Skip to content

chore: update dependencies #370

Open
setchy wants to merge 23 commits intothoughtworks:masterfrom
setchy:chore/deps
Open

chore: update dependencies #370
setchy wants to merge 23 commits intothoughtworks:masterfrom
setchy:chore/deps

Conversation

@setchy
Copy link
Copy Markdown
Contributor

@setchy setchy commented Apr 11, 2024
edited
Loading

This PR uses npm-check-updates (ncu) to update the dependencies used in BYOR.

@setchy setchy requested review from a team and will-amaral as code owners April 11, 2024 03:46
setchy
setchy commented Apr 11, 2024
View reviewed changes
Comment thread src/util/factory.js
@setchy
Copy link
Copy Markdown
Contributor Author

setchy commented Nov 26, 2024
edited
Loading

fresh update of deps, including vulnerability fixes

9 vulnerabilities (3 low, 1 moderate, 5 high)

@setchy
chore(deps): bump to latest
7a9ff40 
Signed-off-by: Adam Setch <adam.setch@outlook.com>
@setchy
chore(deps): bump to latest
33c5664 
Signed-off-by: Adam Setch <adam.setch@outlook.com>
@setchy
Merge branch 'thoughtworks:master' into chore/deps
8fda0f8
@setchy setchy mentioned this pull request Nov 19, 2025
Open
@setchy
Merge remote-tracking branch 'origin/master' into chore/deps
5e25891 
Signed-off-by: Adam Setch <adam.setch@outlook.com>
@setchy
Copy link
Copy Markdown
Contributor Author

setchy commented Apr 15, 2026

Refreshed branch...

Copilot AI review requested due to automatic review settings April 15, 2026 14:18
Copilot AI reviewed Apr 15, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Updates BYOR’s frontend/tooling dependencies (via npm-check-updates) and adjusts build/config files to keep the webpack + Node environment compatible with the upgraded packages.

Changes:

  • Bumped a broad set of npm dependencies/devDependencies (including webpack toolchain, eslint, jest, cypress, jQuery, etc.).
  • Updated Node version expectations (Dockerfile + .nvmrc + package.json engines).
  • Tweaked webpack css-loader options and applied a small formatting-only change in src/util/factory.js.

Reviewed changes

Copilot reviewed 5 out of 7 changed files in this pull request and generated 1 comment.

Show a summary per file
File Description
webpack.prod.js Updates css-loader options for compatibility with newer loader behavior.
webpack.dev.js Same css-loader option update as prod config.
src/util/factory.js Formatting-only change to ternary indentation.
package.json Dependency upgrades and raises Node/npm engine requirements.
Dockerfile Updates nginx base image and installs Node 24.x via NodeSource.
.nvmrc Aligns local Node version to v24.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread package.json
Comment on lines +82 to +83
"node": ">=24",
"npm": ">=11"
Copy link

Copilot AI Apr 15, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

engines is now node >=24 / npm >=11, but the CircleCI executors still run Node 18 (e.g. .circleci/config.yml:11 and .circleci/deployment-workflow.yml:10). This will likely break CI/package installation due to engine constraints. Either bump the CI images to Node 24+ (and npm 11+) or relax the engines values to match the versions you intend to support.

Suggested change
"node": ">=24",
"npm": ">=11"
"node": ">=18",
"npm": ">=9"

Copilot uses AI. Check for mistakes.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@will-amaral will-amaral Awaiting requested review from will-amaral

At least 0 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@setchy