGH
imagemagick-jxl	7.1.2.13-r0	CVE-2026-25985	HIGH
imagemagick-jxl	7.1.2.13-r0	CVE-2026-25988	HIGH
imagemagick-jxl	7.1.2.13-r0	CVE-2026-25989	HIGH
imagemagick-jxl	7.1.2.13-r0	CVE-2026-26066	HIGH
imagemagick-jxl	7.1.2.13-r0	CVE-2026-26283	HIGH
imagemagick-jxl	7.1.2.13-r0	CVE-2026-27798	HIGH
imagemagick-libs	7.1.2.13-r0	CVE-2026-25897	CRITICAL
imagemagick-libs	7.1.2.13-r0	CVE-2026-25898	CRITICAL
imagemagick-libs	7.1.2.13-r0	CVE-2026-25968	CRITICAL
imagemagick-libs	7.1.2.13-r0	CVE-2026-25971	CRITICAL
imagemagick-libs	7.1.2.13-r0	CVE-2026-25983	CRITICAL
imagemagick-libs	7.1.2.13-r0	CVE-2026-25986	CRITICAL
imagemagick-libs	7.1.2.13-r0	CVE-2026-25987	CRITICAL
imagemagick-libs	7.1.2.13-r0	CVE-2026-26284	CRITICAL
imagemagick-libs	7.1.2.13-r0	CVE-2026-24481	HIGH
imagemagick-libs	7.1.2.13-r0	CVE-2026-24485	HIGH
imagemagick-libs	7.1.2.13-r0	CVE-2026-25794	HIGH
imagemagick-libs	7.1.2.13-r0	CVE-2026-25795	HIGH
imagemagick-libs	7.1.2.13-r0	CVE-2026-25796	HIGH
imagemagick-libs	7.1.2.13-r0	CVE-2026-25798	HIGH
imagemagick-libs	7.1.2.13-r0	CVE-2026-25799	HIGH
imagemagick-libs	7.1.2.13-r0	CVE-2026-25965	HIGH
imagemagick-libs	7.1.2.13-r0	CVE-2026-25966	HIGH
imagemagick-libs	7.1.2.13-r0	CVE-2026-25967	HIGH
imagemagick-libs	7.1.2.13-r0	CVE-2026-25969	HIGH
imagemagick-libs	7.1.2.13-r0	CVE-2026-25970	HIGH
imagemagick-libs	7.1.2.13-r0	CVE-2026-25985	HIGH
imagemagick-libs	7.1.2.13-r0	CVE-2026-25988	HIGH
imagemagick-libs	7.1.2.13-r0	CVE-2026-25989	HIGH
imagemagick-libs	7.1.2.13-r0	CVE-2026-26066	HIGH
imagemagick-libs	7.1.2.13-r0	CVE-2026-26283	HIGH
imagemagick-libs	7.1.2.13-r0	CVE-2026-27798	HIGH
imagemagick-tiff	7.1.2.13-r0	CVE-2026-25897	CRITICAL
imagemagick-tiff	7.1.2.13-r0	CVE-2026-25898	CRITICAL
imagemagick-tiff	7.1.2.13-r0	CVE-2026-25968	CRITICAL
imagemagick-tiff	7.1.2.13-r0	CVE-2026-25971	CRITICAL
imagemagick-tiff	7.1.2.13-r0	CVE-2026-25983	CRITICAL
imagemagick-tiff	7.1.2.13-r0	CVE-2026-25986	CRITICAL
imagemagick-tiff	7.1.2.13-r0	CVE-2026-25987	CRITICAL
imagemagick-tiff	7.1.2.13-r0	CVE-2026-26284	CRITICAL
imagemagick-tiff	7.1.2.13-r0	CVE-2026-24481	HIGH
imagemagick-tiff	7.1.2.13-r0	CVE-2026-24485	HIGH
imagemagick-tiff	7.1.2.13-r0	CVE-2026-25794	HIGH
imagemagick-tiff	7.1.2.13-r0	CVE-2026-25795	HIGH
imagemagick-tiff	7.1.2.13-r0	CVE-2026-25796	HIGH
imagemagick-tiff	7.1.2.13-r0	CVE-2026-25798	HIGH
imagemagick-tiff	7.1.2.13-r0	CVE-2026-25799	HIGH
imagemagick-tiff	7.1.2.13-r0	CVE-2026-25965	HIGH
imagemagick-tiff	7.1.2.13-r0	CVE-2026-25966	HIGH
imagemagick-tiff	7.1.2.13-r0	CVE-2026-25967	HIGH
imagemagick-tiff	7.1.2.13-r0	CVE-2026-25969	HIGH
imagemagick-tiff	7.1.2.13-r0	CVE-2026-25970	HIGH
imagemagick-tiff	7.1.2.13-r0	CVE-2026-25985	HIGH
imagemagick-tiff	7.1.2.13-r0	CVE-2026-25988	HIGH
imagemagick-tiff	7.1.2.13-r0	CVE-2026-25989	HIGH
imagemagick-tiff	7.1.2.13-r0	CVE-2026-26066	HIGH
imagemagick-tiff	7.1.2.13-r0	CVE-2026-26283	HIGH
imagemagick-tiff	7.1.2.13-r0	CVE-2026-27798	HIGH
imagemagick-webp	7.1.2.13-r0	CVE-2026-25897	CRITICAL
imagemagick-webp	7.1.2.13-r0	CVE-2026-25898	CRITICAL
imagemagick-webp	7.1.2.13-r0	CVE-2026-25968	CRITICAL
imagemagick-webp	7.1.2.13-r0	CVE-2026-25971	CRITICAL
imagemagick-webp	7.1.2.13-r0	CVE-2026-25983	CRITICAL
imagemagick-webp	7.1.2.13-r0	CVE-2026-25986	CRITICAL
imagemagick-webp	7.1.2.13-r0	CVE-2026-25987	CRITICAL
imagemagick-webp	7.1.2.13-r0	CVE-2026-26284	CRITICAL
imagemagick-webp	7.1.2.13-r0	CVE-2026-24481	HIGH
imagemagick-webp	7.1.2.13-r0	CVE-2026-24485	HIGH
imagemagick-webp	7.1.2.13-r0	CVE-2026-25794	HIGH
imagemagick-webp	7.1.2.13-r0	CVE-2026-25795	HIGH
imagemagick-webp	7.1.2.13-r0	CVE-2026-25796	HIGH
imagemagick-webp	7.1.2.13-r0	CVE-2026-25798	HIGH
imagemagick-webp	7.1.2.13-r0	CVE-2026-25799	HIGH
imagemagick-webp	7.1.2.13-r0	CVE-2026-25965	HIGH
imagemagick-webp	7.1.2.13-r0	CVE-2026-25966	HIGH
imagemagick-webp	7.1.2.13-r0	CVE-2026-25967	HIGH
imagemagick-webp	7.1.2.13-r0	CVE-2026-25969	HIGH
imagemagick-webp	7.1.2.13-r0	CVE-2026-25970	HIGH
imagemagick-webp	7.1.2.13-r0	CVE-2026-25985	HIGH
imagemagick-webp	7.1.2.13-r0	CVE-2026-25988	HIGH
imagemagick-webp	7.1.2.13-r0	CVE-2026-25989	HIGH
imagemagick-webp	7.1.2.13-r0	CVE-2026-26066	HIGH
imagemagick-webp	7.1.2.13-r0	CVE-2026-26283	HIGH
imagemagick-webp	7.1.2.13-r0	CVE-2026-27798	HIGH
libecpg	18.1-r0	CVE-2026-2004	HIGH
libecpg	18.1-r0	CVE-2026-2005	HIGH
libecpg	18.1-r0	CVE-2026-2006	HIGH
libecpg	18.1-r0	CVE-2026-2007	HIGH
libecpg-dev	18.1-r0	CVE-2026-2004	HIGH
libecpg-dev	18.1-r0	CVE-2026-2005	HIGH
libecpg-dev	18.1-r0	CVE-2026-2006	HIGH
libecpg-dev	18.1-r0	CVE-2026-2007	HIGH
libheif	1.20.2-r1	CVE-2025-68431	HIGH
libpng	1.6.54-r0	CVE-2026-25646	HIGH
libpng-dev	1.6.54-r0	CVE-2026-25646	HIGH
libpq	18.1-r0	CVE-2026-2004	HIGH
libpq	18.1-r0	CVE-2026-2005	HIGH
libpq	18.1-r0	CVE-2026-2006	HIGH
libpq	18.1-r0	CVE-2026-2007	HIGH
libpq-dev	18.1-r0	CVE-2026-2004	HIGH
libpq-dev	18.1-r0	CVE-2026-2005	HIGH
libpq-dev	18.1-r0	CVE-2026-2006	HIGH
libpq-dev	18.1-r0	CVE-2026-2007	HIGH
postgresql18-dev	18.1-r0	CVE-2026-2004	HIGH
postgresql18-dev	18.1-r0	CVE-2026-2005	HIGH
postgresql18-dev	18.1-r0	CVE-2026-2006	HIGH
postgresql18-dev	18.1-r0	CVE-2026-2007	HIGH
zlib	1.3.1-r2	CVE-2026-22184	CRITICAL
zlib-dev	1.3.1-r2	CVE-2026-22184	CRITICAL

