Skip to content

chore: update dependencies to resolve Dependabot alerts #15

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
mattinannt merged 1 commit into from
Oct 3, 2025
Merged

chore: update dependencies to resolve Dependabot alerts #15

mattinannt merged 1 commit into from
Oct 3, 2025

Conversation

@mattinannt
Copy link
Member

@mattinannt mattinannt commented Oct 3, 2025

Description

This PR updates npm dependencies to resolve Dependabot security alerts and keep dependencies up to date.

Changes

Root Package

  • Updated pnpm to 10.18.0
  • Updated prettier to 3.6.2
  • Updated turbo to 2.5.8
  • Updated typescript to 5.9.3

Playground App

  • Updated @types/node to 24
  • Updated eslint-config-next to 15.5.4
  • Updated react to 19.2.0
  • Updated react-dom to 19.2.0

JS Package

  • Updated terser to 5.44.0
  • Updated vite to 7.1.9
  • Updated vite-plugin-dts to 4.5.4

Testing

  • ✅ Build completed successfully with pnpm build
  • ✅ All packages compiled without errors
  • ✅ No breaking changes detected

Note

There are peer dependency warnings for eslint 9.26.0 compatibility with some plugins, but these are non-blocking and the build succeeds.

@mattinannt
chore: update dependencies to resolve Dependabot alerts
8c62b89 
- Updated pnpm to 10.18.0
- Updated prettier to 3.6.2
- Updated turbo to 2.5.8
- Updated typescript to 5.9.3
- Updated @types/node to 24
- Updated eslint-config-next to 15.5.4
- Updated react to 19.2.0
- Updated react-dom to 19.2.0
- Updated terser to 5.44.0
- Updated vite to 7.1.9
- Updated vite-plugin-dts to 4.5.4
@sonarqubecloud
Copy link

sonarqubecloud bot commented Oct 3, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@coderabbitai
Copy link

coderabbitai bot commented Oct 3, 2025

Walkthrough

This change updates dependency versions across the repository without modifying application code. Workspace-level updates include devDependencies (prettier ^3.5.3→^3.6.2, turbo ^2.5.2→^2.5.8, typescript 5.8.2→5.9.3) and packageManager ([email protected][email protected]). The playground app bumps React/React DOM 19.1.1→19.2.0, @types/node ^20→^24, and eslint-config-next 15.3.1→15.5.4. The js package updates devDependencies: terser 5.39.0→5.44.0, vite 7.1.7→7.1.9, vite-plugin-dts 4.5.3→4.5.4. No runtime logic changes or exported/public API signature changes are indicated.

Pre-merge checks

✅ Passed checks (3 passed)
Check name Status Explanation
Title Check ✅ Passed The title clearly and succinctly describes the primary change of updating dependencies to resolve Dependabot security alerts, aligning with the actual changes in the pull request.
Description Check ✅ Passed The pull request description thoroughly details the dependency updates across the root package, playground app, and JS package, includes testing outcomes, and directly corresponds to the changeset.
Docstring Coverage ✅ Passed No functions found in the changes. Docstring coverage check skipped.
📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 8ac5eab and 8c62b89.

⛔ Files ignored due to path filters (1)
  • pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml
📒 Files selected for processing (3)
  • apps/playground/package.json (1 hunks)
  • package.json (1 hunks)
  • packages/js/package.json (1 hunks)

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@mattinannt mattinannt merged commit 2ee2052 into main Oct 3, 2025
8 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@mattinannt