-
Notifications
You must be signed in to change notification settings - Fork 10
chore(deps)(deps-dev): bump the dev-tooling group across 1 directory with 7 updates #1358
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
base: main
Are you sure you want to change the base?
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -17,10 +17,10 @@ | |
| "devDependencies": { | ||
| "@types/react": "^19.0.0", | ||
| "@types/react-dom": "^19.0.0", | ||
| "@vitejs/plugin-react": "^4.4.0", | ||
| "@vitejs/plugin-react": "^6.0.3", | ||
|
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 🟡 Issue: Centralize the workspace toolchain versions instead of adding more divergent specifiers What's wrong Example Suggested direction Confidence note For Agents There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 🟡 Issue: Centralize the shared toolchain versions instead of adding more per-package literals What's wrong Example Suggested direction For Agents There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 🟡 Issue: Upgrade the frontend toolchain as a coherent unit What's wrong Example Suggested direction Confidence note For Agents |
||
| "@vitest/coverage-v8": "^4.0.18", | ||
| "typescript": "^5.7.0", | ||
| "vite": "^6.1.0", | ||
| "vite": "^8.1.4", | ||
| "vitest": "^4.0.18" | ||
| } | ||
| } | ||
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -50,7 +50,7 @@ | |
| "@types/react": "^19", | ||
| "@types/react-dom": "^19", | ||
| "@types/three": "^0.183.1", | ||
| "@vitejs/plugin-react": "^4", | ||
| "@vitejs/plugin-react": "^6", | ||
|
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 🟡 Issue: Centralize the toolchain version bumps instead of adding more per-package drift What's wrong Example Suggested direction For Agents There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 🟡 Issue: Vite 8 raises the required Node version beyond the repo's Node 22 contract What's wrong Example Suggested direction Confidence note For Agents Centralize the shared toolchain version policy instead of scattering new ranges What's wrong Example Suggested direction For Agents Vite 8 production bundle path is not validated What's wrong Example Suggested direction For Agents There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 🔴 Bug: Vite 8 narrows the supported Node 22 range below the documented contract What's wrong Example Suggested direction Confidence note For Agents Centralize the Vite toolchain version instead of scattering mixed ranges What's wrong Example Suggested direction Confidence note For Agents Node UI production Vite build is not validated in PR CI What's wrong Example Suggested direction For Agents There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 🟡 Issue: Centralize the shared toolchain version policy instead of encoding divergent ranges What's wrong Example Suggested direction For Agents The Vite 8 production UI build path is not covered by the existing validation What's wrong Example Suggested direction For Agents |
||
| "@vitest/coverage-v8": "^4.0.18", | ||
| "cross-env": "^10.1.0", | ||
| "happy-dom": "20.8.9", | ||
|
|
@@ -60,7 +60,7 @@ | |
| "recharts": "^2", | ||
| "three": "^0.184.0", | ||
| "typescript": "^5.7", | ||
| "vite": "^6", | ||
| "vite": "^8", | ||
|
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 🟡 Issue: The Vite 8 upgrade is not validated against the Node UI production bundle What's wrong Example Suggested direction Confidence note For Agents There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 🟡 Issue: The Vite 8 upgrade is not validated on the production node-ui bundle path What's wrong Example Suggested direction For Agents There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 🟡 Issue: Vite 8 production UI bundle is not verified on PRs What's wrong Example Suggested direction For Agents There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 🟡 Issue: Centralize the frontend toolchain versions Why it matters Suggestion The Vite 8 bump is not validated against the node-ui production build in PR CI What's wrong Example Suggested direction Confidence note For Agents There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 🟡 Issue: Centralize the frontend toolchain version policy Why it matters Suggestion The node-ui Vite 8 production build is not covered by PR validation What's wrong Example Suggested direction Confidence note For Agents There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 🟡 Issue: Node UI’s Vite 8 production build is not verified What's wrong Example Suggested direction For Agents There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 🟡 Issue: Node UI production Vite build is not validated after the major upgrade What's wrong Example Suggested direction For Agents There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 🟡 Issue: Vite 8 upgrade lacks a production bundle check What's wrong Example Suggested direction For Agents There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 🟡 Issue: Vite 8 production UI build is not validated What's wrong Example Suggested direction For Agents There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 🟡 Issue: Centralize shared toolchain versions instead of adding per-package range drift What's wrong Example Suggested direction For Agents Vite 8 upgrade is not verified for the production UI bundle What's wrong Example Suggested direction For Agents |
||
| "vitest": "^4.0.18" | ||
| }, | ||
| "publishConfig": { | ||
|
|
||
Large diffs are not rendered by default.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🟡 Issue: Keep Node types aligned with the repo runtime
What's wrong
The dependency update moves the ambient Node type surface to 26 while the repository still declares Node 22 as the version used by CI and release workflows. That makes the type system less trustworthy because it no longer models the runtime boundary maintainers actually operate against.
Example
A developer can now write code against Node 26-only globals or API shapes and get a clean typecheck, while CI and release workflows still run under Node 22 from
.nvmrc. The type boundary no longer documents the runtime the repo actually supports.Suggested direction
Treat the Node version as a single compatibility boundary. If the project still runs on Node 22, keep
@types/nodeon the Node 22 line. If the goal is to move to Node 26, make that explicit by updating.nvmrcand the workflow/runtime policy in the same change.For Agents
Look at
package.json,packages/evm-module/package.json, and.nvmrc. Keep the runtime support unchanged unless the PR intentionally upgrades it. Either keep@types/nodealigned to Node 22, or update the repo runtime policy in.nvmrc/CI together and verify typecheck/build under that runtime.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🟡 Issue: Keep Node type declarations aligned with the repo runtime boundary
What's wrong
This makes the type boundary looser than the runtime boundary. Type declarations are part of the maintainability contract for a TypeScript repo; letting them drift ahead of the Node version the workspace actually runs on encourages accidental use of APIs the project has not declared support for.
Example
A future use of a Node API added after Node 22 would type-check against
@types/node@26, but the repo's documented/CI Node line remains 22, so the real runtime boundary is no longer visible from the types.Suggested direction
Make the Node boundary explicit and single-sourced: either revert the Node typings to the Node 22 line used by
.nvmrc, or deliberately move the repo's Node version contract to 26 together with these type bumps.For Agents
Look at root
package.json,packages/evm-module/package.json, and.nvmrc. Preserve the intended runtime support, then either keep@types/nodeon the Node 22 type line or update.nvmrc/CI/runtime metadata to Node 26 in the same PR. A type-check/build should prove the chosen boundary is consistent.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🟡 Issue: Make the Node runtime/type baseline explicit before widening the typings
What's wrong
Bumping root typings to Node 26 widens the compile-time API surface without showing the corresponding runtime contract. That weakens the type boundary: TypeScript becomes a less reliable signal for what APIs the workspace is actually allowed to use, and the same decision is repeated locally in
packages/evm-module.Example
A developer can now add code that type-checks only because Node 26 typings are available, while a package or script may still be expected to run on Node 20/22. The problem is the unclear boundary: readers cannot tell whether Node 26 APIs are allowed or whether this is only a dev dependency refresh.
Suggested direction
Declare the supported Node baseline centrally, then align
@types/nodeto that policy. If the project now intentionally requires Node 26 APIs, make that visible withenginesand consistent package metadata; otherwise keep typings on the supported runtime major.Confidence note
This is a maintainability/type-boundary concern, not a claim that current code already uses a Node 26-only API. The repo context shown here does not expose a central runtime engine declaration that would make the new type baseline explicit.
