Update dependencies #1277
Merged
Update dependencies #1277
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Huulivoide
force-pushed
the
update-node-deps-novemeber
branch
5 times, most recently
from
7edd713 to
42b66f0
Compare
Jontzii
approved these changes
Dec 2, 2025
Member
Jontzii
left a comment
Jontzii
left a comment
There was a problem hiding this comment.
@Jontzii reviewed 20 of 20 files at r1, 7 of 7 files at r2, all commit messages.
Reviewable status:complete! all files reviewed, all discussions resolved (waiting on @Huulivoide)
Huulivoide
force-pushed
the
update-node-deps-novemeber
branch
3 times, most recently
from
36e486d to
0ef64af
Compare
* Use proper reference and compose configs. * Drop duplicate settings declarations.
* Update build stage alpine image to version 3.22. * Drop curl installation, it is not used for anything.
Versions not updated: -------------------- * Apollo client V3 → V4: A major upgrade * Headless UI + Tailwind: Major upgrades, separate ticket * Rollup commonjs/ts plugins: need config changes * React: Sticking to V8 * Cypress: Major upgrade, needs coordination with node version * next: Possibly straight upgrade, held for now * zod: Major upgrade Other version notes: -------------------- * react-hook-form: Bound to version 7.66.1, 7.67 has a typing bug, which is fixed in main, but has not been published to NPM yet. * uuid: Bound to version 11.1.0, 12+ versions have problems with CJS/MJS import styles, and just don't work properly with our setup. Eventually should be replaced with `crypto.randonUUID()` calls, but we need HTTPS support in the CI test runs before we can do that. On Zod: ------- The react-hooks eslint plugin version has dependency on Zod V4, while we are still using V3. Normally this would not be a problem, and under no-packaging-bugs scenario yarn would install the multiple versions of the package in correct sub-directories and TypeScript and code bundlers would be able to load the correct version when needed. But sadly there is a packaging bug in @hookform/resolvers package (at leas on the old non-updated version we are using), that being a missing peer-deps declaration to the required zod version. I.e. the resolver imports zod, but does not declare that it specifically needs the V3, thus it is possible that under certain scenarios, the V4 of zod gets installed to the root node_modules, resulting that version being loaded into the resolves code. Specifically this happens when trying to build the Docker image. Fix: Added a dependency to zip v3 to the root package.json of our repo, this is not a true shared dependency, but this ensures that V3 gets installed as the deduplicated primary version, and v4 gets nested under the eslint plugin's internal node_modules directory.
Huulivoide
force-pushed
the
update-node-deps-novemeber
branch
from
0ef64af to
2bbd090
Compare
Jontzii
approved these changes
Dec 3, 2025
Member
Jontzii
left a comment
Jontzii
left a comment
There was a problem hiding this comment.
@Jontzii reviewed 19 of 19 files at r3, all commit messages.
Reviewable status:
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fix couple of import mistakes
E2E: Fix TDBM imports
Require Node V24 to be used
Enable type checkking in codegen submodule
Update TSConfigs
Update Dockerfile
TDBM: Cypress bundle - use browser module versions (uuid)
Update dependencies
Versions not updated
Other version notes
crypto.randonUUID()calls, but we need HTTPS support in the CI test runs before we can do that.On zod
The react-hooks eslint plugin version has dependency on Zod V4, while we are still using V3. Normally this would not be a problem, and under no-packaging-bugs scenario yarn would install the multiple versions of the package in correct sub-directories and TypeScript and code bundlers would be able to load the correct version when needed.
But sadly there is a packaging bug in @hookform/resolvers package (at leas on the old non-updated version we are using), that being a missing peer-deps declaration to the required zod version. I.e. the resolver imports zod, but does not declare that it specifically needs the V3, thus it is possible that under certain scenarios, the V4 of zod gets installed to the root node_modules, resulting that version being loaded into the resolves code. Specifically this happens when trying to build the Docker image.
Fix: Added a dependency to zip v3 to the root package.json of our repo, this is not a true shared dependency, but this ensures that V3 gets installed as the deduplicated primary version, and v4 gets nested under the eslint plugin's internal node_modules directory.
This change is