Release: 2.27.3#222
Conversation
|
CodeAnt AI is reviewing your PR. |
Thanks for using CodeAnt! 🎉We're free for open-source projects. if you're enjoying it, help us grow by sharing. Share on X · |
|
Warning Review limit reached
More reviews will be available in 16 minutes and 31 seconds. Learn how PR review limits work. Your organization has used up its prepaid credits, and credit purchases are no longer available. Enable the review add-on in the billing tab to keep reviews running — you're only billed for reviews past your plan's rate limits ($0.25/file). ⌛ How to resolve this issue?After more reviews become available, a review can be triggered using the To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based credits. 🚦 How do rate limits work?CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan review availability. For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, additional reviews become available more gradually as earlier reviews age out of the rolling window. Please see our Fair Usage Limits Policy for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Run ID: ⛔ Files ignored due to path filters (3)
📒 Files selected for processing (3)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
PR Summary by QodoRelease 2.27.3: bump versions and publish release notes Description
Diagram
High-Level Assessment
Files changed (3)
|
codeant-ai
Bot
added
the
size:S
|
PR Summary: Release 2.27.3 — bug fixes, Android API visibility lockdown, and version bumps.
|
Code Review by Qodo
1. Legacy Gradle version mismatch
|
![qodo-code-review[bot]](https://avatars.githubusercontent.com/in/484649?s=60&v=4){kind=small}
| @@ -1,4 +1,4 @@ | |||
| val usercentricsVersion = "2.27.1" | |||
| val usercentricsVersion = "2.27.3" | |||
There was a problem hiding this comment.
1. Legacy gradle version mismatch 🐞 Bug ≡ Correctness
The PR bumps android/build.gradle.kts to use Usercentrics SDK 2.27.3, but android/build-legacy.gradle (shipped as part of the npm package via the android/ folder) still pins usercentrics-ui to 2.27.1, so any consumer using the legacy Gradle script will silently stay on the old native SDK version.
Agent Prompt
## Issue description
`android/build-legacy.gradle` still pins `def usercentrics_version = "2.27.1"` while the main Android build script has been bumped to `2.27.3`. Because the npm package ships the entire `android/` directory, legacy consumers can end up compiling against the wrong native SDK version.
## Issue Context
The release bump updates:
- `android/build.gradle.kts` -> `2.27.3`
- `package.json` -> `2.27.3`
But the legacy Android build file remains on `2.27.1`.
## Fix Focus Areas
- android/build-legacy.gradle[1-2]
- package.json[12-16]
- android/build.gradle.kts[1-1]
## Expected change
Update `def usercentrics_version` to `"2.27.3"` (or refactor to a single shared source of truth to prevent future divergence).
ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools
|
CodeAnt AI finished reviewing your PR. |
![pantoaibot[bot]](https://avatars.githubusercontent.com/in/934356?s=60&v=4){kind=small}
| "version": "2.27.3", | ||
| "description": "Usercentrics SDK", | ||
| "homepage": "https://usercentrics.com", | ||
| "main": "lib/index.js", | ||
| "types": "lib/index.d.ts", | ||
| "author": "Usercentrics <developer@usercentrics.com>", | ||
| "iosPackageName": "react-native-usercentrics", | ||
| "iosPackageVersion": "2.27.1", | ||
| "iosPackageVersion": "2.27.3", |
There was a problem hiding this comment.
[VALIDATION] You updated package version and iosPackageVersion to 2.27.3. Before publishing, verify that the corresponding native artifacts are published and available: the Android/Maven artifact (com.usercentrics.sdk:usercentrics-ui:2.27.3) and the CocoaPods artifact referenced by UsercentricsUI '2.27.3'. If those native packages are not yet published, consumers installing this JS package will fail during pod install / Gradle resolution. Also ensure release tags and CI pipeline (artifact publishing) are executed in the correct order so that native artifacts exist prior to npm publish.
| @@ -1,4 +1,4 @@ | |||
| val usercentricsVersion = "2.27.1" | |||
| val usercentricsVersion = "2.27.3" | |||
There was a problem hiding this comment.
[REFACTORING] You hard-bumped val usercentricsVersion = "2.27.3". To avoid manual drift between package.json, podspec and Gradle, consider centralizing version management (e.g. read version from root package.json or a single gradle.properties entry or project property). This reduces the chance of out-of-sync releases and missed version updates across platforms.
// android/build.gradle.kts
// TODO: Consider centralizing the SDK version to avoid drift with package.json and podspec.
// For example, you could expose it via gradle.properties or a shared version catalog.
val usercentricsVersion = project.findProperty("usercentricsVersion") as String? ?: "2.27.3"
val reactNativeVersion = "+"
| * **[Android/iOS]** Fixed ACM (Additional Consent Mode) initialization silently continuing when selected ATP providers are no longer listed in Google's ATP CDN — the SDK now surfaces the failure correctly instead of proceeding with an empty provider list | ||
| * **[iOS]** Fixed stray `PrivacyInfo.xcprivacy` file at SPM zip root causing `pod install` integration warnings | ||
| ## Chores | ||
| * **[Android]** Reduced public API surface: `UCButtonSettings`, `UCButtonType`, `UCToggle`, `PredefinedUIAlertDialogFactory`, `UCSecondLayerViewModel`, and related UI internals are now `internal` or annotated with `@InternalUsercentricsApi` — these were never part of the documented public API |
There was a problem hiding this comment.
[VALIDATION] The changelog entry states a reduction of the public API surface (making types internal/annotated @InternalUsercentricsApi). This can be a breaking change for some consumers. Please confirm and explicitly document compatibility impact and migration guidance: whether this is a breaking change (semver implications), which classes/members are removed or no longer accessible, suggested alternatives, and whether a major/minor version bump is required in downstream SDKs. Add an explicit 'Breaking changes' note if applicable.
### 2.27.3 – Jun 25, 2026
## Breaking changes
* **[Android]** Reduced public API surface. The following types, which were never part of the documented public API, are now `internal` or annotated with `@InternalUsercentricsApi` and are no longer intended for direct use:
* `UCButtonSettings`
* `UCButtonType`
* `UCToggle`
* `PredefinedUIAlertDialogFactory`
* `UCSecondLayerViewModel`
* Related UI internals in the `usercentrics-ui` artifact
These changes may affect projects that relied on these internal types (for example, custom UIs built directly against `usercentrics-ui`). To migrate:
* Prefer integrating via the documented public APIs of the native Usercentrics SDK and the React Native bridge (`@usercentrics/react-native-sdk`).
* If you previously referenced these internals for custom UI, update your implementation to use the officially supported customization hooks and configuration objects exposed in the public API. If no suitable alternative is available, please contact Usercentrics support with details of your use case.
## Fixes
* **[Android/iOS]** Fixed ACM (Additional Consent Mode) initialization silently continuing when selected ATP providers are no longer listed in Google's ATP CDN — the SDK now surfaces the failure correctly instead of proceeding with an empty provider list
* **[iOS]** Fixed stray `PrivacyInfo.xcprivacy` file at SPM zip root causing `pod install` integration warnings
## Chores
* **[Android]** Reduced public API surface: `UCButtonSettings`, `UCButtonType`, `UCToggle`, `PredefinedUIAlertDialogFactory`, `UCSecondLayerViewModel`, and related UI internals are now `internal` or annotated with `@InternalUsercentricsApi` — these were never part of the documented public API
* **[Android]** Audited and tightened consumer ProGuard rules
|
Reviewed up to commit:5eb945d62e1594982c51a76b76951782a8a736f1 |
2 participants
CodeAnt-AI Description
Release 2.27.3
What Changed
Impact
✅ Clearer release tracking✅ Easier upgrade verification✅ Updated 2.27.3 package version💡 Usage Guide
Checking Your Pull Request
Every time you make a pull request, our system automatically looks through it. We check for security issues, mistakes in how you're setting up your infrastructure, and common code problems. We do this to make sure your changes are solid and won't cause any trouble later.
Talking to CodeAnt AI
Got a question or need a hand with something in your pull request? You can easily get in touch with CodeAnt AI right here. Just type the following in a comment on your pull request, and replace "Your question here" with whatever you want to ask:
This lets you have a chat with CodeAnt AI about your pull request, making it easier to understand and improve your code.
Example
Preserve Org Learnings with CodeAnt
You can record team preferences so CodeAnt AI applies them in future reviews. Reply directly to the specific CodeAnt AI suggestion (in the same thread) and replace "Your feedback here" with your input:
This helps CodeAnt AI learn and adapt to your team's coding style and standards.
Example
Retrigger review
Ask CodeAnt AI to review the PR again, by typing:
Check Your Repository Health
To analyze the health of your code repository, visit our dashboard at https://app.codeant.ai. This tool helps you identify potential issues and areas for improvement in your codebase, ensuring your repository maintains high standards of code health.