For Agents
Inspect the root package policy and
packages/evm-module/package.json. Preserve the intended type upgrade, but declare the supported Node runtime baseline in one canonical place and align@types/nodeto that baseline through the same dependency-management mechanism used for shared tooling. Add a typecheck/install verification step after regenerating the lockfile.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🟡 Issue: Keep Node typings aligned with the repo's runtime policy
What's wrong
The PR upgrades the type surface to Node 26 while the repository still advertises and runs against Node 22. That weakens the platform contract: types stop being a reliable description of the runtime, and future code can silently depend on APIs the canonical runtime does not provide.
Example
A future change can import or call a Node 26-only API and still typecheck locally, while the repo's canonical runtime/build lane remains Node 22. That makes the TypeScript boundary describe a different platform than the one contributors and CI are actually using.
Suggested direction
Treat this as a boundary cleanup, not just a package bump. Either keep
@types/nodeon the Node 22 line, or make Node 26 the explicit repo runtime by updating.nvmrc, CI, release tooling, and packageenginesin the same change.For Agents
Look at root package.json, packages/evm-module/package.json, .nvmrc, and workflows that read .nvmrc. Preserve the intended runtime, but make the Node version contract single-source: either keep typings on Node 22, or intentionally move the runtime policy to Node 26 by updating .nvmrc/CI/package engines together. Add a small compile check that proves the selected @types/node version matches the supported Node runtime.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🟡 Issue: Keep Node ambient types aligned with the repo runtime contract
What's wrong
The PR upgrades the ambient Node types to 26 while the repository still signals Node 22 as the workspace runtime. That makes the type system less useful as a boundary: it can now bless APIs that are not guaranteed by the runtime this repo tells contributors to use.
Example
A future change can compile after using a Node 26-only global/API because
@types/node@26exposes it, even though the workspace still advertises Node 22 via.nvmrc. The type boundary no longer models the supported runtime.Suggested direction
Treat
@types/nodeas part of the runtime contract, not just a floating dev dependency. If the repo still supports or pins Node 22, keep the Node 22 types; if Node 26 is intended, make that explicit in.nvmrc/engines/CI and update all related comments/docs together.For Agents
Check the root runtime policy (
.nvmrc, CI images, docs) before changing Node ambient types. Either bump the runtime contract everywhere to Node 26, or keep@types/nodeon the supported Node major. Verify with a typecheck on the intended Node lane.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🟡 Issue: Make the Node runtime boundary explicit before widening Node types
What's wrong
The diff widens the workspace’s Node type contract without also declaring the runtime contract that those types are meant to represent. That creates a blurry boundary where code can start depending on newer Node APIs because the types allow them, while the repo gives maintainers no manifest-level answer for what Node versions are actually supported.
Example
After this change, TypeScript can accept Node 26 APIs in shared scripts or package code even though the workspace does not state that developers, CI, or published consumers must run that runtime family.
Suggested direction
Add an explicit root
engines.nodecontract, and mirror it where published packages need their own runtime boundary, or avoid moving to Node 26 types until the runtime support policy is deliberately raised.Confidence note
This is a maintainability boundary concern rather than a claim that the current install fails; it depends on the project’s intended supported Node versions.
For Agents
Inspect the root package metadata and package-level publish/runtime expectations. Either add an explicit
engines.nodepolicy that matches the upgraded toolchain/runtime contract, or keep@types/nodealigned to the actual supported runtime. Verify package builds still use the intended Node type boundary.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🟡 Issue: Keep Node type declarations aligned with the repo runtime
What's wrong
The PR upgrades the type surface to Node 26 while the repo still declares Node 22 as the development/runtime baseline. That makes the TypeScript boundary misleading: reviewers and contributors can no longer tell from the canonical config which Node APIs are actually safe to use. The same pattern recurs in packages/evm-module/package.json line 47.
Example
A contributor on the documented Node 22 runtime can now write code that type-checks against Node 26-only globals or API shapes because the workspace type surface no longer matches the runtime baseline.
Suggested direction
Treat the Node version as one workspace-level contract. Either leave @types/node on 22 here and in evm-module, or move the whole repo runtime policy to the version whose types are being adopted.
For Agents
Keep the runtime and type boundary aligned. Check .nvmrc, README prerequisites, CI setup-node usage, root package.json, and packages/evm-module/package.json. Either keep @types/node on the Node 22 line or update the repo's runtime policy/docs/CI together. A typecheck on the documented runtime should prove the boundary is coherent.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🟡 Issue: Node 26 typings no longer match the Node 22 runtime contract
What's wrong
The repository still advertises and runs against Node 22, but the type surface now represents Node 26. That weakens the type checker as a runtime compatibility gate: code can compile against APIs or signatures that are not available in the supported runtime.
Example
A future change could use an API that exists in
@types/node@26but is absent from the repository's Node 22 runtime. TypeScript would accept it, CI would still install Node 22 from.nvmrc, and the released CLI/node code could fail at runtime when that path executes.Suggested direction
Keep
@types/nodeon the same major version as the supported Node runtime, or explicitly raise the repository runtime version everywhere that consumes.nvmrc.Confidence note
The diff does not add code that already calls a Node 26-only API, so this is an integration contract risk rather than an observed runtime failure.
For Agents
Align Node typings with the actual supported runtime. Check root
package.json,packages/evm-module/package.json,.nvmrc, and CI setup-node usage. Either keep@types/nodeon the Node 22 line or update the runtime contract and CI to Node 26. Add a small compile/runtime guard if a Node-version-specific API is intentionally introduced.Make the Node runtime boundary explicit with the Node type bump
What's wrong
The PR moves the ambient Node type surface to Node 26 without declaring the corresponding runtime floor. That makes the type boundary looser than the runtime contract and leaves future contributors guessing which Node APIs are safe to use. This is a maintainability problem because the repository policy lives in incidental dependency choices rather than in package metadata.
Example
After this bump, a new helper can type-check against Node 26-only APIs because the ambient Node types expose them. Nothing in the package metadata tells maintainers or consumers whether running under Node 20 or Node 22 is still supported.
Suggested direction
Couple the @types/node major bump with an explicit Node support policy, preferably in
engines.nodefor the root and any published workspaces. If the repo still supports an older Node major, keep the Node typings on that minimum supported major instead of widening the ambient API surface to 26.Confidence note
If the project intentionally now requires Node 26 or a newer Node floor, the same concern still applies: that policy should be declared in package metadata rather than only implied by typings and tool dependencies.
For Agents
Inspect CI/runtime requirements and published package support policy. Either add explicit
engines.nodeentries at the root and publishable packages that match the intended Node floor, or keep @types/node aligned to the minimum supported runtime major. Preserve existing build/test behavior and verify package metadata checks still pass.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🟡 Issue: Keep Node type definitions aligned with the workspace runtime boundary
What's wrong
@types/nodeis part of the TypeScript boundary for scripts and packages. Moving it to Node 26 while the workspace still advertises Node 22 makes the supported runtime implicit and easier to violate accidentally.Example
A later script can start using a Node 26-only API and still typecheck because the workspace types expose it, even though contributors and CI are guided to Node 22 by
.nvmrc.Suggested direction
Either keep
@types/nodeon the Node major the repo actually runs, or make the Node runtime upgrade explicit in the same PR. The maintainable shape is one clear Node baseline, not type definitions that silently move ahead of the runtime contract.Confidence note
This assumes the repository still intends
.nvmrcvalue22to describe the supported local/CI runtime; I did not see anenginesfield overriding that in the changed manifests.For Agents
Check the intended Node runtime baseline. If it remains Node 22, keep
@types/nodeon the matching major across root and package manifests. If the PR intentionally raises the runtime floor, update.nvmrcand any packageenginespolicy in the same change so the type boundary and runtime boundary stay aligned.