Merge main to epic/1.0 by bartek-gralewicz · Pull Request #369 · a2aproject/a2a-js

bartek-gralewicz · 2026-03-20T14:17:45Z

Description

Merging recent changes from main into an epic/1.0 branch to avoid difficult conflicts in the future.

…ples (#341) Bumps [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) from 5.3.6 to 5.4.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/NaturalIntelligence/fast-xml-parser/releases">fast-xml-parser's releases</a>.</em></p> <blockquote> <h2>Separate Builder</h2> <p>XML Builder was the part of <a href="https://github.com/NaturalIntelligence/fast-xml-builder">fast-xml-parser</a> for years. But considering that any bug in builder may false-alarm the users who are only using parser and vice-versa, we have decided to split it into a separate package.</p> <h2>Migration</h2> <p>To migrate to fast-xml-builder;</p> <p>From</p> <pre lang="js"><code>import { XMLBuilder } from "fast-xml-parser"; </code></pre> <p>To</p> <pre lang="js"><code>import XMLBuilder from "fast-xml-builder"; </code></pre> <p>XMLBuilder will be removed from current package in any next major version of this library. So better to migrate.</p> <h2>support strictReservedNames</h2> <p><strong>Full Changelog</strong>: <a href="https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.3.9...v5.3.9">https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.3.9...v5.3.9</a></p> <h2>handle non-array input for XML builder && support maxNestedTags</h2> <ul> <li>support maxNestedTags</li> <li>handle non-array input for XML builder when preserveOrder is true (By <a href="https://github.com/Angelopvtac">Angelo Coetzee</a>)</li> <li>save use of js properies <strong>Full Changelog</strong>: <a href="https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.3.7...v5.3.8">https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.3.7...v5.3.8</a></li> </ul> <h2>CJS typing fix</h2> <h2>What's Changed</h2> <ul> <li>Unexport <code>X2jOptions</code> at declaration site by <a href="https://github.com/Drarig29"><code>@Drarig29</code></a> in <a href="https://redirect.github.com/NaturalIntelligence/fast-xml-parser/pull/787">NaturalIntelligence/fast-xml-parser#787</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/Drarig29"><code>@Drarig29</code></a> made their first contribution in <a href="https://redirect.github.com/NaturalIntelligence/fast-xml-parser/pull/787">NaturalIntelligence/fast-xml-parser#787</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.3.6...v5.3.7">https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.3.6...v5.3.7</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md">fast-xml-parser's changelog</a>.</em></p> <blockquote> <p>Note: If you find missing information about particular minor version, that version must have been changed without any functional change in this library.</p> <p>Note: Due to some last quick changes on v4, detail of v4.5.3 & v4.5.4 are not updated here. v4.5.4x is the last tag of v4 in github repository. I'm extremely sorry for the confusion</p> <p><strong>5.4.1 / 2026-02-25</strong></p> <ul> <li>fix (<a href="https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/785">#785</a>) unpairedTag node should not have tag content</li> </ul> <p><strong>5.4.0 / 2026-02-25</strong></p> <ul> <li>migrate to fast-xml-builder</li> </ul> <p><strong>5.3.9 / 2026-02-25</strong></p> <ul> <li>support strictReservedNames</li> </ul> <p><strong>5.3.8 / 2026-02-25</strong></p> <ul> <li>support maxNestedTags</li> <li>handle non-array input for XML builder when preserveOrder is true (By <a href="https://github.com/Angelopvtac">Angelo Coetzee</a>)</li> <li>save use of js properies</li> </ul> <p><strong>5.3.7 / 2026-02-20</strong></p> <ul> <li>fix typings for CJS (By <a href="https://github.com/Drarig29">Corentin Girard</a>)</li> </ul> <p><strong>5.3.6 / 2026-02-14</strong></p> <ul> <li>Improve security and performance of entity processing <ul> <li>new options <code>maxEntitySize</code>, <code>maxExpansionDepth</code>, <code>maxTotalExpansions</code>, <code>maxExpandedLength</code>, <code>allowedTags</code>,<code>tagFilter</code></li> <li>fast return when no edtity is present</li> <li>improvement replacement logic to reduce number of calls</li> </ul> </li> </ul> <p><strong>5.3.5 / 2026-02-08</strong></p> <ul> <li>fix: Escape regex char in entity name</li> <li>update strnum to 2.1.2</li> <li>add missing exports in CJS typings</li> </ul> <p><strong>5.3.4 / 2026-01-30</strong></p> <ul> <li>fix: handle HTML numeric and hex entities when out of range</li> </ul> <p><strong>5.3.3 / 2025-12-12</strong></p> <ul> <li>fix <a href="https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/775">#775</a>: transformTagName with allowBooleanAttributes adds an unnecessary attribute</li> </ul> <p><strong>5.3.2 / 2025-11-14</strong></p> <ul> <li>fix for import statement for v6</li> </ul> <p><strong>5.3.1 / 2025-11-03</strong></p> <ul> <li>Performance improvement for stopNodes (By <a href="https://github.com/macieklamberski">Maciek Lamberski</a>)</li> </ul> <p><strong>5.3.0 / 2025-10-03</strong></p>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/NaturalIntelligence/fast-xml-parser/commit/4e7ca80e788a23b07531ac2ff8906e5e9f4bf892"><code>4e7ca80</code></a> update release info</li> <li><a href="https://github.com/NaturalIntelligence/fast-xml-parser/commit/36023b496382717c82bd68863b3f95629d0c9311"><code>36023b4</code></a> fix (<a href="https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/785">#785</a>) unpairedTag node should not have tag content</li> <li><a href="https://github.com/NaturalIntelligence/fast-xml-parser/commit/b3660266f53e383193ae152cde878d9b2db7240f"><code>b366026</code></a> separate builder</li> <li><a href="https://github.com/NaturalIntelligence/fast-xml-parser/commit/6f333a85693e20713fea2d733795fef7e11ac51c"><code>6f333a8</code></a> update release info</li> <li><a href="https://github.com/NaturalIntelligence/fast-xml-parser/commit/c3ffbab9e5a2bab9db65803933d0af656076fc33"><code>c3ffbab</code></a> support strictReservedNames</li> <li><a href="https://github.com/NaturalIntelligence/fast-xml-parser/commit/c692040f6b5f5045d38b66b1da04e4d3abc97052"><code>c692040</code></a> update release info</li> <li><a href="https://github.com/NaturalIntelligence/fast-xml-parser/commit/107e34c046d4997ee3b67a32d32eef52fe63edb2"><code>107e34c</code></a> avoid <code>{}</code> to create an empty object</li> <li><a href="https://github.com/NaturalIntelligence/fast-xml-parser/commit/60835a4c7279ddc349d192097fb41afa52930d8b"><code>60835a4</code></a> support maxNestedTags</li> <li><a href="https://github.com/NaturalIntelligence/fast-xml-parser/commit/f55657c2b1cf29b433124390c32acba45a5a67aa"><code>f55657c</code></a> avoid direct call to hasOwnProperty</li> <li><a href="https://github.com/NaturalIntelligence/fast-xml-parser/commit/c13a961910f14986295dd28484eee830fa1a0e8a"><code>c13a961</code></a> handle non-array input for XML builder when preserveOrder is true</li> <li>Additional commits viewable in <a href="https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.3.6...v5.4.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=fast-xml-parser&package-manager=npm_and_yarn&previous-version=5.3.6&new-version=5.4.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/a2aproject/a2a-js/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [minimatch](https://github.com/isaacs/minimatch) from 9.0.5 to 9.0.8. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/isaacs/minimatch/commit/446cfa3e2aa3ef45bd4a27fa4418221e158489f6"><code>446cfa3</code></a> 9.0.8</li> <li><a href="https://github.com/isaacs/minimatch/commit/8fa151ab95fd4e2acd6e1a81f10d02dc7c1098d3"><code>8fa151a</code></a> docs: add warning about ReDoS</li> <li><a href="https://github.com/isaacs/minimatch/commit/71b78a2a4cad3a40af08a39c065e71bbf69ea7f7"><code>71b78a2</code></a> fix partial matching of globstar patterns</li> <li><a href="https://github.com/isaacs/minimatch/commit/2de496f6d9362dd92460f35ffa6ff8de2907244b"><code>2de496f</code></a> 9.0.7</li> <li><a href="https://github.com/isaacs/minimatch/commit/0d4616de9193bf1d359271662e92657bb51b2f75"><code>0d4616d</code></a> limit nested extglob recursion, flatten extglobs</li> <li><a href="https://github.com/isaacs/minimatch/commit/7117ef381e74deace1c62a74d2298c8fe61d10ca"><code>7117ef3</code></a> 9.0.6</li> <li><a href="https://github.com/isaacs/minimatch/commit/2418458b7fe82e0a1fd1a1b6f618c41c90b9848a"><code>2418458</code></a> update deps, do not checkin dist</li> <li><a href="https://github.com/isaacs/minimatch/commit/1d1f531009d5e4a86083de37e5ef3f301e073986"><code>1d1f531</code></a> update deps</li> <li><a href="https://github.com/isaacs/minimatch/commit/03b1778ab34a0ead5729800307143669ef328096"><code>03b1778</code></a> update CI matrix and actions</li> <li><a href="https://github.com/isaacs/minimatch/commit/f1aaffe08fe6651f340fb5bd0191cb5c8800a3c7"><code>f1aaffe</code></a> update test expectations for coalesced consecutive stars</li> <li>Additional commits viewable in <a href="https://github.com/isaacs/minimatch/compare/v9.0.5...v9.0.8">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=minimatch&package-manager=npm_and_yarn&previous-version=9.0.5&new-version=9.0.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/a2aproject/a2a-js/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Ivan Shymko <ishymko@google.com>

Now one can do `--transport=` to specify `JSONRPC`, `HTTP+JSON` or `GRPC` (constants as in the A2A spec).

## Description Fixes an issue where the SDK fails to resolve Agent Cards served in Protobuf JSON format. In the v0.3.0 specification, there was a structural drift between the JSON Schema data model and the Protobuf data model: - **JSON Schema:** Uses a `"type"` discriminator (e.g., `{"type": "openIdConnect"}`). [Source](https://github.com/a2aproject/A2A/blob/8d57eba286de756176892518a8fc39b0ac2ccefb/specification/json/a2a.json#L1757-L1782) - **Protobuf:** Uses the `oneof` field name as the discriminator (e.g., `{"oauth2SecurityScheme": {...}}`). [Source](https://github.com/a2aproject/A2A/blob/8d57eba286de756176892518a8fc39b0ac2ccefb/specification/grpc/a2a.proto#L502-L510)

🤖 I have created a release *beep* *boop* --- ## [0.3.11](v0.3.10...v0.3.11) (2026-03-10) ### Bug Fixes * support proto-based AgentCard in AgentCardResolver ([#344](#344)) ([e71221c](e71221c)) * throw on JSON-RPC response id mismatch ([#318](#318)) ([5ea1c94](5ea1c94)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).

It had nothing to do with 0.3 and 1.0. Re #344

…ransport (#346) # Description This PR solves a bug that was mentioned here: #336. The issue occurred due to missing mapping of `pushNotificationConfig` in the mapping method. Since mapping is no longer needed, all logic related to field mapping was removed in this PR. Changes: - Extension to an existing unit test to check for `pushNotificationConfig` presence. This test failed as expected before removing the normalization, hence, catching the bug for the future. - Remove rest types and related unions. - Removed snake_case cases from unit testes. - Removed normalization functions but remained field checks to align with currently existing unit tests. Fixes #336 --------- Co-authored-by: Bartek Gralewicz <bgralewicz@google.com>

🤖 I have created a release *beep* *boop* --- ## [0.3.12](v0.3.11...v0.3.12) (2026-03-10) ### Bug Fixes * Fixing missing push configuration after normalization for rest transport ([#346](#346)) ([54ac8c4](54ac8c4)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).

