ci: auto-bump cursor-review SHA in all caller repos on release

[mattmillerai]

Summary

Adds a workflow that triggers whenever cursor-review.yml is updated on main and opens a one-line SHA-bump PR in each caller repo, authored by Cloud Code Bot so they are easy to filter, approve, and merge.

How it works

1. Push to main changes cursor-review.yml → workflow triggers
2. For each repo in the CALLERS list, fetches the caller file, replaces every 40-char hex SHA with ${{ github.sha }}, and opens a PR via the Cloud Code Bot token
3. PRs use a consistent branch name (ci/bump-cursor-review-<7-char-sha>) so duplicates are safe (the branch-create is idempotent)

Prerequisites (one-time setup)

• Add APP_ID variable to this repo (vars.APP_ID — the Cloud Code Bot GitHub App ID)
• Add CLOUD_CODE_BOT_PRIVATE_KEY secret to this repo

Adding a new caller repo

Append a "Comfy-Org/repo-name|.github/workflows/ci-cursor-review.yml" entry to the CALLERS array in the workflow.

[coderabbitai]

Warning

Review limit reached

@mattmillerai, we couldn't start this review because you've reached your PR review rate limit.

More reviews will be available in 14 minutes and 9 seconds. Learn how PR review limits work.

Your organization has used up its prepaid credits, and credit purchases are no longer available. Enable the review add-on in the billing tab to keep reviews running — you're only billed for reviews past your plan's rate limits ($0.25/file).

⌛ How to resolve this issue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based credits.

🚦 How do rate limits work?

CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan refill rate.

For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, the refill rate gradually slows as usage increases. The highest same-day bursts are limited more strictly.

Please see our Fair Usage Limits Policy for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: be10de9c-3559-4542-81d1-8665fc65da48

📥 Commits

Reviewing files that changed from the base of the PR and between 047ca48 and 86a1073.

📒 Files selected for processing (1)

• .github/workflows/bump-cursor-review-callers.yml

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch ci/auto-bump-cursor-review-callers

✨ Simplify code

• Create PR with simplified code
• Commit simplified code in branch ci/auto-bump-cursor-review-callers

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}