Source Code Scan Results

🎉 No vulnerabilities found!

greptile-apps · 2026-03-13T16:09:34Z

Greptile Summary

This PR replaces npm install with npm ci in e2e test deployment commands, aiming to speed up CI builds by leveraging the deterministic, lock-file-only install path of npm ci. While the intent is sound and the change is correct for fixtures that already ship a package-lock.json (e.g. astro, astro-custom-start-command, dynamic-api-key), several tests will break because the astro-static fixture has no package-lock.json.

Key findings:

Breaking: tests/resources/sites/astro-static/ has only package.json — no package-lock.json. npm ci will exit fatally before the build phase for every test that uses this fixture with the new installCommand.
Affected tests: at least the testAdapterDetectionAstroStatic-style test (line 448), the multi-adapter test (line 572), and the intentional-failure test (line 2968) whose assertion on 'Adapter mismatch' in build logs (line 2996) will never be satisfied.
Unaffected: FunctionsCustomServerTest.php and all SitesCustomServerTest.php tests that deploy astro or astro-custom-start-command, as those fixtures already include a package-lock.json.

Confidence Score: 2/5

Not safe to merge — several tests will fail because the astro-static fixture lacks a package-lock.json required by npm ci.
The change correctly uses npm ci for fixtures that have a lock file, but inadvertently breaks tests using the astro-static fixture which has no package-lock.json. npm ci will abort immediately in those cases, causing test failures and invalidating an assertion on expected build-log content.
tests/e2e/Services/Sites/SitesCustomServerTest.php at lines 448, 572, and 2968 (all deploying astro-static), and the tests/resources/sites/astro-static/ fixture directory (missing package-lock.json).

Important Files Changed

Filename	Overview
tests/e2e/Services/Functions/FunctionsCustomServerTest.php	Single change replacing `npm install` with `npm ci` in the `testScopes` function; the `dynamic-api-key` fixture ships a `package-lock.json`, so `npm ci` is safe here.
tests/e2e/Services/Sites/SitesCustomServerTest.php	Ten occurrences of `npm install` → `npm ci` across various site tests. Tests that deploy the `astro-static` fixture (lines 448/461, 572/585, 2968/2980) will break because `astro-static` has no `package-lock.json`, causing `npm ci` to exit with a fatal error. The `testBuildLogsAdapterMismatch`-style test also asserts `'Adapter mismatch'` in build logs (line 2996), which will never appear when install fails early.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[Test sets installCommand to npm ci] --> B{Fixture has package-lock.json?}
    B -- Yes --> C[npm ci succeeds]
    C --> D[Build phase runs]
    D --> E[Deployment succeeds]
    B -- No --> F[npm ci exits with fatal error]
    F --> G[Build phase never reached]
    G --> H[Deployment fails]
    H --> I{Test expects success?}
    I -- Yes --> J[Test FAILS - astro-static at lines 448 and 572]
    I -- No --> K{Test checks for specific log messages?}
    K -- Yes --> L[Adapter mismatch assertion fails - line 2996]
    K -- No --> M[Test still passes - only checks failed status]

Comments Outside Diff (1)

tests/e2e/Services/Sites/SitesCustomServerTest.php, line 448-461 (link)

npm ci will fail — astro-static has no package-lock.json

npm ci requires a package-lock.json (or npm-shrinkwrap.json) to be present; it exits immediately with a fatal error if neither is found. The tests/resources/sites/astro-static/ fixture only contains astro.config.mjs, package.json, and a src/ directory — there is no lock file.

This means every test that sets installCommand: 'npm ci' and then deploys the astro-static package will have its deployment fail during the install phase, causing these tests to break.

The same issue affects the following additional locations:
- SitesCustomServerTest.php:572 (second test deploying astro-static)
- SitesCustomServerTest.php:2968 — an intentional-failure test that also asserts 'Adapter mismatch' appears in build logs (line 2996). With npm ci failing before the build phase, 'Adapter mismatch' will never be logged and that assertion will fail.
Fix options:
1. Generate and commit a package-lock.json for the astro-static fixture (run npm install once locally, commit the resulting package-lock.json).
2. Keep npm install only for fixtures that lack a lock file.

_{Last reviewed commit: f890762}

coderabbitai

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@tests/e2e/Services/Sites/SitesCustomServerTest.php`:
- Line 345: The test sets 'installCommand' => 'npm ci' in
SitesCustomServerTest.php for the astro-static fixture but the fixture at
tests/resources/sites/astro-static/ is missing package-lock.json so npm ci will
fail; fix by either adding a committed package-lock.json into the astro-static
fixture (preferred) or change the test's 'installCommand' to 'npm install' (in
SitesCustomServerTest.php where 'installCommand' is defined) so the install does
not require a lockfile.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 858e60c1-7590-48c1-b2ca-aa3195bec9a2

📥 Commits

Reviewing files that changed from the base of the PR and between 4309bd0 and 3e42b15.

📒 Files selected for processing (2)

tests/e2e/Services/Functions/FunctionsCustomServerTest.php
tests/e2e/Services/Sites/SitesCustomServerTest.php

tests/e2e/Services/Sites/SitesCustomServerTest.php

github-actions · 2026-03-13T16:17:57Z

🔄 PHP-Retry Summary

Flaky tests detected across commits:

Commit 7e6db9a - 1 flaky test

Test	Retries	Total Time	Details
`UsageTest::testDatabaseStatsCollectionsAPI`	1	10.30s	Logs

Commit f9ecd28 - 2 flaky tests

Test	Retries	Total Time	Details
`UsageTest::testDatabaseStatsCollectionsAPI`	1	10.25s	Logs
`RealtimeCustomClientTest::testChannelTablesDBRowUpdate`	1	672ms	Logs

github-actions · 2026-03-13T16:23:23Z

✨ Benchmark results

Requests per second: 1,632
Requests with 200 status code: 293,875
P99 latency: 0.103466472

⚡ Benchmark Comparison

Metric	This PR	Latest version
RPS	1,632	1,174
200	293,875	211,451
P99	0.103466472	0.194309112

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

coderabbitai bot reviewed Mar 13, 2026

View reviewed changes

tests/e2e/Services/Sites/SitesCustomServerTest.php Show resolved Hide resolved

Meldiron added 3 commits March 15, 2026 16:39

Speed-up deployments in tests

975a38b

linter fix

c618372

Fix tests missing lock files

7e6db9a

loks0n force-pushed the chore-speedup-tests branch from b028b31 to 7e6db9a Compare March 15, 2026 16:39

Revert composer.lock to 1.8.x

f9ecd28

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

loks0n merged commit aefa51f into 1.8.x Mar 15, 2026
35 of 38 checks passed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Chore: Speed-up deployments in tests#11539

Chore: Speed-up deployments in tests#11539
loks0n merged 4 commits into1.8.xfrom
chore-speedup-tests

Uh oh!

Walkthrough

Estimated code review effort

❌ Failed checks (2 warnings)

Uh oh!

Uh oh!

Comments Outside Diff (1)

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Conversation

What does this PR do?

Test Plan

Related PRs and Issues

Checklist

Uh oh!

Uh oh!

Walkthrough

Estimated code review effort

❌ Failed checks (2 warnings)

Uh oh!

Uh oh!

Security Scan Results for PR

Docker Image Scan Results

Source Code Scan Results

Uh oh!

Uh oh!

Greptile Summary

Confidence Score: 2/5

Important Files Changed

Flowchart

Comments Outside Diff (1)

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

🔄 PHP-Retry Summary

Uh oh!

Uh oh!

✨ Benchmark results

⚡ Benchmark Comparison

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants