chore(deps): bump the npm_and_yarn group across 2 directories with 3 updates#1929
chore(deps): bump the npm_and_yarn group across 2 directories with 3 updates#1929dependabot[bot] wants to merge 1 commit into
Conversation
|
Prompt To Fix All With AIFix the following 1 code review issue. Work through them one at a time, proposing concise fixes.
---
### Issue 1 of 1
packages/client/base/package.json:33
`@types/uuid` is now a deprecated stub — the pnpm lockfile explicitly records the deprecation notice: "This is a stub types definition. uuid provides its own type definitions, so you do not need this installed." Since uuid has bundled its own types since v9, this devDependency can be safely removed to avoid confusion.
Reviews (1): Last reviewed commit: "chore(deps): bump the npm_and_yarn group..." | Re-trigger Greptile |
a9957c4 to
21cf1e4
Compare
Prompt To Fix All With AIFix the following 2 code review issues. Work through them one at a time, proposing concise fixes.
---
### Issue 1 of 2
packages/client/base/package.json:27
**uuid jumps three major versions — verify Node.js and CJS compatibility**
This bumps `uuid` from 11.1.1 all the way to 14.0.0, crossing three major releases with cumulative breaking changes: v12 dropped CommonJS support, v13 made browser exports the default resolver, and v14 requires Node 20+ (global `crypto` must be available). Since `uuid` is a runtime `dependency` (not devDependency) of `packages/client/base`, any server-side consumer of this SDK running on Node 18 will encounter a runtime failure. Please confirm the minimum Node.js version for this project is ≥20 before merging.
### Issue 2 of 2
apps/auth/remix-ssr/package.json:38
**Vite major version bump — verify build config compatibility**
`vite` is upgraded from `^5.1.0` to `^6.4.3`, a major version bump. Vite 6 ships security fixes (path traversal, UNC path rejection) but also changes defaults in areas like `resolve.conditions` and optimizer behavior. Confirm the existing `vite.config.*` in this app is compatible with Vite 6's API and that the build still succeeds end-to-end after this change.
Reviews (2): Last reviewed commit: "chore(deps): bump the npm_and_yarn group..." | Re-trigger Greptile |
| "@datadog/browser-logs": "6.24.1", | ||
| "exponential-backoff": "3.1.1", | ||
| "uuid": "11.1.1", | ||
| "uuid": "14.0.0", |
There was a problem hiding this comment.
uuid jumps three major versions — verify Node.js and CJS compatibility
This bumps uuid from 11.1.1 all the way to 14.0.0, crossing three major releases with cumulative breaking changes: v12 dropped CommonJS support, v13 made browser exports the default resolver, and v14 requires Node 20+ (global crypto must be available). Since uuid is a runtime dependency (not devDependency) of packages/client/base, any server-side consumer of this SDK running on Node 18 will encounter a runtime failure. Please confirm the minimum Node.js version for this project is ≥20 before merging.
Prompt To Fix With AI
This is a comment left during a code review.
Path: packages/client/base/package.json
Line: 27
Comment:
**uuid jumps three major versions — verify Node.js and CJS compatibility**
This bumps `uuid` from 11.1.1 all the way to 14.0.0, crossing three major releases with cumulative breaking changes: v12 dropped CommonJS support, v13 made browser exports the default resolver, and v14 requires Node 20+ (global `crypto` must be available). Since `uuid` is a runtime `dependency` (not devDependency) of `packages/client/base`, any server-side consumer of this SDK running on Node 18 will encounter a runtime failure. Please confirm the minimum Node.js version for this project is ≥20 before merging.
How can I resolve this? If you propose a fix, please make it concise.Note: If this suggestion doesn't match your team's coding style, reply to this and let me know. I'll remember it for next time!
| "tailwindcss": "^3.4.4", | ||
| "typescript": "^5.1.6", | ||
| "vite": "^5.1.0", | ||
| "vite": "^6.4.3", |
There was a problem hiding this comment.
Vite major version bump — verify build config compatibility
vite is upgraded from ^5.1.0 to ^6.4.3, a major version bump. Vite 6 ships security fixes (path traversal, UNC path rejection) but also changes defaults in areas like resolve.conditions and optimizer behavior. Confirm the existing vite.config.* in this app is compatible with Vite 6's API and that the build still succeeds end-to-end after this change.
Prompt To Fix With AI
This is a comment left during a code review.
Path: apps/auth/remix-ssr/package.json
Line: 38
Comment:
**Vite major version bump — verify build config compatibility**
`vite` is upgraded from `^5.1.0` to `^6.4.3`, a major version bump. Vite 6 ships security fixes (path traversal, UNC path rejection) but also changes defaults in areas like `resolve.conditions` and optimizer behavior. Confirm the existing `vite.config.*` in this app is compatible with Vite 6's API and that the build still succeeds end-to-end after this change.
How can I resolve this? If you propose a fix, please make it concise.Note: If this suggestion doesn't match your team's coding style, reply to this and let me know. I'll remember it for next time!
…updates Bumps the npm_and_yarn group with 2 updates in the / directory: [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) and [uuid](https://github.com/uuidjs/uuid). Bumps the npm_and_yarn group with 1 update in the /packages/client/wallets/walletconnect directory: [postcss](https://github.com/postcss/postcss). Updates `vite` from 5.4.21 to 6.4.3 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v6.4.3/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v6.4.3/packages/vite) Updates `uuid` from 11.1.1 to 14.0.0 - [Release notes](https://github.com/uuidjs/uuid/releases) - [Changelog](https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md) - [Commits](uuidjs/uuid@v11.1.1...v14.0.0) Updates `uuid` from 11.1.1 to 14.0.0 - [Release notes](https://github.com/uuidjs/uuid/releases) - [Changelog](https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md) - [Commits](uuidjs/uuid@v11.1.1...v14.0.0) Updates `vite` from 5.4.21 to 6.4.3 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v6.4.3/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v6.4.3/packages/vite) Updates `postcss` from 8.4.35 to 8.5.10 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@8.4.35...8.5.10) Updates `postcss` from 8.4.35 to 8.5.10 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@8.4.35...8.5.10) --- updated-dependencies: - dependency-name: postcss dependency-version: 8.5.10 dependency-type: direct:development - dependency-name: postcss dependency-version: 8.5.10 dependency-type: direct:development - dependency-name: uuid dependency-version: 14.0.0 dependency-type: direct:production - dependency-name: uuid dependency-version: 14.0.0 dependency-type: direct:production - dependency-name: vite dependency-version: 6.4.3 dependency-type: direct:development - dependency-name: vite dependency-version: 6.4.3 dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com>
21cf1e4 to
3e0c909
Compare
|
Reviews (3): Last reviewed commit: "chore(deps): bump the npm_and_yarn group..." | Re-trigger Greptile |
Bumps the npm_and_yarn group with 2 updates in the / directory: vite and uuid.
Bumps the npm_and_yarn group with 1 update in the /packages/client/wallets/walletconnect directory: postcss.
Updates
vitefrom 5.4.21 to 6.4.3Release notes
Sourced from vite's releases.
Changelog
Sourced from vite's changelog.
... (truncated)
Commits
6c2c881release: v6.4.396b0c10fix: backport #22572, reject windows alternate paths (#22576)8fed5cffix(deps): backport #22571, reject UNC paths for launch-editor-middleware (#2...6b3fad0release: v6.4.2ca4da5dfix: avoid path traversal with optimize deps sourcemap handler (#22161)fe28e47fix: apply server.fs check to env transport (#22159) (#22163)5487f4frelease: v6.4.11114b5dfix(dev): trim trailing slash beforeserver.fs.denycheck (#20968) (#20969)f12697crelease: v6.4.0ca6455efeat: allow passing down resolved config to vite's createServer (#20932)Updates
uuidfrom 11.1.1 to 14.0.0Release notes
Sourced from uuid's releases.
... (truncated)
Changelog
Sourced from uuid's changelog.
... (truncated)
Commits
7c1ea08chore(main): release 14.0.0 (#926)3d2c5b0Merge commit from forkf2c235ffix!: expectcryptoto be global everywhere (requires node@20+) (#935)529ef08chore: upgrade TypeScript and fixup types (#927)086fd79chore: update dependencies (#933)dc4ddb8feat!: drop node@18 support (#934)0f1f9c9chore: switch to Biome for parsing and linting (#932)e2879e6chore: use maintained version of npm-run-all (#930)ffa3138fix: Use GITHUB_TOKEN for release-please and enable npm provenance (#925)0423d49docs: remove obsolete v1 option notes (#915)Updates
uuidfrom 11.1.1 to 14.0.0Release notes
Sourced from uuid's releases.
... (truncated)
Changelog
Sourced from uuid's changelog.
... (truncated)
Commits
7c1ea08chore(main): release 14.0.0 (#926)3d2c5b0Merge commit from forkf2c235ffix!: expectcryptoto be global everywhere (requires node@20+) (#935)529ef08chore: upgrade TypeScript and fixup types (#927)086fd79chore: update dependencies (#933)dc4ddb8feat!: drop node@18 support (#934)0f1f9c9chore: switch to Biome for parsing and linting (#932)e2879e6chore: use maintained version of npm-run-all (#930)ffa3138fix: Use GITHUB_TOKEN for release-please and enable npm provenance (#925)0423d49docs: remove obsolete v1 option notes (#915)Updates
vitefrom 5.4.21 to 6.4.3Release notes
Sourced from vite's releases.
Changelog
Sourced from vite's changelog.
... (truncated)
Commits
6c2c881release: v6.4.396b0c10fix: backport #22572, reject windows alternate paths (#22576)8fed5cffix(deps): backport #22571, reject UNC paths for launch-editor-middleware (#2...6b3fad0release: v6.4.2ca4da5dfix: avoid path traversal with optimize deps sourcemap handler (#22161)fe28e47fix: apply server.fs check to env transport (#22159) (#22163)5487f4frelease: v6.4.11114b5dfix(dev): trim trailing slash beforeserver.fs.denycheck (#20968) (#20969)f12697crelease: v6.4.0ca6455efeat: allow passing down resolved config to vite's createServer (#20932)Updates
postcssfrom 8.4.35 to 8.5.10Release notes
Sourced from postcss's releases.
... (truncated)
Changelog
Sourced from postcss's changelog.
... (truncated)
Commits
33b9790Release 8.5.10 version536c79eEscape </style> in CSS output (#2074)afa96b2Update dependencies (#2073)effe88bTypo (#2072)3ee79a2Thread model (#2071)2e0683dCreate incident response docs (#2070)fe88ac2Release 8.5.9 versionc551632Avoid RegExp when we can use simple JS89a6b74Move SECURITY.txt for docs folder to keep GitHub page cleaner6ceb8a4Create SECURITY.mdUpdates
postcssfrom 8.4.35 to 8.5.10Release notes
Sourced from postcss's releases.
... (truncated)
Changelog
Sourced from postcss's changelog.
... (truncated)
Commits
33b9790Release 8.5.10 version536c79eEscape </style> in CSS output (#2074)afa96b2Update dependencies (#2073)effe88bTypo (#2072)3ee79a2Thread model (#2071)2e0683dCreate incident response docs (#2070)fe88ac2Release 8.5.9 versionc551632Avoid RegExp when we can use simple JS89a6b74Move SECURITY.txt for docs folder to keep GitHub page cleaner6ceb8a4Create SECURITY.md