chore: update dependencies and improve CI workflow#500
Conversation
- 📦 vue: v3.5.24 → v3.5.25 - 📦 vite: v7.2.2 → v7.2.4 - 📦 @vitejs/plugin-vue: v6.0.1 → v6.0.2 - 📦 @vitejs/plugin-vue-jsx: v5.1.1 → v5.1.2 - 📦 @vue/babel-plugin-jsx: v1.5.0 → v2.0.1 - 📦 @vue/devtools-core: v8.0.3 → v8.0.5 - 📦 @vue/devtools-kit: v8.0.3 → v8.0.5 - �� @dxup/nuxt: v0.2.1 → v0.2.2 - 📦 @iconify/collections: v1.0.617 → v1.0.621 - 📦 @emnapi/core: v1.7.0 → v1.7.1 - 📦 baseline-browser-mapping: v2.8.27 → v2.8.31 - 📦 caniuse-lite: v1.0.30001754 → v1.0.30001757 - 📦 csstype: v3.1.3 → v3.2.3 - 📦 default-browser: v5.3.0 → v5.4.0 - 📦 default-browser-id: v5.0.0 → v5.0.1 - 📦 electron-to-chromium: v1.5.250 → v1.5.259 - 📦 mdast-util-to-hast: v13.2.0 → v13.2.1 - 📦 seroval: v1.3.2 → v1.4.0 - 📦 unplugin-vue-router: v0.16.1 → v0.16.2 - 📦 vite-node: v5.0.0 → v5.2.0 - 🔥 Removed duplicate knitwork v1.2.0 - 🔥 Removed duplicate unplugin v2.3.10 - 🔥 Removed duplicate unstorage v1.17.2 - 🔥 Removed duplicate youch v4.1.0-beta.12 - 🔥 Removed outdated @rolldown/pluginutils v1.0.0-beta.29 - ♻️ Consolidated database migration workflows - ✅ Added database seeding step for staging environment - 🔧 Updated workflow to use reusable pnpm setup action
Summary of ChangesHello @Perdolique, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request focuses on maintaining the project's health and efficiency by updating various dependencies to their latest stable versions and enhancing the continuous integration pipeline. These changes ensure better performance, improved compatibility with modern web standards, and a more robust and streamlined development workflow. Highlights
Ignored Files
Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here. You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension. Footnotes
|
🎉 Deployed to Cloudflare!
|
There was a problem hiding this comment.
Pull request overview
This PR updates various dependencies across the Vue and Vite ecosystems, modernizes browser compatibility data, removes duplicate package versions, and consolidates database migration workflows into a single unified workflow with dynamic environment selection.
- Dependencies: Updated Vue to 3.5.25, Vite to 7.2.4, devtools packages to 8.0.5, icon collections to 1.0.621, and various browser mapping packages
- Cleanup: Removed duplicate versions of knitwork, unplugin, unstorage, youch, and outdated @rolldown/pluginutils
- CI Workflow: Merged staging and production migration workflows into one with conditional environment selection and database seeding for PRs
Reviewed changes
Copilot reviewed 3 out of 4 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| package.json | Updated Vue to 3.5.25 and pnpm to 10.23.0 |
| pnpm-lock.yaml | Comprehensive dependency updates including Vue ecosystem, Vite, devtools, icons, and browser mappings; removed duplicate package versions |
| .github/workflows/database-migration.yml | Consolidated workflow with dynamic environment selection (staging for PRs, production for master) and conditional database seeding |
| .github/workflows/database-migration-production.yml | Removed in favor of consolidated workflow |
Files not reviewed (1)
- pnpm-lock.yaml: Language not supported
Comments suppressed due to low confidence (2)
.github/workflows/database-migration.yml:23
- The
actions/checkout@v6does not exist. The latest major version of the checkout action is v4. Please update this to useactions/checkout@v4instead.
.github/workflows/database-migration.yml:15 - The trigger configuration has been updated to include both
pull_requestandpushevents, but thepathsfilter that was previously present has been removed. This means the workflow will now run for all changes on PRs and pushes to master, not just when database migration files or this workflow file are modified. This could lead to unnecessary workflow runs. Consider re-adding thepathsfilter:
on:
pull_request:
branches:
- master
types:
- opened
- synchronize
paths:
- 'server/database/migrations/**'
- '.github/workflows/database-migration.yml'
push:
branches:
- master
paths:
- 'server/database/migrations/**'
- '.github/workflows/database-migration.yml'💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request updates numerous dependencies and cleans up the dependency tree by removing several duplicate packages. The changes are well-described and contribute to keeping the project up-to-date. My review includes a suggestion to further consolidate dependencies using pnpm overrides, which will improve consistency and reduce the bundle size. Overall, this is a good maintenance PR.
| @@ -53,5 +53,5 @@ | |||
| "wrangler": "4.50.0", | |||
| "ws": "8.18.3" | |||
| }, | |||
There was a problem hiding this comment.
While this PR does a great job of cleaning up some duplicate dependencies, there's an opportunity to consolidate even more. The lockfile shows that multiple versions of @rolldown/pluginutils (v1.0.0-beta.50 and v1.0.0-beta.51) and youch (v4.1.0-beta.10 and v4.1.0-beta.13) are still present.
To ensure consistency and a smaller dependency tree, you can use pnpm's overrides feature to force a single version for these packages. This will make all dependencies use the latest versions available in this PR.
Since some of these are beta versions, please ensure this override doesn't introduce any breaking changes by running tests after applying.
},
"pnpm": {
"overrides": {
"@rolldown/pluginutils": "1.0.0-beta.51",
"youch": "4.1.0-beta.13"
}
},
What's Up, Homies? 😎👍
This PR packs some fresh updates to our dependencies and streamlines our CI workflow setup 💨
Package Upgrades 📦
Major updates rolling through:
Plus a bunch of minor updates across the board keeping everything tight and compatible 💪
Cleanup Work 🔥
Removed some duplicate and outdated packages:
CI Workflow Improvements ♻️
Merged the separate database migration workflows into one universal workflow that:
Testing
All packages updated successfully, no breaking changes detected. CI workflows validated and ready to roll 🚀