Bumps [simple-git](https://github.com/steveukx/git-js/tree/HEAD/simple-git) from 3.30.0 to 3.33.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/steveukx/git-js/releases">simple-git's releases</a>.</em></p> <blockquote> <h2>simple-git@3.33.0</h2> <h3>Minor Changes</h3> <ul> <li>a263635: Use <code>pathspec</code> wrappers for remote and local paths when running either <code>git.clone</code> or <code>git.mirror</code> to avoid leaving them less open for unexpected outcomes when passing unsanitised data into these tasks.</li> </ul> <h3>Patch Changes</h3> <ul> <li> <p>e253a0d: Enhanced <code>git -c</code> checks in <code>unsafe</code> plugin.</p> <p>Thanks to <a href="https://github.com/JohannesLks"><code>@JohannesLks</code></a> for identifying the issue</p> </li> </ul> <h2>simple-git@3.32.3</h2> <h3>Patch Changes</h3> <ul> <li> <p>f704208: Enhanced <code>protocol.allow</code> checks in <code>allowUnsafeExtProtocol</code> handling.</p> <p>Thanks to <a href="https://github.com/CodeAnt-AI-Security"><code>@CodeAnt-AI-Security</code></a> for identifying the issue</p> </li> </ul> <h2>simple-git@3.32.2</h2> <h3>Patch Changes</h3> <ul> <li>8d02097: Enhanced clone unsafe switch detection.</li> </ul> <h2>simple-git@3.32.1</h2> <h3>Patch Changes</h3> <ul> <li> <p>23b070f: Fix regex for detecting unsafe clone options</p> <p>Thanks to <a href="https://github.com/stevenwdv"><code>@stevenwdv</code></a> for reporting this issue.</p> </li> </ul> <h2>simple-git@3.32.0</h2> <h3>Minor Changes</h3> <ul> <li> <p>1effd8e: Enhances the <code>unsafe</code> plugin to block additional cases where the <code>-u</code> switch may be disguised along with other single character options.</p> <p>Thanks to <a href="https://github.com/JuHwiSang"><code>@JuHwiSang</code></a> for identifying this as vulnerability.</p> </li> </ul> <h3>Patch Changes</h3> <ul> <li>d5fd4fe: Use task runner for logging use of deprecated (already no-op) functions.</li> </ul> <h2>simple-git@3.31.1</h2> <h3>Patch Changes</h3> <ul> <li>a44184f: Resolve NPM publish steps</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/steveukx/git-js/blob/main/simple-git/CHANGELOG.md">simple-git's changelog</a>.</em></p> <blockquote> <h2>3.33.0</h2> <h3>Minor Changes</h3> <ul> <li>a263635: Use <code>pathspec</code> wrappers for remote and local paths when running either <code>git.clone</code> or <code>git.mirror</code> to avoid leaving them less open for unexpected outcomes when passing unsanitised data into these tasks.</li> </ul> <h3>Patch Changes</h3> <ul> <li> <p>e253a0d: Enhanced <code>git -c</code> checks in <code>unsafe</code> plugin.</p> <p>Thanks to <a href="https://github.com/JohannesLks"><code>@JohannesLks</code></a> for identifying the issue</p> </li> </ul> <h2>3.32.3</h2> <h3>Patch Changes</h3> <ul> <li> <p>f704208: Enhanced <code>protocol.allow</code> checks in <code>allowUnsafeExtProtocol</code> handling.</p> <p>Thanks to <a href="https://github.com/CodeAnt-AI-Security"><code>@CodeAnt-AI-Security</code></a> for identifying the issue</p> </li> </ul> <h2>3.32.2</h2> <h3>Patch Changes</h3> <ul> <li>8d02097: Enhanced clone unsafe switch detection.</li> </ul> <h2>3.32.1</h2> <h3>Patch Changes</h3> <ul> <li> <p>23b070f: Fix regex for detecting unsafe clone options</p> <p>Thanks to <a href="https://github.com/stevenwdv"><code>@stevenwdv</code></a> for reporting this issue.</p> </li> </ul> <h2>3.32.0</h2> <h3>Minor Changes</h3> <ul> <li> <p>1effd8e: Enhances the <code>unsafe</code> plugin to block additional cases where the <code>-u</code> switch may be disguised along with other single character options.</p> <p>Thanks to <a href="https://github.com/JuHwiSang"><code>@JuHwiSang</code></a> for identifying this as vulnerability.</p> </li> </ul> <h3>Patch Changes</h3> <ul> <li>d5fd4fe: Use task runner for logging use of deprecated (already no-op) functions.</li> </ul> <h2>3.31.1</h2>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/steveukx/git-js/commit/8bbbabc827fc05824e0e4bd51746e9ca0109b353"><code>8bbbabc</code></a> Version Packages</li> <li><a href="https://github.com/steveukx/git-js/commit/a263635ca4729c276eba869ae8c97cbb00fc4eb9"><code>a263635</code></a> Clone API use pathspec (<a href="https://github.com/steveukx/git-js/tree/HEAD/simple-git/issues/1132">#1132</a>)</li> <li><a href="https://github.com/steveukx/git-js/commit/e253a0d1bf9d013228f856209b3b8a7c5980a54b"><code>e253a0d</code></a> Fix/block unsafe 2603 (<a href="https://github.com/steveukx/git-js/tree/HEAD/simple-git/issues/1135">#1135</a>)</li> <li><a href="https://github.com/steveukx/git-js/commit/a1170e506eeeaade4a242bfbf6d0620d57872364"><code>a1170e5</code></a> Version Packages</li> <li><a href="https://github.com/steveukx/git-js/commit/f7042088aa2dac59e3c49a84d7a2f4b26048a257"><code>f704208</code></a> In extension to CVE-2022-25912, switch to case-insensitive check for `protoco...</li> <li><a href="https://github.com/steveukx/git-js/commit/4bb20811eb35c0fa5437553cad4eb8ebf8f6f6e6"><code>4bb2081</code></a> Version Packages</li> <li><a href="https://github.com/steveukx/git-js/commit/7ae7537737bafc1e6559a28816785b10926fb095"><code>7ae7537</code></a> Match tokens to word boundary</li> <li><a href="https://github.com/steveukx/git-js/commit/c47ad103b07ce768cf69aec63e0c9f7f77a1ab0f"><code>c47ad10</code></a> Lint</li> <li><a href="https://github.com/steveukx/git-js/commit/8d02097b726c2bc5360b4f55ee3ecb7e09648e4d"><code>8d02097</code></a> Enhanced clone switch detection</li> <li><a href="https://github.com/steveukx/git-js/commit/f6909a52807512cb4e29a654db2dcd409b019113"><code>f6909a5</code></a> Remove test timeout override</li> <li>Additional commits viewable in <a href="https://github.com/steveukx/git-js/commits/simple-git@3.33.0/simple-git">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by [GitHub Actions](<a href="https://www.npmjs.com/~GitHub">https://www.npmjs.com/~GitHub</a> Actions), a new releaser for simple-git since your current version.</p> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=simple-git&package-manager=npm_and_yarn&previous-version=3.30.0&new-version=3.33.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/a2aproject/a2a-js/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…352) Apparently the code removed in #346 wasn't "dead", this method wasn't properly migrated in #292. Tests are updated to cover this. Fixes #336

