Lib updates#1035
Conversation
|
Warning Review limit reached
More reviews will be available in 50 minutes and 34 seconds. Learn how PR review limits work. Your organization has run out of usage credits. Purchase more in the billing tab. ⌛ How to resolve this issue?After more reviews become available, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available. Please see our Fair Usage Limits Policy for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Run ID: ⛔ Files ignored due to path filters (2)
📒 Files selected for processing (18)
📝 WalkthroughWalkthroughThis PR modernizes the application's frontend and backend infrastructure through four independent changes: upgrading Gradle and backend dependencies, migrating the icon system from FontAwesome to lucide-react, introducing a new Recharts-based chart infrastructure, and updating frontend dependencies and build configuration. ChangesBackend Build Tools and Dependencies
Frontend Icon System Migration: FontAwesome to lucide-react
Recharts-based Chart Infrastructure
Frontend Dependencies and Build Configuration
🎯 3 (Moderate) | ⏱️ ~25 minutes
🚥 Pre-merge checks | ✅ 3 | ❌ 2❌ Failed checks (1 warning, 1 inconclusive)
✅ Passed checks (3 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
Isti01
force-pushed
the
feature/lib-updates
branch
from
25e0849 to
5f7cbd5
Compare
Isti01
force-pushed
the
feature/lib-updates
branch
from
5f7cbd5 to
d23efa5
Compare
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 5
🧹 Nitpick comments (1)
frontend/src/components/ui/chart.tsx (1)
168-170: 💤 Low valueProvide a fallback for the React key.
item.dataKeycan be undefined in some Recharts payload scenarios. Consider usingindexas a fallback to ensure stable keys.♻️ Proposed fix
- <div - key={item.dataKey} + <div + key={item.dataKey ?? index}🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@frontend/src/components/ui/chart.tsx` around lines 168 - 170, The React list key uses item.dataKey which can be undefined; update the component render (the map where item and index are available) to use a stable fallback such as index when item.dataKey is falsy — e.g., replace key={item.dataKey} with key={item.dataKey ?? index} or similar logic inside the map that renders the <div> so the key is always defined; ensure you reference the same item variable from the map callback and preserve existing uniqueness intent.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@backend/build.gradle.kts`:
- Line 8: Align or justify the dependency-check plugin version: update the
org.owasp.dependencycheck plugin entry in backend/build.gradle.kts to the
published stable version (12.2.0) unless you have a specific reason to pin
12.2.2 and document that justification in the commit message; also verify the
other pinned BOM/dependency versions listed (org.sonarqube 7.3.0.8198,
com.google.auth 1.47.0, io.micrometer 1.16.5, kotlinx-coroutines-core 1.11.0,
software.amazon.awssdk:s3 2.44.12) are intended and consistent with the project
policy, and add a short comment noting that S3 SDK v2.44.12 is API-compatible
with existing backend code (S3StorageService.kt using S3Client.builder,
ListObjectsRequest, HeadObjectRequest, PutObjectRequest, GetObjectRequest,
DeleteObjectRequest) so no code changes are required.
In `@backend/gradle/wrapper/gradle-wrapper.properties`:
- Around line 5-6: The gradle-wrapper.properties currently sets retries=0 which
disables all download retries and makes builds fragile; update the configuration
to a reasonable retry count (e.g., set retries to 2 or 3) and keep or increase
retryBackOffMs (e.g., 2000) so the Gradle wrapper will retry transient network
failures; modify the properties for keys "retries" and "retryBackOffMs"
accordingly to improve resilience.
In `@frontend/package.json`:
- Line 117: The package.json "packageManager" field currently uses an invalid
descriptor "npm@11.11.0+"; update the packageManager value to a valid Corepack
format by either removing the trailing plus to "npm@11.11.0" or replacing it
with a full hash form "npm@11.11.0+<algo>.<hash>" (e.g., +sha512.<hash>),
ensuring the "packageManager" field contains an exact version or
exact-version+hash as required.
In `@frontend/src/common-components/map/MapMarker.tsx`:
- Line 4: The import list in MapMarker.tsx is not alphabetically ordered causing
the linter failure; reorder the named imports from lucide-react so they are
sorted alphabetically (Car, Crosshair, Home, Info, MapPin, RadioTower, Tent,
User) in the import statement that currently lists Home, Info, Car, Crosshair,
Tent, RadioTower, MapPin, User.
In `@frontend/src/components/ui/chart.tsx`:
- Around line 205-207: The tooltip condition currently uses a truthy check
`item.value &&` which hides legitimate zero values; update the render guard in
the chart tooltip to check for null/undefined instead (e.g., `item.value !=
null` or `item.value !== undefined && item.value !== null`) so that 0 is
rendered; locate the conditional around `item.value` in the component (the span
that formats with `item.value.toLocaleString()`) and replace the truthy check
with a null/undefined check to allow zero to display.
---
Nitpick comments:
In `@frontend/src/components/ui/chart.tsx`:
- Around line 168-170: The React list key uses item.dataKey which can be
undefined; update the component render (the map where item and index are
available) to use a stable fallback such as index when item.dataKey is falsy —
e.g., replace key={item.dataKey} with key={item.dataKey ?? index} or similar
logic inside the map that renders the <div> so the key is always defined; ensure
you reference the same item variable from the map callback and preserve existing
uniqueness intent.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: defaults
Review profile: CHILL
Plan: Pro
Run ID: e93b544b-08d2-4b7a-b937-d0a0cbbc65b1
⛔ Files ignored due to path filters (2)
backend/gradle/wrapper/gradle-wrapper.jaris excluded by!**/*.jarfrontend/package-lock.jsonis excluded by!**/package-lock.json
📒 Files selected for processing (17)
backend/build.gradle.ktsbackend/gradle/wrapper/gradle-wrapper.propertiesbackend/gradlewbackend/gradlew.batfrontend/.npmrcfrontend/package.jsonfrontend/src/common-components/map/MapMarker.tsxfrontend/src/components/ui/chart.tsxfrontend/src/pages/events/eventList.page.tsxfrontend/src/pages/news/components/News.tsxfrontend/src/pages/news/components/NewsListItem.tsxfrontend/src/pages/profile/components/GroupLeaderContactList.tsxfrontend/src/pages/profile/components/ProfileQR.tsxfrontend/src/pages/qr-fight/components/LevelDataDisplay.tsxfrontend/src/pages/riddle/riddleHistory.page.tsxfrontend/src/util/views/socialPage.view.tsfrontend/vite.config.ts
💤 Files with no reviewable changes (2)
- frontend/src/util/views/socialPage.view.ts
- frontend/src/pages/profile/components/GroupLeaderContactList.tsx
| retries=0 | ||
| retryBackOffMs=500 |
There was a problem hiding this comment.
Reconsider disabling network retries entirely.
Setting retries=0 disables all retry attempts when downloading the Gradle distribution. This makes the build fragile and will cause immediate failures on temporary network issues (common in CI/CD environments or on unreliable networks).
The retryBackOffMs=500 setting becomes meaningless with zero retries.
Consider enabling a reasonable retry count to improve build resilience:
🔄 Recommended configuration
-retries=0
-retryBackOffMs=500
+retries=3
+retryBackOffMs=1000📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| retries=0 | |
| retryBackOffMs=500 | |
| retries=3 | |
| retryBackOffMs=1000 |
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In `@backend/gradle/wrapper/gradle-wrapper.properties` around lines 5 - 6, The
gradle-wrapper.properties currently sets retries=0 which disables all download
retries and makes builds fragile; update the configuration to a reasonable retry
count (e.g., set retries to 2 or 3) and keep or increase retryBackOffMs (e.g.,
2000) so the Gradle wrapper will retry transient network failures; modify the
properties for keys "retries" and "retryBackOffMs" accordingly to improve
resilience.
| ] | ||
| }, | ||
| "packageManager": "npm@11.2.0+" | ||
| "packageManager": "npm@11.11.0+" |
There was a problem hiding this comment.
🧩 Analysis chain
🏁 Script executed:
#!/bin/bash
set -euo pipefail
pm=$(jq -r '.packageManager // empty' frontend/package.json)
echo "packageManager=$pm"
# Corepack descriptor: <name>@<x.y.z> with optional +sha... suffix
if echo "$pm" | grep -Eq '^(npm|pnpm|yarn)@[0-9]+\.[0-9]+\.[0-9]+(\+sha[0-9]+\.[a-f0-9]+)?$'; then
echo "Descriptor format looks valid."
else
echo "Invalid Corepack packageManager descriptor format."
exit 1
fiRepository: kir-dev/cmsch
Length of output: 136
🏁 Script executed:
#!/bin/bash
set -euo pipefail
nl -ba frontend/package.json | sed -n '105,130p'Repository: kir-dev/cmsch
Length of output: 100
🌐 Web query:
Corepack packageManager descriptor format "name@version+..." exact syntax sha512 integrity expected format npm@11.11.0+
💡 Result:
The Corepack packageManager descriptor in package.json uses a specific format to define which package manager and version a project should use, optionally including a cryptographic hash for integrity validation [1]. The standard syntax is: name@version[+hash] [1] Where: - name: The package manager name (supported values: npm, yarn, pnpm) [1]. - version: The specific semver version (e.g., 11.11.0) [1]. - +hash (optional): A string containing the hash algorithm and the actual hash value, separated by a period (e.g., +sha512.abcdef...) [1][2]. For your example, a valid descriptor format would be: "npm@11.11.0+sha512.<actual_hash_value>" The hash is not strictly required but is strongly recommended as a security best practice [1][3]. Corepack supports various hash algorithms (e.g., sha224, sha256, sha512) [1][2][4]. If you do not know the hash for a specific version, you can sometimes omit it, or use a tool-assisted workflow like corepack use @ to let Corepack automatically update the field in your package.json with the correct format and hash [1][5][2]. Manual entry is possible but requires providing the correct hash associated with the package manager's released tarball [1][6].
Citations:
- 1: https://github.com/nodejs/corepack
- 2:
corepack usecommand yields misleading error message whenpackage.jsonis partially hand-written nodejs/corepack#731 - 3: Feature request: instructions on how to determine the hash for the
packageManagerfield inpackage.jsonnodejs/corepack#231 - 4: https://github.com/nodejs/corepack/blob/490bf983/sources/npmRegistryUtils.ts
- 5: https://www.reddit.com/r/webdev/comments/1hownic/corepacks_packagemanager_field_is_breaking/
- 6: Corepack should not append hash to version nodejs/corepack#316
🏁 Script executed:
#!/bin/bash
set -euo pipefail
grep -n '"packageManager"' frontend/package.jsonRepository: kir-dev/cmsch
Length of output: 96
Fix Corepack packageManager descriptor in frontend/package.json.
frontend/package.json currently has "packageManager": "npm@11.11.0+", but Corepack expects either npm@<exact-version> or npm@<exact-version>+<hash-algorithm>.<hash> (e.g., +sha512....). The trailing + with no hash is an invalid descriptor and can break contributor installs that rely on this field.
✅ Suggested fix
- "packageManager": "npm@11.11.0+"
+ "packageManager": "npm@11.11.0"📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| "packageManager": "npm@11.11.0+" | |
| "packageManager": "npm@11.11.0" |
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In `@frontend/package.json` at line 117, The package.json "packageManager" field
currently uses an invalid descriptor "npm@11.11.0+"; update the packageManager
value to a valid Corepack format by either removing the trailing plus to
"npm@11.11.0" or replacing it with a full hash form "npm@11.11.0+<algo>.<hash>"
(e.g., +sha512.<hash>), ensuring the "packageManager" field contains an exact
version or exact-version+hash as required.
| {item.value && ( | ||
| <span className="font-mono font-medium tabular-nums text-foreground">{item.value.toLocaleString()}</span> | ||
| )} |
There was a problem hiding this comment.
Zero values will not be displayed in tooltips.
The truthy check item.value && evaluates to false when item.value === 0, hiding legitimate zero values from the tooltip.
🐛 Proposed fix
- {item.value && (
+ {item.value != null && (
<span className="font-mono font-medium tabular-nums text-foreground">{item.value.toLocaleString()}</span>
)}📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| {item.value && ( | |
| <span className="font-mono font-medium tabular-nums text-foreground">{item.value.toLocaleString()}</span> | |
| )} | |
| {item.value != null && ( | |
| <span className="font-mono font-medium tabular-nums text-foreground">{item.value.toLocaleString()}</span> | |
| )} |
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In `@frontend/src/components/ui/chart.tsx` around lines 205 - 207, The tooltip
condition currently uses a truthy check `item.value &&` which hides legitimate
zero values; update the render guard in the chart tooltip to check for
null/undefined instead (e.g., `item.value != null` or `item.value !== undefined
&& item.value !== null`) so that 0 is rendered; locate the conditional around
`item.value` in the component (the span that formats with
`item.value.toLocaleString()`) and replace the truthy check with a
null/undefined check to allow zero to display.
1 participant
Summary by CodeRabbit
New Features
Dependencies
Style
Chores