PR #478 – Comment Triage

• Repo: RunanywhereAI/runanywhere-sdks
• PR Title: feat(ci): per-artifact build system foundation (pr-build + release workflows)
• PR URL: https://github.com/RunanywhereAI/runanywhere-sdks/pull/478
• Total review comments: 38 (+ 7 issue/general comments)
• Triage date: 2026-04-18

Summary & Status

This session addressed the 3 P1 defects flagged by Greptile in its latest review (comment #38 + PR-body summary, created 2026-04-18). No GitHub issues were opened per user instruction.

Section 1 – Quick & Easy Fixes

QEF-1 – auto-tag.yml missing pull-requests: write permission

• Source comment: https://github.com/RunanywhereAI/runanywhere-sdks/pull/478#discussion_r3105952276
• Author: greptile-apps[bot]
• File / location: .github/workflows/auto-tag.yml:32-34
• LUS (Legitimacy & Urgency): 5
• CS (Complexity): 1
• Type: bug

Original Comment:

Missing pull-requests: write permission breaks PR comment step When permissions is declared explicitly in a workflow, any scope not listed is implicitly set to none. The "Comment on merged PR" step runs gh pr comment which requires pull-requests: write. With only contents: write declared, that step will always exit with a 403.

Fix applied:

permissions:
  contents: write       # needed to commit version bump + push tag
  pull-requests: write  # needed for gh pr comment on the merged PR

Status: ✅ Fixed — pull-requests: write added to auto-tag.yml

QEF-2 – sync-versions.sh silently skips runanywhere_genie/pubspec.yaml

• Source comment: Greptile PR-body summary (2026-04-18) + inline context
• Author: greptile-apps[bot]
• File / location: scripts/sync-versions.sh:134-141
• LUS (Legitimacy & Urgency): 5
• CS (Complexity): 1
• Type: bug

Original Comment:

runanywhere_genie pubspec.yaml silently skipped on every version bump sdk/runanywhere-flutter/packages/runanywhere_genie/pubspec.yaml exists and contains version: 0.16.0, but it is absent from the loop. After every sync-versions.sh call the genie package stays pinned to the old version, so a release ships with inconsistent Flutter package versions.

Fix applied: Added runanywhere_genie/pubspec.yaml to the Flutter packages loop:

for pkg in \
    ".../runanywhere/pubspec.yaml" \
    ".../runanywhere_genie/pubspec.yaml" \   # ← added
    ".../runanywhere_llamacpp/pubspec.yaml" \
    ".../runanywhere_onnx/pubspec.yaml"; do

Status: ✅ Fixed

QEF-3 – validate_consumer_swift can start before native_ios finishes

• Source comment: Greptile PR-body summary (2026-04-18)
• Author: greptile-apps[bot]
• File / location: .github/workflows/release.yml:342-344
• LUS (Legitimacy & Urgency): 4
• CS (Complexity): 1
• Type: bug

Original Comment:

validate_consumer_swift can start before native_ios finishes This job gates on sdk_kotlin (~60 min) but downloads the native-ios-macos artifact from native_ios (~90 min). Because they run in parallel, validate_consumer_swift can start while the iOS build is still running, causing download-artifact to fail with "artifact not found." continue-on-error: true hides this but the validation never actually runs.

Fix applied: Added native_ios to the needs list:

needs: [validate, native_ios, sdk_kotlin]  # native_ios produces the iOS artifact this job downloads

Status: ✅ Fixed

Previously Addressed Comments (35 bot comments, rounds 1-2)

The PR description states "37 review comments from Greptile + CodeRabbit addressed" as of the prior commits. Key items that were verified already resolved:

Section 2 – Larger / Structural Issues

Per user instruction, no GitHub issues were opened. Items that warrant future tracking: