Move scala dependencies to separate repos for 2.12 and 2.13

[kumar-zlai]

Summary

Moved scala dependencies to separate scala_2_12 and scala_2_13 repositories so we can load the right repo based on config instead of loading both.

Checklist

• Added Unit Tests
• Covered by existing CI
• Integration tested
• Documentation update

Summary by CodeRabbit

Summary by CodeRabbit

• Chores

  • Upgraded Scala dependencies to newer versions with updated verification, ensuring improved stability.
  • Removed outdated package references to streamline dependency management.
  • Introduced new repository configurations for Scala 2.12 and 2.13 to enhance dependency management.
  • Added .gitignore entry to exclude node_modules in the authoring/vscode path.
  • Created LICENSE file with MIT License text for the new extension.

• New Features

  • Introduced a Visual Studio Code extension with a CodeLens provider for Python files, allowing users to evaluate variables directly in the editor.

• Refactor

  • Updated dependency declarations to utilize a new method for handling Scala artifacts, improving consistency across the project.

[coderabbitai]

Walkthrough

The pull request updates multiple build configuration files for dependency management. In maven_install.json, artifact hashes and Scala library versions are revised, and package imports are adjusted. The _safe_name function is renamed to get_safe_name in artifact.bzl, and the maven_artifact signature is simplified. Scala dependencies are removed from maven_repository.bzl, while prelude_bazel now uses get_safe_name to construct a Bazel-friendly Scala version string. New repository configurations for Scala 2.12 and 2.13 are introduced.

Changes

File(s)	Change Summary
maven_install.json	Updated artifact hashes; Scala library version updated from 2.12.18 to 2.13.14 and Scala reflect version from 2.12.18 to 2.13.10; adjusted package imports.
tools/build_rules/artifact.bzl	Renamed _safe_name to get_safe_name; removed optional version parameter from maven_artifact function; added get_scala_repository_name, scala_artifact, and scala_artifact_with_suffix.
tools/build_rules/dependencies/maven_repository.bzl	Removed Scala artifacts: dependencies for "org.scala-lang:scala-library:" + SCALA_VERSION and `"org.scala-lang:scala-reflect:" + SCALA_VERSION.
tools/build_rules/prelude_bazel	Introduced SCALA_VERSION_FOR_DEPS using get_safe_name(SCALA_VERSION); updated dependency declaration accordingly.
tools/build_rules/dependencies/all_repositories.bzl	Added scala_repository variable for version-based repository management.
tools/build_rules/dependencies/scala_2_12_repository.bzl	Introduced repository configuration for Scala 2.12 dependencies.
tools/build_rules/dependencies/scala_2_13_repository.bzl	Introduced repository configuration for Scala 2.13 dependencies.
aggregator/BUILD.bazel	Replaced maven_scala_artifact with scala_artifact_with_suffix for various dependencies.
api/BUILD.bazel	Replaced maven_scala_artifact with scala_artifact_with_suffix for various dependencies.
cloud_aws/BUILD.bazel	Replaced maven_scala_artifact with scala_artifact_with_suffix for various dependencies.
cloud_gcp/BUILD.bazel	Replaced maven_scala_artifact with scala_artifact_with_suffix for various dependencies.
flink/BUILD.bazel	Replaced maven_scala_artifact with scala_artifact_with_suffix for various dependencies.
hub/BUILD.bazel	Replaced maven_scala_artifact with scala_artifact_with_suffix for various dependencies.
online/BUILD.bazel	Replaced maven_scala_artifact with scala_artifact_with_suffix for various dependencies.
orchestration/BUILD.bazel	Updated dependency for Log4j API Scala artifact from maven_scala_artifact to scala_artifact_with_suffix.
service/BUILD.bazel	Updated dependency for JSON4s library from maven_scala_artifact to scala_artifact_with_suffix.
spark/BUILD.bazel	Replaced maven_scala_artifact with scala_artifact_with_suffix for various dependencies.

Sequence Diagram(s)

sequenceDiagram
    participant P as prelude_bazel
    participant A as artifact.bzl
    P->>A: get_safe_name(SCALA_VERSION)
    A-->>P: Returns Bazel-friendly version string
    P->>P: Use SCALA_VERSION_FOR_DEPS in dependency declarations

Loading

Suggested reviewers

• nikhil-zlai
• piyush-zlai
• tchow-zlai

Poem

In the build’s bright night, code takes its flight,
Scala evolves in versioned light.
Functions renamed with precision so neat,
Dependencies realign, a rhythmic beat.
Changes dance like stars in a clear sky—
CodeRabbit magic, soaring high!

Warning

Review ran into problems

🔥 Problems

GitHub Actions and Pipeline Checks: Resource not accessible by integration - https://docs.github.com/rest/actions/workflow-runs#list-workflow-runs-for-a-repository.

Please grant the required permissions to the CodeRabbit GitHub App under the organization or repository settings.

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro (Legacy)

📥 Commits

Reviewing files that changed from the base of the PR and between 13eeaa3 and 2f1c96c.

📒 Files selected for processing (1)

• tools/build_rules/dependencies/scala_2_12_repository.bzl (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• tools/build_rules/dependencies/scala_2_12_repository.bzl

⏰ Context from checks skipped due to timeout of 90000ms (14)

• GitHub Check: non_spark_tests
• GitHub Check: streaming_tests
• GitHub Check: streaming_tests
• GitHub Check: spark_tests
• GitHub Check: spark_tests
• GitHub Check: join_tests
• GitHub Check: groupby_tests
• GitHub Check: join_tests
• GitHub Check: non_spark_tests
• GitHub Check: fetcher_tests
• GitHub Check: groupby_tests
• GitHub Check: analyzer_tests
• GitHub Check: bazel_config_tests
• GitHub Check: enforce_triggered_workflows

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR. (Beta)
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (2)

tools/build_rules/artifact.bzl (1)

52-57: Consider adding error handling for invalid coordinates.

 def scala_artifact(coord):
+    if not coord or ":" not in coord:
+        fail("Invalid artifact coordinate: %s" % coord)
     return _get_artifact(coord, get_scala_repository_name())

tools/build_rules/dependencies/scala_2_12_repository.bzl (1)

1-64: Consider reducing duplication with scala_2_13_repository.bzl.

Extract common configuration into a shared function:

def create_scala_repository(scala_version, repository_name):
    return repository(
        name = repository_name,
        pinned = False,
        maven_install_json = None,
        artifacts = get_scala_artifacts(scala_version),
        excluded_artifacts = get_excluded_artifacts(),
        overrides = {},
    )

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro (Legacy)

📥 Commits

Reviewing files that changed from the base of the PR and between b15a11d and 012f772.

📒 Files selected for processing (16)

• aggregator/BUILD.bazel (4 hunks)
• api/BUILD.bazel (4 hunks)
• cloud_aws/BUILD.bazel (2 hunks)
• cloud_gcp/BUILD.bazel (5 hunks)
• flink/BUILD.bazel (3 hunks)
• hub/BUILD.bazel (2 hunks)
• online/BUILD.bazel (2 hunks)
• orchestration/BUILD.bazel (2 hunks)
• service/BUILD.bazel (1 hunks)
• spark/BUILD.bazel (3 hunks)
• tools/build_rules/artifact.bzl (3 hunks)
• tools/build_rules/dependencies/all_repositories.bzl (1 hunks)
• tools/build_rules/dependencies/maven_repository.bzl (2 hunks)
• tools/build_rules/dependencies/scala_2_12_repository.bzl (1 hunks)
• tools/build_rules/dependencies/scala_2_13_repository.bzl (1 hunks)
• tools/build_rules/prelude_bazel (4 hunks)