🤖 I have created a release *beep* *boop* --- ## [0.3.13](v0.3.12...v0.3.13) (2026-03-16) ### Bug Fixes * properly parse ProtoJSON body for POST pushNotificationConfigs ([#352](#352)) ([57696a8](57696a8)), closes [#336](#336) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).

…ples (#357) Bumps [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) from 5.4.1 to 5.5.6. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/NaturalIntelligence/fast-xml-parser/releases">fast-xml-parser's releases</a>.</em></p> <blockquote> <h2>fix entity expansion and incorrect replacement and performance</h2> <p><strong>Full Changelog</strong>: <a href="https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.5...v5.5.6">https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.5...v5.5.6</a></p> <h2>support onDangerousProperty</h2> <p><strong>Full Changelog</strong>: <a href="https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.3...v5.5.5">https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.3...v5.5.5</a></p> <h2>update dependecies to fix typings</h2> <p><strong>Full Changelog</strong>: <a href="https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.1...v5.5.2">https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.1...v5.5.2</a></p> <h2>integrate path-expression-matcher</h2> <ul> <li>support path-expression-matcher</li> <li>fix: stopNode should not be parsed</li> <li>performance improvement for stopNode checking</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md">fast-xml-parser's changelog</a>.</em></p> <blockquote> <p>Note: If you find missing information about particular minor version, that version must have been changed without any functional change in this library.</p> <p>Note: Due to some last quick changes on v4, detail of v4.5.3 & v4.5.4 are not updated here. v4.5.4x is the last tag of v4 in github repository. I'm extremely sorry for the confusion</p> <p><strong>5.5.6 / 2026-03-16</strong></p> <ul> <li>update builder dependency</li> <li>fix incorrect regex to replace . in entity name</li> <li>fix check for entitiy expansion for lastEntities and html entities too</li> </ul> <p><strong>5.5.5 / 2026-03-13</strong></p> <ul> <li>sanitize dangerous tag or attribute name</li> <li>error on critical property name</li> <li>support onDangerousProperty option</li> </ul> <p><strong>5.5.4 / 2026-03-13</strong></p> <ul> <li>declare Matcher & Expression as unknown so user is not forced to install path-expression-matcher</li> </ul> <p><strong>5.5.3 / 2026-03-11</strong></p> <ul> <li>upgrade builder</li> </ul> <p><strong>5.5.2 / 2026-03-11</strong></p> <ul> <li>update dependency to fix typings</li> </ul> <p><strong>5.5.1 / 2026-03-10</strong></p> <ul> <li>fix dependency</li> </ul> <p><strong>5.5.0 / 2026-03-10</strong></p> <ul> <li>support path-expression-matcher</li> <li>fix: stopNode should not be parsed</li> <li>performance improvement for stopNode checking</li> </ul> <p><strong>5.4.2 / 2026-03-03</strong></p> <ul> <li>support maxEntityCount option</li> </ul> <p><strong>5.4.1 / 2026-02-25</strong></p> <ul> <li>fix (<a href="https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/785">#785</a>) unpairedTag node should not have tag content</li> </ul> <p><strong>5.4.0 / 2026-02-25</strong></p> <ul> <li>migrate to fast-xml-builder</li> </ul> <p><strong>5.3.9 / 2026-02-25</strong></p> <ul> <li>support strictReservedNames</li> </ul> <p><strong>5.3.8 / 2026-02-25</strong></p> <ul> <li>support maxNestedTags</li> <li>handle non-array input for XML builder when preserveOrder is true (By <a href="https://github.com/Angelopvtac">Angelo Coetzee</a>)</li> <li>save use of js properies</li> </ul> <p><strong>5.3.7 / 2026-02-20</strong></p>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/NaturalIntelligence/fast-xml-parser/commit/870043e75e78545192bc70950c6286d36c7cdf23"><code>870043e</code></a> update release info</li> <li><a href="https://github.com/NaturalIntelligence/fast-xml-parser/commit/6df401ef2bb1d152313276add24cdfa860819751"><code>6df401e</code></a> update builder dependency</li> <li><a href="https://github.com/NaturalIntelligence/fast-xml-parser/commit/bd26122c838e6a55e7d7ac49b4ccc01a49999a01"><code>bd26122</code></a> check for entitiy expansion for lastEntities and html entities too</li> <li><a href="https://github.com/NaturalIntelligence/fast-xml-parser/commit/7e70dd8f758f3f494c4e14a281cea35b7d8d0d13"><code>7e70dd8</code></a> fix incorrect regex to replace . in entity name</li> <li><a href="https://github.com/NaturalIntelligence/fast-xml-parser/commit/e54155f53048e9d58e27f170d3ccff15176b6671"><code>e54155f</code></a> update package info</li> <li><a href="https://github.com/NaturalIntelligence/fast-xml-parser/commit/3308fd7a45d9d74e87c6b6c4ef0574abaa1f8b65"><code>3308fd7</code></a> handle critical properties</li> <li><a href="https://github.com/NaturalIntelligence/fast-xml-parser/commit/0500f6b4d66464fa70ecb58907804962c6b847f9"><code>0500f6b</code></a> refactor</li> <li><a href="https://github.com/NaturalIntelligence/fast-xml-parser/commit/ea07bb2e8435a88136c0e46d7ee8a345107b7582"><code>ea07bb2</code></a> declare Matcher & Expression as unknown</li> <li><a href="https://github.com/NaturalIntelligence/fast-xml-parser/commit/0a4dc92f979b5b03cfac2339ec7d81385edc14a8"><code>0a4dc92</code></a> upgrade builder</li> <li><a href="https://github.com/NaturalIntelligence/fast-xml-parser/commit/e0a14f7d15a293732e630ce1b7faa39924de2359"><code>e0a14f7</code></a> update dependency to fix typings</li> <li>Additional commits viewable in <a href="https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.4.1...v5.5.6">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=fast-xml-parser&package-manager=npm_and_yarn&previous-version=5.4.1&new-version=5.5.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/a2aproject/a2a-js/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

# Description Modification to code coverage calculation workflow so that the comparison is made against target branch and not `main`. This is valuable when PR targets some epic branch. Comparing the coverage with `main` branch is not accurate if the epic branch already drifted from `main`. # IMPORTANT NOTE An attempt to test this change was done on a draft PR: #363 but the coverage comment workflow is executed from the `main` branch and not from the branch checkout. This means that in order to properly test this functionality in action, it needs to reach `main` state. In case any issues occur, I will provide an update to this logic or revert back to the original state.

…ples (#365) Bumps [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) from 5.5.6 to 5.5.7. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md">fast-xml-parser's changelog</a>.</em></p> <blockquote> <p>Note: If you find missing information about particular minor version, that version must have been changed without any functional change in this library.</p> <p>Note: Due to some last quick changes on v4, detail of v4.5.3 & v4.5.4 are not updated here. v4.5.4x is the last tag of v4 in github repository. I'm extremely sorry for the confusion</p> <p><strong>5.5.7 / 2026-03-19</strong></p> <ul> <li>fix: entity expansion limits</li> <li>update strnum package to 2.2.0</li> </ul> <p><strong>5.5.6 / 2026-03-16</strong></p> <ul> <li>update builder dependency</li> <li>fix incorrect regex to replace . in entity name</li> <li>fix check for entitiy expansion for lastEntities and html entities too</li> </ul> <p><strong>5.5.5 / 2026-03-13</strong></p> <ul> <li>sanitize dangerous tag or attribute name</li> <li>error on critical property name</li> <li>support onDangerousProperty option</li> </ul> <p><strong>5.5.4 / 2026-03-13</strong></p> <ul> <li>declare Matcher & Expression as unknown so user is not forced to install path-expression-matcher</li> </ul> <p><strong>5.5.3 / 2026-03-11</strong></p> <ul> <li>upgrade builder</li> </ul> <p><strong>5.5.2 / 2026-03-11</strong></p> <ul> <li>update dependency to fix typings</li> </ul> <p><strong>5.5.1 / 2026-03-10</strong></p> <ul> <li>fix dependency</li> </ul> <p><strong>5.5.0 / 2026-03-10</strong></p> <ul> <li>support path-expression-matcher</li> <li>fix: stopNode should not be parsed</li> <li>performance improvement for stopNode checking</li> </ul> <p><strong>5.4.2 / 2026-03-03</strong></p> <ul> <li>support maxEntityCount option</li> </ul> <p><strong>5.4.1 / 2026-02-25</strong></p> <ul> <li>fix (<a href="https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/785">#785</a>) unpairedTag node should not have tag content</li> </ul> <p><strong>5.4.0 / 2026-02-25</strong></p> <ul> <li>migrate to fast-xml-builder</li> </ul> <p><strong>5.3.9 / 2026-02-25</strong></p> <ul> <li>support strictReservedNames</li> </ul> <p><strong>5.3.8 / 2026-02-25</strong></p> <ul> <li>support maxNestedTags</li> </ul>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/NaturalIntelligence/fast-xml-parser/commit/a21c44123cdf0f8fb5b56d33386ed3be4e180953"><code>a21c441</code></a> update package detail</li> <li><a href="https://github.com/NaturalIntelligence/fast-xml-parser/commit/239b64aa1fc5c5455ddebbbb54a187eb68c9fdb7"><code>239b64a</code></a> check for min value for entity exapantion options</li> <li><a href="https://github.com/NaturalIntelligence/fast-xml-parser/commit/61cb666d13044b483aa495a6c020789f22e670b4"><code>61cb666</code></a> restrict more properties to be unsafe</li> <li><a href="https://github.com/NaturalIntelligence/fast-xml-parser/commit/41abd66adc54cbc6ebea615a9f5396d8582afdb1"><code>41abd66</code></a> performance improvement of reading DOCTYPE</li> <li><a href="https://github.com/NaturalIntelligence/fast-xml-parser/commit/3dfcd20c8cffc310335510ff72a211be0672a8dd"><code>3dfcd20</code></a> refactor: performance improvement</li> <li>See full diff in <a href="https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.6...v5.5.7">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=fast-xml-parser&package-manager=npm_and_yarn&previous-version=5.5.6&new-version=5.5.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/a2aproject/a2a-js/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [flatted](https://github.com/WebReflection/flatted) from 3.3.3 to 3.4.2. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7"><code>3bf0909</code></a> 3.4.2</li> <li><a href="https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802"><code>885ddcc</code></a> fix CWE-1321</li> <li><a href="https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3"><code>0bdba70</code></a> added flatted-view to the benchmark</li> <li><a href="https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20"><code>2a02dce</code></a> 3.4.1</li> <li><a href="https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416"><code>fba4e8f</code></a> Merge pull request <a href="https://redirect.github.com/WebReflection/flatted/issues/89">#89</a> from WebReflection/python-fix</li> <li><a href="https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7"><code>5fe8648</code></a> added "when in Rome" also a test for PHP</li> <li><a href="https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0"><code>53517ad</code></a> some minor improvement</li> <li><a href="https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f"><code>b3e2a0c</code></a> Fixing recursion issue in Python too</li> <li><a href="https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad"><code>c4b46db</code></a> Add SECURITY.md for security policy and reporting</li> <li><a href="https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988"><code>f86d071</code></a> Create dependabot.yml for version updates</li> <li>Additional commits viewable in <a href="https://github.com/WebReflection/flatted/compare/v3.3.3...v3.4.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=flatted&package-manager=npm_and_yarn&previous-version=3.3.3&new-version=3.4.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/a2aproject/a2a-js/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

gemini-code-assist · 2026-03-20T14:18:10Z

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request integrates recent changes from the main branch into the epic/1.0 branch, primarily to proactively manage and avoid potential merge conflicts. The updates encompass a broad range of dependency upgrades, a crucial enhancement to AgentCard parsing for improved compatibility with different data models, and a significant refactoring of the REST transport layer for cleaner and more efficient request handling. The CLI tool also received a minor but useful update for transport selection.

