deps: bump dikw-core from 0.6.0 to 0.6.5#29
Conversation
Bumps [dikw-core](https://github.com/OpenDIKW/dikw-core) from 0.6.0 to 0.6.5. - [Release notes](https://github.com/OpenDIKW/dikw-core/releases) - [Changelog](https://github.com/OpenDIKW/dikw-core/blob/main/CHANGELOG.md) - [Commits](OpenDIKW/dikw-core@v0.6.0...v0.6.5) --- updated-dependencies: - dependency-name: dikw-core dependency-version: 0.6.5 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
LabelsThe following labels could not be found: Please fix the above issues or remove invalid values from |
helebest
left a comment
There was a problem hiding this comment.
Code Review — dikw-core 0.6.0 → 0.6.5
Consistency: PR title matches the diff. All three plugin packages (dikw-converter-epub, dikw-converter-example, dikw-converter-mineru) have their minimum constraint updated from >=0.6.0 to >=0.6.5, and the lock file reflects the new wheel/sdist hashes. ✅
Correctness: Changes are limited to pyproject.toml dependency specifiers and the corresponding lock file entries. The lock file wheel URL, sdist URL, and hashes are consistent with the stated 0.6.5 release. ✅
Conventions: Standard workspace dependency-bump pattern. ✅
Security: dikw-core 0.6.1–0.6.5 changes are additive: eval OOD calibration fields, Gitee embed/rerank scaffold defaults, eval cache key correctness fix. All changes land in server/engine territory (dikw_core.server.*, dikw_core.domains.*). Per the repo's layering invariants, plugins may not import from those modules — they depend only on the Converter Protocol and Path. The public plugin API surface is unchanged across this version range. No CVEs or security advisories noted. ✅
Effectiveness: Bumping the minimum constraint ensures plugins receive the bug fix in 0.6.5 (eval cache key, not a plugin concern but correct version hygiene). ✅
Test coverage: No plugin source code changed; no new tests required. ✅
Approving. Will merge once CI is green.
Generated by Claude Code
Code Review — automatedSummary:
Verdict: LGTM. Proceeding to CI verification. Generated by Claude Code |
CI Verification — All checks green ✅All 4 required checks passed:
No regressions. Proceeding to squash merge. Generated by Claude Code |
Verification & CI Results — automatedLocal test suite: All 134 tests pass ( CI checks: All 4 checks completed green.
All steps passed — proceeding with squash merge. Generated by Claude Code |
Bumps dikw-core from 0.6.0 to 0.6.5.
Release notes
Sourced from dikw-core's releases.
... (truncated)
Changelog
Sourced from dikw-core's changelog.
... (truncated)
Commits
f8c1045chore(release): prepare 0.6.5 (#254)c15b4eefeat(eval): surface absolute relevance scores in eval rows for OOD calibratio...c4e6bb4fix(eval): key cjk_tokenizer + read query-time retrieval config live (#250) (...91b530afeat: unify rerank/embed degrade-logging; default scaffold to Gitee embed+rer...c9762e4chore(docker): bump DIKW_VERSION to v0.6.4 (#248)8b4279achore(release): prepare 0.6.4 (#247)8d61455refactor(prompts): extract knowledge system prompts to .md, unify product nam...e3032e4chore(docker): bump DIKW_VERSION to v0.6.3 (#245)aab4ebdchore(release): prepare 0.6.3 (#244)247eb63feat(delivery): add tools/loop_metrics.py — delivery-loop effectiveness metri...Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)