⏰ Context from checks skipped due to timeout of 90000ms (15)

• GitHub Check: streaming_tests
• GitHub Check: streaming_tests
• GitHub Check: spark_tests
• GitHub Check: join_tests
• GitHub Check: groupby_tests
• GitHub Check: join_tests
• GitHub Check: analyzer_tests
• GitHub Check: groupby_tests
• GitHub Check: fetcher_tests
• GitHub Check: spark_tests
• GitHub Check: non_spark_tests
• GitHub Check: fetcher_tests
• GitHub Check: analyzer_tests
• GitHub Check: non_spark_tests
• GitHub Check: enforce_triggered_workflows

🔇 Additional comments (21)

tools/build_rules/dependencies/all_repositories.bzl (2)

3-3: LGTM! Clean implementation of Scala version management.

The load statements are properly organized and follow Bazel best practices.

Also applies to: 8-9

---

11-11: LGTM! Elegant version-based repository selection.

The conditional assignment ensures the correct Scala version is used.

Also applies to: 17-17

orchestration/BUILD.bazel (1)

13-13: LGTM! Consistent dependency updates.

Dependencies correctly updated to use scala_artifact_with_suffix.

Also applies to: 26-26

service/BUILD.bazel (1)

17-17: LGTM! Consistent JSON4s dependency update.

Dependency correctly updated to use scala_artifact_with_suffix.

cloud_aws/BUILD.bazel (1)

17-17: LGTM! Comprehensive dependency updates.

All Scala dependencies correctly updated to use scala_artifact_with_suffix.

Also applies to: 35-35, 37-37

tools/build_rules/artifact.bzl (2)

9-11: Good rename from _safe_name to get_safe_name.

Function name now better reflects its public nature.

---

41-46: LGTM: Clean implementation of repository name selection.

Simple and effective version-based repository selection.

aggregator/BUILD.bazel (1)

20-21: LGTM: Consistent use of new scala_artifact functions.

Dependencies correctly migrated to use scala_artifact_with_suffix.

Also applies to: 36-48

tools/build_rules/dependencies/scala_2_13_repository.bzl (1)

12-16:

❓ Verification inconclusive

Verify Scala library versions.

Check if these are the latest stable versions.

---

🌐 Web query:

What is the latest stable version of scala-library and scala-reflect for Scala 2.13?

💡 Result:

The latest stable versions for Scala 2.13 are:

• scala-library: 2.13.16
• scala-reflect: 2.13.16

These versions were released on January 15, 2025, as part of Scala’s ongoing maintenance of the 2.13 series[1][4]. Both artifacts are binary-compatible with earlier Scala 2.13.x releases[1][2], ensuring safe upgrades for existing projects.

Key Details:

• Binary Compatibility: Backward compatibility is guaranteed for scala-library and scala-reflect within the Scala 2.13 series[1][2].
• Availability: Available via Maven Central, sbt (scalaVersion), Scala CLI (using scala), or direct download from scala-lang.org[1][4].
• Notable Fixes in 2.13.16:
  • Breaking fix for .tail/.init on empty strings (throws exceptions instead of returning empty strings)[1].
  • Support for JDK 24 via ASM upgrade[1].
  • REPL improvements on Windows[1].

For migration guidance from older Scala versions (e.g., 2.12), use -Xmigration to flag potential issues[1][6].

Citations:

• 1: https://github.com/scala/scala/releases
• 2: https://docs.scala-lang.org/overviews/core/binary-compatibility-of-scala-releases.html
• 3: https://scala-native.org/en/stable/changelog/0.4.x/0.4.13.html
• 4: https://www.scala-lang.org/download/all.html
• 5: https://mvnrepository.com/artifact/org.scala-lang/scala-reflect/2.13.0
• 6: https://www.scala-lang.org/download/2.13.14.html
• 7: https://www.scala-lang.org/api/2.13.0/scala/reflect/index.html
• 8: https://www.scala-lang.org/download/2.13.0.html
• 9: https://github.com/scala/scala
• 10: https://mvnrepository.com/artifact/org.scala-lang/scala-library/2.13.1

---

Action: Ensure Scala Dependencies Use Latest Stable Version

Both scala-library and scala-reflect rely on SCALA_VERSION. For Scala 2.13, the latest stable version is 2.13.16 (released January 15, 2025). Please verify that SCALA_VERSION is set to 2.13.16. If not, update it accordingly to maintain consistency with the Scala 2.13 series.

• Confirm the value of SCALA_VERSION in the build configuration.
• Update to 2.13.16 if necessary.

hub/BUILD.bazel (1)

15-20:

❓ Verification inconclusive

LGTM! Verify dependency resolution.

Clean transition to rules_scala package for Scala dependencies.

Also applies to: 38-41, 43-51, 53-53

---

🏁 Script executed:

#!/bin/bash
# Verify that all dependencies resolve correctly
bazel query 'deps(//hub:lib)' --output=build

Length of output: 142

---

LGTM!

• Scala dependency updates are correct.
• Please manually verify dependency resolution in an environment with Bazel installed since the current query couldn't run.

api/BUILD.bazel (1)

41-42: LGTM! Clean migration to rules_scala.

Consistent with project-wide changes.

Also applies to: 56-68

online/BUILD.bazel (1)

14-19: LGTM! Comprehensive migration.

Successfully migrated all Scala dependencies to rules_scala.

Also applies to: 20-20, 25-28, 53-63

flink/BUILD.bazel (1)

15-17:

❓ Verification inconclusive

LGTM! Verify Flink compatibility.

Clean migration to rules_scala package.

Also applies to: 38-39, 50-60

---

🏁 Script executed:

#!/bin/bash
# Verify Flink-specific dependencies
bazel build //flink:flink_assembly

Length of output: 132

---

LGTM! Please verify Flink compatibility manually.

The migration to the rules_scala package seems correct; however, the Bazel build command failed due to Bazel not being found. Ensure Bazel is installed and run the build manually to confirm that Flink-specific dependencies (including changes at lines 38-39 and 50-60) work as expected.

tools/build_rules/prelude_bazel (5)

10-10: LGTM: Updated imports for new Scala artifact handling.

The import list now includes necessary functions for the new Scala dependency management approach.

---

17-18: LGTM: Added Bazel-friendly version string handling.

Good practice to use a dedicated variable for consistent version string formatting.

---

36-38: LGTM: Updated Scala dependencies to use rules_scala.

Dependencies now consistently use scala_artifact instead of maven_artifact.

Also applies to: 40-48

---

76-77: LGTM: Updated Flink test dependencies.

Scala dependencies in Flink tests now use scala_artifact.

---

102-104: LGTM: Updated Circe dependencies.

Circe dependencies now use scala_artifact_with_suffix consistently.

cloud_gcp/BUILD.bazel (1)

15-20: LGTM: Consistent dependency updates.

All Scala dependencies correctly migrated to use scala_artifact_with_suffix.

Also applies to: 29-29, 50-50, 62-63, 78-88

tools/build_rules/dependencies/maven_repository.bzl (1)

129-130: LGTM: Excluded core Scala libraries.

Correctly excluded scala-library and scala-reflect as they'll be managed by rules_scala.

spark/BUILD.bazel (1)

17-17: LGTM: Comprehensive dependency updates.

All Scala dependencies consistently migrated to use scala_artifact_with_suffix or scala_artifact.

Also applies to: 22-26, 36-36, 44-44, 63-73, 79-87

[coderabbitai]

💡 Verification agent

🧩 Analysis chain

Verify if unpinned dependencies are safe.

Setting pinned=False could lead to unexpected version changes.

---

🌐 Web query:

What are the risks of unpinned dependencies in Bazel?

💡 Result:

Unpinned dependencies in Bazel introduce significant risks related to security, reliability, and build reproducibility:

1. Security Vulnerabilities

• Third-party artifacts without pinned hashes can be tampered with if repositories like Maven Central are compromised[1]. Attackers could replace legitimate artifacts with malicious ones during downloads.
• Bazel mitigates this by allowing hash verification via sha256 fields in rules like http_archive, ensuring artifacts match expected integrity checks[2][7].

2. Diamond Dependency Conflicts

• Allowing multiple versions of the same library violates Bazel's One-Version Rule, leading to runtime errors when incompatible versions collide (e.g., v1 vs v2 of a library)[1][7].
• Example: If Target A depends on Library X (v1) and Target B updates to X (v2), A might break due to unresolved compatibility issues[5][9].

3. Non-Reproducible Builds

• Unpinned transitive dependencies can silently pull in newer versions, causing unpredictable behavior across environments[3][7].
• Bazel’s MODULE.bazel (via Bzlmod) enforces strict version resolution by building a dependency graph from declared modules, ensuring consistency[3].

4. Availability Risks

• Reliance on external repositories introduces downtime risks if services like Maven Central become unavailable[1]. Mirroring or vendoring dependencies (storing them internally) is recommended for critical projects[1][7].

5. Undeclared Dependency Breakage

• Implicit transitive dependencies may cause builds to fail when upstream changes occur (e.g., removing a library your code indirectly relied on)[5][10].
• Bazel’s strict dependency mode detects such issues by enforcing explicit declarations[1][5].

---

Mitigation Strategies

Risk	Solution
Security	Use sha256 hashes for artifacts[2][7]; vendor dependencies into source control[1].
Version Conflicts	Follow the One-Version Rule; use Bzlmod for centralized version resolution[3][7].
Reproducibility	Pin all transitive dependencies via MODULE.bazel; avoid automatic dependency resolution[3][9].
Undeclared Dependencies	Enable strict dependency checking and use tools like unused_deps to prune unnecessary entries[6][10].

By pinning dependencies with explicit versions/hashes and leveraging Bazel’s strict tooling, teams minimize these risks while maintaining scalable builds.

Citations:

• 1: https://bazel.build/basics/dependencies
• 2: https://testdriven.io/blog/bazel-builds/
• 3: https://bazel.build/external/overview
• 4: https://www.enbnt.dev/posts/why-bazel/
• 5: https://bazel.build/concepts/dependencies
• 6: https://github.com/bazelbuild/buildtools/blob/master/unused_deps/README.md
• 7: https://bazel.build/configure/best-practices
• 8: https://bazel.build/reference/be/java
• 9: https://www.wix.engineering/post/scaling-bazel-external-dependencies-at-wix
• 10: https://blog.bazel.build/2017/06/28/sjd-unused_deps.html

---

Attention: Dependency Pinning Risks

The current configuration leaves dependencies unpinned (i.e. pinned = False and maven_install_json = None), which can expose the build to:

• Security Risks: Artifacts could be tampered with if external repositories are compromised.
• Reproducibility Issues: Unpinned dependencies may lead to unexpected version changes.
• Version Conflicts: Potential for incompatible library versions (diamond dependency issues).

Please review if measures like hash verification or explicit version pinning can be applied to mitigate these concerns.

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (4)

authoring/vscode/webpack.config.js (2)

4-6: Consider enabling production mode for better performance.

Mode 'none' disables all optimizations.

-    mode: 'none',
+    mode: 'production',

---

15-30: Consider adding source map support to ts-loader.

Enable source maps for better debugging.

     use: [
         {
-            loader: 'ts-loader'
+            loader: 'ts-loader',
+            options: {
+                compilerOptions: {
+                    sourceMap: true
+                }
+            }
         }
     ]

authoring/vscode/src/extension.ts (2)

27-27: Enhance regex pattern for Python assignments.

Pattern misses valid Python cases like foo: int = 42 or (a, b) = (1, 2).

-const varRegex = /^([a-zA-Z_][a-zA-Z0-9_]*)\s*=/gm;
+const varRegex = /^(?:([a-zA-Z_][a-zA-Z0-9_]*)|(?:\([^)]+\)))\s*(?::\s*[^=]+)?\s*=/gm;

---

71-76: LGTM! Consider disposable pattern.

Registration looks good. Consider returning disposable for cleanup.

+    const disposable = vscode.languages.registerCodeLensProvider(
         { language: 'python', scheme: 'file' },
         codeLensProvider
-    );
+    );
+    return disposable;

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro (Legacy)

📥 Commits

Reviewing files that changed from the base of the PR and between b0d6ac0 and 3017612.

⛔ Files ignored due to path filters (1)

• authoring/vscode/images/icon.png is excluded by !**/*.png

📒 Files selected for processing (7)

• .gitignore (1 hunks)
• authoring/vscode/.vscodeignore (1 hunks)
• authoring/vscode/LICENSE (1 hunks)
• authoring/vscode/package.json (1 hunks)
• authoring/vscode/src/extension.ts (1 hunks)
• authoring/vscode/tsconfig.json (1 hunks)
• authoring/vscode/webpack.config.js (1 hunks)

✅ Files skipped from review due to trivial changes (4)

• authoring/vscode/LICENSE
• authoring/vscode/.vscodeignore
• authoring/vscode/tsconfig.json
• authoring/vscode/package.json

🧰 Additional context used

🪛 Biome (1.9.4)

authoring/vscode/src/extension.ts

[error] 41-41: Change to an optional chain.

Unsafe fix: Change to an optional chain.

(lint/complexity/useOptionalChain)

---

[error] 95-95: Change to an optional chain.

Unsafe fix: Change to an optional chain.

(lint/complexity/useOptionalChain)

⏰ Context from checks skipped due to timeout of 90000ms (13)

• GitHub Check: streaming_tests
• GitHub Check: streaming_tests
• GitHub Check: groupby_tests
• GitHub Check: spark_tests
• GitHub Check: analyzer_tests
• GitHub Check: join_tests
• GitHub Check: spark_tests
• GitHub Check: join_tests
• GitHub Check: analyzer_tests
• GitHub Check: non_spark_tests
• GitHub Check: fetcher_tests
• GitHub Check: non_spark_tests
• GitHub Check: bazel_config_tests

🔇 Additional comments (4)

.gitignore (1)

105-106: New node_modules exclusion looks fine.

authoring/vscode/webpack.config.js (3)

7-11: LGTM! Output configuration is properly set for VSCode extension.

Correct library target and path resolution.

---

12-14: LGTM! VSCode dependency correctly marked as external.

Prevents bundling of VSCode API.

---

31-31:

❓ Verification inconclusive

Consider using 'source-map' for better debugging.

'nosources-source-map' hides source code in production but makes debugging harder.

---

🌐 Web query:

What are the differences between webpack devtool source map options?

💡 Result:

Webpack's devtool configuration offers multiple source map options that balance build speed, rebuild performance, and debugging accuracy. Here's a breakdown of key differences:

---

Development-Optimized Options

Prioritize faster builds/rebuilds with varying levels of source mapping:

Option	Speed	Source Quality	Output Method
eval	Fastest	Original filenames only	Inline via eval()
cheap-eval-source-map	Fast	Transpiled code (post-loader)	Inline via eval()
cheap-module-eval-source-map	Medium	Original source (pre-loader)	Inline via eval()
eval-source-map	Slow	Full fidelity with column mappings	Inline via eval()

Key tradeoffs:

• eval sacrifices source accuracy for speed[1][6]
• cheap-* variants ignore column-level details[1][6]
• module-* options use loader-generated source maps[1][5]

---

Production-Optimized Options

Focus on security and performance:

Option	Source Exposure	Browser Behavior	Use Case
source-map	Full original code	Auto-loads via comment	Error reporting services[1][9]
hidden-source-map	Full original code	Manual loading required	Restricted access deployments[1]
nosources-source-map	No source content	Shows line numbers only	Public-facing error reports[1][6]

Key considerations:

• source-map requires server protection for intellectual property[1][9]
• hidden-source-map prevents accidental public exposure[1][6]
• nosources-* balances debugging with code privacy[1][6]

---

Special Case Options

For specific toolchain requirements:

• inline-*: Embed maps directly in bundles (bloats file size)[6]
• cheap-module-source-map: Separate file with loader sources[5][7]
• cheap-source-map: No loader sources or column mappings[6]

---

Critical Implementation Notes

1. Combine with SourceMapDevToolPlugin for advanced control over:

   • File naming patterns ([file].map[query])[3]
   • Selective inclusion/exclusion of modules[3][5]
   • Custom URL paths for restricted access[3]

2. Production setups should:

   • Avoid eval-based methods (security/performance)[1][6]
   • Configure servers to block .map file access[1][9]
   • Use error reporting services that consume source maps[1]

3. Development workflows benefit from:

   • Browser devtools source map enablement[5][8]
   • Webpack's HMR integration with fast rebuild options[8]

The optimal choice depends on your specific debugging needs, build performance tolerance, and deployment security requirements. Start with cheap-module-eval-source-map for development and source-map/hidden-source-map for production as baseline configurations[1][5][6].

Citations:

• 1: https://blog.scottlogic.com/2017/11/01/webpack-source-map-options-quick-guide.html
• 2: https://web.dev/articles/source-maps
• 3: https://webpack.js.org/plugins/source-map-dev-tool-plugin/
• 4: https://www.bugsnag.com/blog/source-maps/
• 5: https://survivejs.com/books/webpack/building/source-maps/
• 6: https://webpack.js.org/configuration/devtool/
• 7: https://lvzhenbang.github.io/webpack-book/en/building/01_source_maps.html
• 8: https://www.youtube.com/watch?v=gmPCXQVDtIc
• 9: https://ehsangazar.com/source-maps-and-how-it-works-b3f93ca7ea5
• 10: https://www.youtube.com/watch?v=zrGX7EmFnMM

---

Switch to 'source-map' for improved debugging clarity.

• Location: authoring/vscode/webpack.config.js, line 31
• Current setting: 'nosources-source-map' hides source details, limiting debugging to line numbers.
• Suggestion: Use 'source-map' to enable full source context in stack traces—provided exposing code isn’t a concern in your environment.

[coderabbitai]

🛠️ Refactor suggestion

Add error handling for hover provider.

Add try-catch and use optional chaining.

-            if (hover && hover[0]) {
+            try {
+                if (hover?.[0]) {

Also applies to: 41-45

[coderabbitai]

🛠️ Refactor suggestion

Add error handling and configuration.

Terminal commands need error handling and configurable Python path.

-        const terminal = vscode.window.activeTerminal || vscode.window.createTerminal('Python Eval');
-        terminal.sendText(`python3 -c "from ${pythonPath} import ${varName}; from ai.chronon.eval import eval; eval(${varName})"`);
+        try {
+            const pythonPath = vscode.workspace.getConfiguration('python').get('defaultInterpreterPath', 'python3');
+            const terminal = vscode.window.activeTerminal || vscode.window.createTerminal('Python Eval');
+            terminal.sendText(`${pythonPath} -c "from ${pythonPath} import ${varName}; from ai.chronon.eval import eval; eval(${varName})"`);
+        } catch (error) {
+            vscode.window.showErrorMessage(`Failed to evaluate: ${error}`);
+        }

Committable suggestion skipped: line range outside the PR's diff.