Skip to content

chore(deps): update all dependencies #318

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
renovate wants to merge 1 commit into
base: main
Choose a base branch
from
+38 −38
Open

chore(deps): update all dependencies #318

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
52 changes: 26 additions & 26 deletions bun.lock
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

6 changes: 3 additions & 3 deletions packages/api/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,10 +39,10 @@
"devDependencies": {
"@effect/vitest": "^0.29.0",
"@eslint/js": "10.0.1",
"@types/node": "^25.8.0",
"@types/node": "^25.9.0",
"@types/ws": "^8.18.1",
"@typescript-eslint/eslint-plugin": "^8.59.3",
"@typescript-eslint/parser": "^8.59.3",
"@typescript-eslint/eslint-plugin": "^8.59.4",
"@typescript-eslint/parser": "^8.59.4",
Comment on lines +42 to +45
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot May 18, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical | ⚡ Quick win

🧩 Analysis chain

🌐 Web query:

Does @types/node version 25.9.0 exist on npm and are there any known security issues?

💡 Result:

The npm package @types/node does not have a version 25.9.0 [1][2]. While Node.js itself has a version 25.9.0 [3][4], the @types/node package follows a different versioning scheme where the major and minor versions align with Node.js, but the patch version is managed independently by the DefinitelyTyped project [5]. As of May 18, 2026, the latest available version of @types/node is 25.7.0 [2]. Regarding security, there are no direct vulnerabilities reported for the @types/node package in the Snyk vulnerability database [2]. It is important to note that @types/node is a development dependency containing only TypeScript type definitions and does not contain executable code, which significantly reduces its security risk profile. Users should be aware of a separate, malicious package named types-node (note the missing @ symbol), which has been identified as malicious and should be avoided [6]. Additionally, while there have been recent, unrelated supply chain attacks targeting other popular Node.js packages like node-ipc [7][8][9], these do not affect @types/node.

Citations:

🌐 Web query:

Does @typescript-eslint/eslint-plugin version 8.59.4 exist on npm and are there any known security issues?

💡 Result:

As of May 18, 2026, version 8.59.4 of @typescript-eslint/eslint-plugin does not exist on npm [1][2]. The latest stable releases for the 8.x branch have reached 8.59.3 [1]. There are no known direct security vulnerabilities associated with the current versions of @typescript-eslint/eslint-plugin [3]. While security tools like Snyk and other vulnerability databases monitor the package, it is consistently reported as having no known direct security issues [3][4]. Users are generally advised to keep the package updated to the latest stable version to ensure they have the most recent security patches for any transitive dependencies [5]. If you encounter security warnings in your project, they often stem from transitive dependencies (such as minimatch) rather than the plugin itself, and these are typically resolved by updating to the latest version of @typescript-eslint/eslint-plugin [5].

Citations:

🏁 Script executed:

#!/bin/bash
# Verify that typecheck passes with updated dependencies
cd packages/api
bun run typecheck

Repository: ProverCoderAI/docker-git

Length of output: 112

Указанные версии пакетов не существуют на npm.

Версия @types/node@25.9.0 не опубликована на npm. На май 2026 г. последняя доступная версия — 25.7.0. Версия @typescript-eslint/eslint-plugin@8.59.4 также не существует; в ветке 8.x последняя стабильная версия — 8.59.3.

Обновите package.json, используя существующие версии:

  • @types/node@^25.7.0 (или актуальнейшую доступную)
  • @typescript-eslint/eslint-plugin@^8.59.3 (или актуальнейшую доступную)
  • @typescript-eslint/parser@^8.59.3 (синхронизируйте версию с eslint-plugin)

После исправления разрешений версий выполните bun run typecheck и bun run check для проверки совместимости обновленных зависимостей с кодовой базой.

🤖 Prompt for AI Agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@packages/api/package.json` around lines 42 - 45, Update the invalid
dependency versions in package.json: change "`@types/node`" to a published version
(e.g., ^25.7.0) and align the TypeScript ESLint packages so both
"`@typescript-eslint/eslint-plugin`" and "`@typescript-eslint/parser`" use the same
existing release (e.g., ^8.59.3); save the package.json, install, then run the
project checks with `bun run typecheck` and `bun run check` to validate
compatibility of the updated versions (focus edits around the dependency entries
for "`@types/node`", "`@typescript-eslint/eslint-plugin`", and
"`@typescript-eslint/parser`").

"eslint": "^10.4.0",
"fast-check": "4.8.0",
"globals": "^17.6.0",
Expand Down
8 changes: 4 additions & 4 deletions packages/app/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -96,12 +96,12 @@
"@eslint/js": "10.0.1",
"@prover-coder-ai/eslint-plugin-suggest-members": "^0.0.26",
"@ton-ai-core/vibecode-linter": "^1.0.11",
"@types/node": "^25.8.0",
"@types/node": "^25.9.0",
"@types/react": "^19.2.14",
"@types/react-dom": "^19.2.3",
"@types/ws": "^8.18.1",
"@typescript-eslint/eslint-plugin": "^8.59.3",
"@typescript-eslint/parser": "^8.59.3",
"@typescript-eslint/eslint-plugin": "^8.59.4",
"@typescript-eslint/parser": "^8.59.4",
"@vitejs/plugin-react": "^6.0.2",
"@vitest/coverage-v8": "^4.1.6",
"@vitest/eslint-plugin": "^1.6.17",
Expand All @@ -118,7 +118,7 @@
"globals": "^17.6.0",
"jscpd": "^4.2.3",
"typescript": "^6.0.3",
"typescript-eslint": "^8.59.3",
"typescript-eslint": "^8.59.4",
"vite": "^8.0.13",
"vitest": "^4.1.6",
"ws": "^8.20.1"
Expand Down
2 changes: 1 addition & 1 deletion packages/docker-git-session-sync/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@
"packageManager": "bun@1.3.11",
"devDependencies": {
"@effect/vitest": "^0.29.0",
"@types/node": "^25.8.0",
"@types/node": "^25.9.0",
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot May 18, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical | ⚡ Quick win

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Verify typecheck passes with updated `@types/node`
cd packages/docker-git-session-sync
bun run typecheck

Repository: ProverCoderAI/docker-git

Length of output: 112

🏁 Script executed:

#!/bin/bash
# Check Node.js version target and existing dependencies
cd packages/docker-git-session-sync
echo "=== package.json content ===" 
cat package.json | head -50

echo -e "\n=== Root package.json for Node version info ===" 
cat ../../package.json | grep -A 5 -B 5 "engines\|node"

echo -e "\n=== Check for tsconfig.json ===" 
find . -name "tsconfig.json" -o -name "tsconfig*.json" | xargs cat 2>/dev/null || echo "No tsconfig found in this package"

Repository: ProverCoderAI/docker-git

Length of output: 3023

🏁 Script executed:

#!/bin/bash
# Search for `@types/node` and TypeScript version info in repository
echo "=== Looking for TypeScript version ===" 
rg "`@types/node`|typescript" package.json --max-count=5 -A 1 | head -30

echo -e "\n=== Check root package.json ===" 
cat package.json | grep -E "typescript|`@types/node`" -A 1 -B 1

echo -e "\n=== Node.js engine requirements ===" 
cat package.json | grep -E "engines|\"node\""

Repository: ProverCoderAI/docker-git

Length of output: 177

🏁 Script executed:

#!/bin/bash
# Check root tsconfig.base.json and Node.js version requirement
echo "=== Root tsconfig.base.json ===" 
cat tsconfig.base.json | head -30

echo -e "\n=== Root package.json - engines/node requirement ===" 
cat package.json | grep -A 10 "\"engines\""

Repository: ProverCoderAI/docker-git

Length of output: 939

🌐 Web query:

@types/node 25.9.0 TypeScript 6.0 compatibility Node.js version

💡 Result:

The @types/node package version 25.9.0 is designed to provide TypeScript type definitions for Node.js version 25.9.0 [1]. Regarding compatibility and versioning: 1. Node.js Version: The major and minor versions of @types/node generally correspond directly to the Node.js version they support [2]. Therefore, @types/node 25.9.0 is intended for use with Node.js 25.9.0 [1]. 2. TypeScript Compatibility: There is no strict, hard-coded dependency between specific versions of @types/node and TypeScript versions [3]. Instead, @types/node is compatible with any TypeScript version that supports the syntax used in its declaration files [3]. As of May 2026, TypeScript 6.0 is the current stable release [4][5], and @types/node 25.9.0 is fully compatible with it. While older versions of @types/node have occasionally dropped support for very old TypeScript versions (e.g., versions older than 3.7) [3], modern releases like 25.9.0 are designed to work with contemporary TypeScript environments, including TypeScript 6.0 [4]. In summary, you can safely use @types/node 25.9.0 with Node.js 25.9.0 and TypeScript 6.0 [1][4][2].

Citations:

🏁 Script executed:

#!/bin/bash
# Check for Node.js version specifications
echo "=== Looking for .nvmrc or .node-version ===" 
find . -name ".nvmrc" -o -name ".node-version" | xargs cat 2>/dev/null || echo "Not found"

echo -e "\n=== Check CI/CD workflows ===" 
find . -path "*/.*github/workflows" -o -path "*/.gitlab-ci.yml" | head -10

echo -e "\n=== Look for Dockerfile Node base image ===" 
find . -name "Dockerfile*" | xargs grep -i "FROM.*node" 2>/dev/null | head -5

echo -e "\n=== Check package.json packageManager and Node version ===" 
cat package.json | grep -E "packageManager|engines|node" || echo "No explicit engine requirement"

echo -e "\n=== Check if there are other `@types/node` versions in workspace ===" 
find packages -name "package.json" | xargs grep "`@types/node`" | head -20

Repository: ProverCoderAI/docker-git

Length of output: 794

🏁 Script executed:

#!/bin/bash
# Search for actual Node.js usage and version clues
echo "=== Check for minimum Node.js version in code comments ===" 
rg "node.*20|node.*22|node.*24|Node.js.*2[0-9]" --max-count=10

echo -e "\n=== Check if this is a type definitions only package ===" 
cat packages/docker-git-session-sync/package.json | grep -E "\"main\"|\"types\"|\"exports\"" -A 1

Repository: ProverCoderAI/docker-git

Length of output: 4078

Версия @types/node 25.9.0 несовместима с целевыми версиями Node.js проекта.

Проект использует target: "node20" в vite конфигах и Docker образы с Node.js 24, но @types/node: ^25.9.0 соответствует Node.js 25.x (будущая версия). Версионирование @types/node напрямую следует за версиями Node.js: @types/node 20.x для Node.js 20, @types/node 24.x для Node.js 24.x и т.д.

Используйте:

  • @types/node: ^24.x если проект ориентирован на Node.js 24
  • @types/node: ^20.x если проект ориентирован на Node.js 20

Текущая версия вызовет несоответствия типов и проблемы при типизации.

🤖 Prompt for AI Agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@packages/docker-git-session-sync/package.json` at line 41, The dependency
"`@types/node`": "^25.9.0" is incompatible with the project's Node targets (vite
target "node20" and Docker Node 24); update the package.json entry for
"`@types/node`" to a matching major for your runtime (use "^24.x" if the Docker
images run Node 24, or "^20.x" if you intend Node 20), then reinstall/update
lockfile (npm/yarn/pnpm) and ensure the vite config target and Docker base
images remain consistent with the chosen `@types/node` version.

"@vitejs/plugin-react": "^6.0.2",
"typescript": "^6.0.3",
"vite": "^8.0.13",
Expand Down
8 changes: 4 additions & 4 deletions packages/lib/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -61,10 +61,10 @@
"@eslint/js": "10.0.1",
"@prover-coder-ai/eslint-plugin-suggest-members": "^0.0.26",
"@ton-ai-core/vibecode-linter": "^1.0.11",
"@types/node": "^25.8.0",
"@typescript-eslint/eslint-plugin": "^8.59.3",
"@typescript-eslint/parser": "^8.59.3",
"typescript-eslint": "^8.59.3",
"@types/node": "^25.9.0",
"@typescript-eslint/eslint-plugin": "^8.59.4",
"@typescript-eslint/parser": "^8.59.4",
"typescript-eslint": "^8.59.4",
"@vitest/coverage-v8": "^4.1.6",
"eslint": "^10.4.0",
"eslint-import-resolver-typescript": "^4.4.4",
Expand Down
Loading