Highlights

Dependency Updates: Numerous project dependencies, including @a2a-js/sdk, minimatch, rollup and its various platform-specific packages, flatted, simple-git, fast-xml-parser, strnum, and brace-expansion, have been updated to their latest versions. Additionally, fast-xml-builder and path-expression-matcher were introduced in the sample project's package-lock.json.
AgentCard Normalization: The AgentCardResolver now includes robust logic to automatically detect and normalize AgentCard structures, effectively bridging the gap between JSON Schema and Protobuf JSON representations for security schemes and entries. This ensures consistent internal handling regardless of the incoming format.
REST Transport Handler Refactoring: The REST transport handler has been significantly simplified by removing internal snake_case to camelCase normalization and input validation methods. Instead, it now leverages FromProto conversions for incoming requests and integrates validation directly into its public methods, streamlining the request processing pipeline.
CLI Tool Transport Selection: The command-line interface (CLI) tool has been enhanced to support specifying a preferred transport mechanism via a new --transport= command-line argument, offering greater flexibility in how the client interacts with agents.

Ignored Files

Ignored by pattern: .github/workflows/** (2)
- .github/workflows/coverage-comment.yml
- .github/workflows/unit-tests.yml

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	`/gemini review`	Performs a code review for the current pull request in its current state.
Pull Request Summary	`/gemini summary`	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	`/gemini help`	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.

Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

gemini-code-assist

Code Review

This pull request merges changes from the main branch, including dependency updates, changelog entries, and significant refactorings. The client-side AgentCardResolver has been improved to handle both JSON Schema and Protobuf-based formats for agent cards, increasing interoperability. On the server side, the REST transport handler has been refactored to use Protobuf types for request parsing, which simplifies the codebase by removing manual data normalization. My review includes one suggestion to further improve the robustness of the agent card parsing logic.

gemini-code-assist · 2026-03-20T14:24:24Z

src/client/card-resolver.ts

+      const parsedProto = PBAgentCard.fromJSON(card);
+      return FromProto.agentCard(parsedProto);
+    }
+    return card as AgentCard;


The type assertion card as AgentCard assumes that if the card is not in Protobuf format, it must be in the correct JSON Schema format. This could lead to runtime errors if the received card is malformed but doesn't trigger the isProtoAgentCard heuristic. To improve robustness, consider adding a basic validation check for the non-Protobuf format, for example by checking for the presence of a required field like protocolVersion.

Suggested change

return card as AgentCard;

if (card && typeof card === 'object' && 'protocolVersion' in card) {

return card as AgentCard;

}

throw new Error('Received malformed AgentCard');

dependabot bot and others added 17 commits March 2, 2026 10:11

docs: allow specifying transport preferences in samples CLI (#345)

98293b8

Now one can do `--transport=` to specify `JSONRPC`, `HTTP+JSON` or `GRPC` (constants as in the A2A spec).

test: fix naming in card-resolver.spec.ts (#347)

c03e807

It had nothing to do with 0.3 and 1.0. Re #344

fix: properly parse ProtoJSON body for POST pushNotificationConfigs (#…

57696a8

…352) Apparently the code removed in #346 wasn't "dead", this method wasn't properly migrated in #292. Tests are updated to cover this. Fixes #336

gemini-code-assist bot reviewed Mar 20, 2026

View reviewed changes

bartek-gralewicz closed this Mar 25, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Merge main to epic/1.0#369

Merge main to epic/1.0#369
bartek-gralewicz wants to merge 17 commits intoepic/1.0_breaking_changesfrom
main

bartek-gralewicz commented Mar 20, 2026

Uh oh!

gemini-code-assist bot commented Mar 20, 2026

Uh oh!

gemini-code-assist bot left a comment

Uh oh!

gemini-code-assist bot Mar 20, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

Conversation

bartek-gralewicz commented Mar 20, 2026

Description

Uh oh!

gemini-code-assist bot commented Mar 20, 2026

Summary of Changes

Highlights

Footnotes

Uh oh!

gemini-code-assist bot left a comment

Choose a reason for hiding this comment

Code Review

Uh oh!

gemini-code-assist bot Mar 20, 2026

Choose a reason for hiding this comment

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants