Skip to content

Upgrade CI actions and project dependencies#78

Merged
dsanchezcr merged 3 commits into
mainfrom
update-packages
Jul 13, 2026
Merged

Upgrade CI actions and project dependencies#78
dsanchezcr merged 3 commits into
mainfrom
update-packages

Conversation

@dsanchezcr

Copy link
Copy Markdown
Member

Bumps actions/checkout from v6 to v7 across CI, CodeQL, and dependency review workflows, and updates the devcontainer Docker-in-Docker feature to v4. Also refreshes frontend and API dependency versions (notably Radix UI, Tailwind, Playwright, ESLint/TypeScript tooling, Azure Functions packages, and Node types) to keep the stack current and aligned with newer toolchain releases.

Purpose

  • ...

Does this introduce a breaking change?

[ ] Yes
[ ] No

Pull Request Type

What kind of change does this Pull Request introduce?

[ ] Bugfix
[ ] Feature
[ ] Code style update (formatting, local variables)
[ ] Refactoring (no functional changes, no api changes)
[ ] Documentation content changes
[ ] Other... Please describe:

How to Test

  • Get the code
git clone [repo-address]
cd [repo-name]
git checkout [branch-name]
npm install
  • Test the code

What to Check

Verify that the following are valid

  • ...

Other Information

Bumps `actions/checkout` from v6 to v7 across CI, CodeQL, and dependency review workflows, and updates the devcontainer Docker-in-Docker feature to v4. Also refreshes frontend and API dependency versions (notably Radix UI, Tailwind, Playwright, ESLint/TypeScript tooling, Azure Functions packages, and Node types) to keep the stack current and aligned with newer toolchain releases.
@dsanchezcr dsanchezcr requested a review from Copilot July 12, 2026 23:15
@dsanchezcr dsanchezcr self-assigned this Jul 12, 2026
@dsanchezcr dsanchezcr added the enhancement New feature or request label Jul 12, 2026
@github-actions

github-actions Bot commented Jul 12, 2026

Copy link
Copy Markdown

Dependency Review

The following issues were found:

  • ✅ 0 vulnerable package(s)
  • ✅ 0 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ⚠️ 1 package(s) with unknown licenses.

View full job summary

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR updates CI/devcontainer tooling and refreshes frontend/API npm dependencies to keep the project aligned with newer ecosystem releases (GitHub Actions, Dev Containers features, and JS/TS packages).

Changes:

  • Bumped actions/checkout to v7 across CI, CodeQL, and dependency-review workflows.
  • Updated devcontainer Docker-in-Docker feature to :4.
  • Refreshed frontend and API dependency versions (Radix UI, Tailwind toolchain, Playwright, ESLint/TypeScript tooling, Azure Functions packages, Node types) and updated lockfiles accordingly.
Show a summary per file
File Description
package.json Updates frontend/runtime tooling deps (Radix UI, Tailwind, Playwright, ESLint/TS) including @types/node.
package-lock.json Lockfile updates reflecting the dependency refresh (includes new resolved/integrity entries).
api/package.json Updates API deps (@azure/functions) and dev tooling (@types/node, core tools).
api/package-lock.json Lockfile updates for the API dependency refresh (includes new resolved/integrity entries).
.github/workflows/dependency-review.yml Bumps checkout action to v7.
.github/workflows/codeql.yml Bumps checkout action to v7.
.github/workflows/ci-cd.yml Bumps checkout action to v7 across multiple jobs.
.devcontainer/devcontainer.json Updates Docker-in-Docker devcontainer feature to major :4.

Review details

Files not reviewed (1)
  • api/package-lock.json: Generated file
  • Files reviewed: 6/8 changed files
  • Comments generated: 3
  • Review effort level: Low

Comment thread api/package-lock.json
Comment on lines 237 to 241
"node_modules/@azure/functions": {
"version": "4.16.0",
"resolved": "https://registry.npmjs.org/@azure/functions/-/functions-4.16.0.tgz",
"integrity": "sha512-cwLld7tRi1VLYNdm1evgS9n8ABP/e+0uLjRO++OjM/kigERG80OfFRRMbag/vpXUzCtda83lDiuCvcwPlxgwZw==",
"version": "4.16.1",
"resolved": "https://ms-feed-2.pkgs.visualstudio.com/1es-public/_packaging/npm-public/npm/registry/@azure/functions/-/functions-4.16.1.tgz",
"integrity": "sha1-wy8A+f2oWzRYlbAQB2oDjWmcDPM=",
"license": "MIT",
Comment thread package.json Outdated
Comment thread api/package.json
Comment on lines 22 to +24
"@types/jest": "^30.0.0",
"@types/node": "^25.9.2",
"azure-functions-core-tools": "^4.12.0",
"@types/node": "^26.1.0",
"azure-functions-core-tools": "^4.12.1",
@github-actions

Copy link
Copy Markdown

Azure Static Web Apps: Your stage site is ready! Visit it here: https://black-cliff-03b41b10f-78.eastus2.7.azurestaticapps.net

dsanchezcr and others added 2 commits July 13, 2026 09:42
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Updates key app and DX packages in package.json, including Application Insights, framer-motion, lucide-react, recharts, Playwright, ESLint, TypeScript-ESLint, globals, and Vite, while aligning Node type definitions to v26 and refreshing lockfiles accordingly.

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Review details

Files not reviewed (1)
  • api/package-lock.json: Generated file
  • Files reviewed: 6/8 changed files
  • Comments generated: 2
  • Review effort level: Low

Comment thread package.json
Comment on lines +74 to 77
"@playwright/test": "^1.61.1",
"@tailwindcss/postcss": "^4.3.2",
"@types/node": "^26.1.0",
"@types/react": "^19.0.10",
Comment thread api/package-lock.json
Comment on lines 237 to 241
"node_modules/@azure/functions": {
"version": "4.16.0",
"resolved": "https://registry.npmjs.org/@azure/functions/-/functions-4.16.0.tgz",
"integrity": "sha512-cwLld7tRi1VLYNdm1evgS9n8ABP/e+0uLjRO++OjM/kigERG80OfFRRMbag/vpXUzCtda83lDiuCvcwPlxgwZw==",
"version": "4.16.1",
"resolved": "https://ms-feed-2.pkgs.visualstudio.com/1es-public/_packaging/npm-public/npm/registry/@azure/functions/-/functions-4.16.1.tgz",
"integrity": "sha1-wy8A+f2oWzRYlbAQB2oDjWmcDPM=",
"license": "MIT",
@github-actions

Copy link
Copy Markdown

Azure Static Web Apps: Your stage site is ready! Visit it here: https://black-cliff-03b41b10f-78.eastus2.7.azurestaticapps.net

@dsanchezcr dsanchezcr merged commit eaffa92 into main Jul 13, 2026
19 checks passed
@github-actions

Copy link
Copy Markdown

🧹 Preview Environment Cleaned Up

Resource group ZavaGiftExchange-pr-78 is being deleted.

All Azure resources for this PR have been removed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

enhancement New feature or request

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants