feat(extensions): add update command to extensions cli

[villebro]

User description

SUMMARY

This adds a new update command that will be needed for introducing translations, and will do general automated metadata syncing and updating across frontend/backend.

Changes

• Adds superset-extensions update command that syncs derived files (package.json, pyproject.toml) from extension.json
• --version [<version>] and --license [<license>] flags set new values across all files; both prompt with the current value as default when used without a value
• validate now checks version and license consistency across extension.json, package.json, and pyproject.toml (non-zero exit on mismatch, useful for CI)
• Adds symmetric write_json/write_toml utils alongside existing read_json/read_toml
• Adds tomli-w as a dependency for TOML writing
• Added descriptions to all existing commands, as they were missing (init, build, dev etc)

Test plan

• Added 9 new tests (update command with version/license/prompt, license validation, util round-trips)
• Existing build tests updated to account for new version validation in the build pipeline

Examples

Validate

$ superset-extensions validate
❌ Metadata mismatch detected:
  backend/pyproject.toml version: 0.1.1 (expected 0.1.0)
  backend/pyproject.toml license: MIT (expected Apache-2.0)
Run `superset-extensions update` to sync from extension.json.

If the backend's pyproject.toml is out of sync

$ superset-extensions update
✅ Updated backend/pyproject.toml

Update version interactively:

$ superset-extensions update --version
Version [0.1.0]: 0.1.1
✅ Updated extension.json
✅ Updated frontend/package.json
✅ Updated backend/pyproject.toml

Update version inline:

$ superset-extensions update --version 0.1.0
✅ Updated extension.json
✅ Updated frontend/package.json
✅ Updated backend/pyproject.toml

Update both license and version interactively:

$ superset-extensions update --version --license
Version [0.1.0]:
License [Apache-2.0]: MIT
✅ Updated extension.json
✅ Updated frontend/package.json
✅ Updated backend/pyproject.toml

BEFORE/AFTER SCREENSHOTS OR ANIMATED GIF

TESTING INSTRUCTIONS

ADDITIONAL INFORMATION

• Has associated issue:
• Required feature flags:
• Changes UI
• Includes DB Migration (follow approval process in SIP-59)
  • Migration is atomic, supports rollback & is backwards-compatible
  • Confirm DB migration upgrade and downgrade tested
  • Runtime estimates and downtime expectations provided
• Introduces new feature or API
• Removes existing feature or API

---

CodeAnt-AI Description

Add an update command and strict metadata consistency checks to the CLI

What Changed

• New superset-extensions update command that syncs version and license from extension.json into frontend/package.json and backend/pyproject.toml; shows which files were updated or reports "All files already up to date."
• --version [<version>] and --license [<license>] flags allow setting values inline or prompt for them when used without a value.
• superset-extensions validate now fails when version or license in frontend/backend do not match extension.json and prints a clear "Metadata mismatch detected" message advising superset-extensions update.
• Added read/write utilities and tests for JSON/TOML round-trip; included TOML write dependency so pyproject.toml can be updated.

Impact

✅ Clearer metadata mismatch errors
✅ Shorter fix cycle for version/license drift
✅ Fewer CI failures from inconsistent extension metadata

💡 Usage Guide

Checking Your Pull Request

Every time you make a pull request, our system automatically looks through it. We check for security issues, mistakes in how you're setting up your infrastructure, and common code problems. We do this to make sure your changes are solid and won't cause any trouble later.

Talking to CodeAnt AI

Got a question or need a hand with something in your pull request? You can easily get in touch with CodeAnt AI right here. Just type the following in a comment on your pull request, and replace "Your question here" with whatever you want to ask:

@codeant-ai ask: Your question here

This lets you have a chat with CodeAnt AI about your pull request, making it easier to understand and improve your code.

Example

@codeant-ai ask: Can you suggest a safer alternative to storing this secret?

Preserve Org Learnings with CodeAnt

You can record team preferences so CodeAnt AI applies them in future reviews. Reply directly to the specific CodeAnt AI suggestion (in the same thread) and replace "Your feedback here" with your input:

@codeant-ai: Your feedback here

This helps CodeAnt AI learn and adapt to your team's coding style and standards.

Example

@codeant-ai: Do not flag unused imports.

Retrigger review

Ask CodeAnt AI to review the PR again, by typing:

@codeant-ai: review

Check Your Repository Health

To analyze the health of your code repository, visit our dashboard at https://app.codeant.ai. This tool helps you identify potential issues and areas for improvement in your codebase, ensuring your repository maintains high standards of code health.

[bito-code-review]

Code Review Agent Run #1255ff

Actionable Suggestions - 0

Additional Suggestions - 4

• requirements/base.txt - 2

  • Avoid editing generated files · Line 18-20
    The requirements/base.txt file is autogenerated by uv pip compile, as indicated by the header comment. Manual edits to generated files can lead to inconsistencies between source dependencies and pinned versions. Instead of editing this file directly, update the source dependency specifications and regenerate the requirements.
  • Avoid editing generated files · Line 167-167
    The requirements/base.txt file is autogenerated by uv pip compile, as indicated by the header comment. Manual edits to generated files can lead to inconsistencies between source dependencies and pinned versions. Instead of editing this file directly, update the source dependency specifications and regenerate the requirements.
• superset-extensions-cli/tests/conftest.py - 1

  • Missing Type Hint · Line 144-144
    The new `extension_with_versions` fixture lacks a return type hint, violating the project's type safety rules for new Python code. This will cause mypy to fail during pre-commit checks. Annotate it as `-> Callable[[Path, str, str | None, str | None], None]` and ensure `from typing import Callable` is imported.
    Code suggestion

     @@ -18,6 +18,7 @@
      from __future__ import annotations
    +from typing import Callable
      import json
      import os
      from pathlib import Path
     
      import pytest
      from click.testing import CliRunner
     
     
     @@ -144,1 +145,1 @@
    -def extension_with_versions():
    +def extension_with_versions() -> Callable[[Path, str, str | None, str | None], None]:

• superset-extensions-cli/src/superset_extensions_cli/cli.py - 1

  • Function complexity exceeds threshold · Line 419-419
    The `update` function has a cyclomatic complexity of 11, exceeding the threshold of 10. Consider refactoring by extracting version update logic into separate helper functions to improve readability and maintainability.
    Code suggestion

     @@ -419,50 +419,70 @@
      def update(version_opt: str | None) -> None:
          """Update derived and generated files in the extension project."""
          cwd = Path.cwd()
     
          extension_json_path = cwd / "extension.json"
          extension_data = read_json(extension_json_path)
          if not extension_data:
              click.secho("❌ extension.json not found.", err=True, fg="red")
              sys.exit(1)
     
          try:
              extension = ExtensionConfig.model_validate(extension_data)
          except Exception as e:
              click.secho(f"❌ Invalid extension.json: {e}", err=True, fg="red")
              sys.exit(1)
     
          updated: list[str] = []
     
          if version_opt and version_opt != extension.version:
              extension_data["version"] = version_opt
              write_json(extension_json_path, extension_data)
              updated.append("extension.json")
              target_version = version_opt
          else:
              target_version = extension.version
     
    -    frontend_pkg_path = cwd / "frontend" / "package.json"
    -    if frontend_pkg_path.is_file():
    -        frontend_pkg = read_json(frontend_pkg_path)
    -        if frontend_pkg and frontend_pkg.get("version") != target_version:
    -            frontend_pkg["version"] = target_version
    -            write_json(frontend_pkg_path, frontend_pkg)
    -            updated.append("frontend/package.json")
    +    _update_frontend_version(cwd, target_version, updated)
    +    _update_backend_version(cwd, target_version, updated)
     
    -    backend_pyproject_path = cwd / "backend" / "pyproject.toml"
    -    if backend_pyproject_path.is_file():
    -        backend_pyproject = read_toml(backend_pyproject_path)
    -        if backend_pyproject:
    -            backend_version = backend_pyproject.get("project", {}).get("version")
    -            if backend_version != target_version:
    -                backend_pyproject.setdefault("project", {})["version"] = target_version
    -                write_toml(backend_pyproject_path, backend_pyproject)
    -                updated.append("backend/pyproject.toml")
     
          if updated:
              for path in updated:
                  click.secho(f"✅ Updated {path} to {target_version}", fg="green")
          else:
              click.secho("✅ All versions already match.", fg="green")
    +
    +
    +def _update_frontend_version(cwd: Path, target_version: str, updated: list[str]) -> None:
    +    """Update frontend package.json version."""
    +    frontend_pkg_path = cwd / "frontend" / "package.json"
    +    if frontend_pkg_path.is_file():
    +        frontend_pkg = read_json(frontend_pkg_path)
    +        if frontend_pkg and frontend_pkg.get("version") != target_version:
    +            frontend_pkg["version"] = target_version
    +            write_json(frontend_pkg_path, frontend_pkg)
    +            updated.append("frontend/package.json")
    +
    +
    +def _update_backend_version(cwd: Path, target_version: str, updated: list[str]) -> None:
    +    """Update backend pyproject.toml version."""
    +    backend_pyproject_path = cwd / "backend" / "pyproject.toml"
    +    if backend_pyproject_path.is_file():
    +        backend_pyproject = read_toml(backend_pyproject_path)
    +        if backend_pyproject:
    +            backend_version = backend_pyproject.get("project", {}).get("version")
    +            if backend_version != target_version:
    +                backend_pyproject.setdefault("project", {})["version"] = target_version
    +                write_toml(backend_pyproject_path, backend_pyproject)
    +                updated.append("backend/pyproject.toml")

Review Details

• Files reviewed - 10 · Commit Range: 242f17f..242f17f

  • requirements/base.txt
  • requirements/development.txt
  • superset-extensions-cli/pyproject.toml
  • superset-extensions-cli/src/superset_extensions_cli/cli.py
  • superset-extensions-cli/src/superset_extensions_cli/utils.py
  • superset-extensions-cli/tests/conftest.py
  • superset-extensions-cli/tests/test_cli_build.py
  • superset-extensions-cli/tests/test_cli_update.py
  • superset-extensions-cli/tests/test_cli_validate.py
  • superset-extensions-cli/tests/test_utils.py
• Files skipped - 1

  • docs/developer_docs/extensions/development.md - Reason: Filter setting
• Tools

  • Whispers (Secret Scanner) - ✔︎ Successful
  • Detect-secrets (Secret Scanner) - ✔︎ Successful
  • MyPy (Static Code Analysis) - ✔︎ Successful
  • Astral Ruff (Static Code Analysis) - ✔︎ Successful

---

Bito Usage Guide

Commands

Type the following command in the pull request comment and save the comment.

• /review - Manually triggers a full AI review.

• /pause - Pauses automatic reviews on this pull request.

• /resume - Resumes automatic reviews.

• /resolve - Marks all Bito-posted review comments as resolved.

• /abort - Cancels all in-progress reviews.

Refer to the documentation for additional commands.

Configuration

This repository uses Superset You can customize the agent settings here or contact your Bito workspace admin at evan@preset.io.

Documentation & Help

• Customize agent settings
• Review rules
• General documentation
• FAQ

AI Code Review powered by

[codeant-ai-for-open-source]

Sequence Diagram

This PR adds an update command that makes extension json the source of truth for version values and propagates that version to frontend and backend metadata files. It also extends validate to fail when versions diverge and direct users to run update.

sequenceDiagram
    participant Developer
    participant CLI
    participant ExtensionFile
    participant FrontendFile
    participant BackendFile

    Developer->>CLI: Run update with optional version
    CLI->>ExtensionFile: Read current version
    alt Version flag is provided
        CLI->>ExtensionFile: Write new version
    end
    CLI->>FrontendFile: Sync package version
    CLI->>BackendFile: Sync project version
    CLI-->>Developer: Report updated files or no changes

    Developer->>CLI: Run validate
    CLI->>FrontendFile: Check version matches extension file
    CLI->>BackendFile: Check version matches extension file
    CLI-->>Developer: Validation success or mismatch with update guidance

Loading

---

Generated by CodeAnt AI

[netlify]

✅ Deploy Preview for superset-docs-preview ready!

Name	Link
🔨 Latest commit	c51d90d
🔍 Latest deploy log	https://app.netlify.com/projects/superset-docs-preview/deploys/69b57b4c6d203400088ea025
😎 Deploy Preview	https://deploy-preview-38651--superset-docs-preview.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[codecov]

Codecov Report

❌ Patch coverage is 96.00000% with 4 lines in your changes missing coverage. Please review.
✅ Project coverage is 64.37%. Comparing base (48220fb) to head (b0517df).
⚠️ Report is 4 commits behind head on master.

Files with missing lines	Patch %	Lines
...-extensions-cli/src/superset_extensions_cli/cli.py	95.78%	4 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master   #38651      +/-   ##
==========================================
- Coverage   64.98%   64.37%   -0.62%     
==========================================
  Files        1819     2537     +718     
  Lines       72515   130164   +57649     
  Branches    23149    29905    +6756     
==========================================
+ Hits        47126    83789   +36663     
- Misses      25389    44923   +19534     
- Partials        0     1452    +1452     

Flag	Coverage Δ
hive	40.59% <ø> (?)
mysql	61.59% <ø> (?)
postgres	61.66% <ø> (?)
presto	40.61% <ø> (?)
python	63.27% <ø> (?)
sqlite	61.29% <ø> (?)
superset-extensions-cli	90.82% <96.00%> (?)
unit	100.00% <ø> (?)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[bito-code-review]

Code Review Agent Run #3abf02

Actionable Suggestions - 1

• superset-extensions-cli/src/superset_extensions_cli/cli.py - 1

  • License comparison bug in validation · Line 406-410

Review Details

• Files reviewed - 6 · Commit Range: 242f17f..16fc206

  • superset-extensions-cli/src/superset_extensions_cli/cli.py
  • superset-extensions-cli/tests/conftest.py
  • superset-extensions-cli/tests/test_cli_update.py
  • superset-extensions-cli/tests/test_cli_validate.py
  • requirements/base.txt
  • requirements/development.txt
• Files skipped - 1

  • docs/developer_docs/extensions/development.md - Reason: Filter setting
• Tools

  • Whispers (Secret Scanner) - ✔︎ Successful
  • Detect-secrets (Secret Scanner) - ✔︎ Successful
  • MyPy (Static Code Analysis) - ✔︎ Successful
  • Astral Ruff (Static Code Analysis) - ✔︎ Successful

---

Bito Usage Guide

Commands

Type the following command in the pull request comment and save the comment.

• /review - Manually triggers a full AI review.

• /pause - Pauses automatic reviews on this pull request.

• /resume - Resumes automatic reviews.

• /resolve - Marks all Bito-posted review comments as resolved.

• /abort - Cancels all in-progress reviews.

Refer to the documentation for additional commands.

Configuration

This repository uses Superset You can customize the agent settings here or contact your Bito workspace admin at evan@preset.io.

Documentation & Help

• Customize agent settings
• Review rules
• General documentation
• FAQ

AI Code Review powered by

[bito-code-review]

Code Review Agent Run #40cd39

Actionable Suggestions - 0

Review Details

• Files reviewed - 3 · Commit Range: 16fc206..b0517df

  • superset-extensions-cli/tests/conftest.py
  • superset-extensions-cli/src/superset_extensions_cli/cli.py
  • superset-extensions-cli/tests/test_cli_update.py
• Files skipped - 0
• Tools

  • Whispers (Secret Scanner) - ✔︎ Successful
  • Detect-secrets (Secret Scanner) - ✔︎ Successful
  • MyPy (Static Code Analysis) - ✔︎ Successful
  • Astral Ruff (Static Code Analysis) - ✔︎ Successful

---

Bito Usage Guide

Commands

Type the following command in the pull request comment and save the comment.

• /review - Manually triggers a full AI review.

• /pause - Pauses automatic reviews on this pull request.

• /resume - Resumes automatic reviews.

• /resolve - Marks all Bito-posted review comments as resolved.

• /abort - Cancels all in-progress reviews.

Refer to the documentation for additional commands.

Configuration

This repository uses Superset You can customize the agent settings here or contact your Bito workspace admin at evan@preset.io.

Documentation & Help

• Customize agent settings
• Review rules
• General documentation
• FAQ

AI Code Review powered by