Update dependencies

[devksingh4]

Fixes compatibility with Pino v10 as well as unify logger type

Summary by CodeRabbit

• Chores

  • Updated dependencies across the project, including AWS SDK packages (v3.914.0), React ecosystem libraries, Mantine UI components, authentication libraries, and utility packages.
  • Standardized internal logging type handling for improved code consistency.

• Bug Fixes

  • Enhanced logging for Apple Wallet card issuance process.

[coderabbitai]

Walkthrough

This PR updates project dependencies across root and workspace package.json files and refactors logger type definitions from union types (pino.Logger | FastifyBaseLogger) to a centralized ValidLoggers type across multiple API function signatures.

Changes

Cohort / File(s)	Summary
Dependency version bumps in root and UI package.json, src/ui/package.json	Minor and patch version updates for build tools and UI libraries including @types/react, esbuild, @azure/msal, @mantine/*, @tabler/icons-react, react, dayjs, pdfjs-dist, zod, and mantine-form-zod-resolver.
Workspace API dependency upgrades src/api/package.json	Upgraded AWS SDK v3 packages (client-dynamodb, client-lambda, client-secrets-manager, client-ses, client-sqs, client-sts, signature-v4-crt, util-dynamodb) from ^3.895.0 to ^3.914.0; pino from ^9.6.0 to ^10.1.0 (major version); stripe from ^18.0.0 to ^19.1.0; argon2 from ^0.43.0 to ^0.44.0; uuid from ^11.1.0 to ^13.0.0.
Archival workspace dependency updates src/archival/package.json	Updated esbuild devDependency from ^0.25.3 to ^0.25.11; upgraded @AWS-SDK packages (client-dynamodb, client-firehose, util-dynamodb) from ^3.895.0 to ^3.914.0.
Logger type consolidation in API functions src/api/functions/authorization.ts, src/api/functions/entraId.ts, src/api/functions/membership.ts, src/api/functions/redisCache.ts	Replaced logger type union (pino.Logger | FastifyBaseLogger) with ValidLoggers in function parameters and type definitions. Removed direct pino import; added ValidLoggers import from api/types.js.
Logger type and logging in mobile wallet src/api/functions/mobileWallet.ts	Updated logger parameter type from pino.Logger | FastifyBaseLogger to ValidLoggers; added new logger.info() call for membership file construction.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

• Pino major version bump (9.6.0 → 10.1.0) in src/api/package.json warrants verification for breaking changes and compatibility with existing logging calls
• Logger type consolidation is consistent across files but confirms ValidLoggers type is correctly defined and exported from api/types.js
• Stripe major version update (18.0.0 → 19.1.0) should be verified for API compatibility

Poem

🐰 Hop hop, the types align,
Logger friends now ValidLoggers shine!
Dependencies fresh, all bumped with care,
Pino hops to ten, there's magic in the air! ✨

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 12.50% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check	✅ Passed	The title "Update dependencies" is overly broad and partially related to the changeset. While the PR does include dependency updates across multiple package.json files (root, src/api, src/archival, src/ui), the primary objective—as stated in the PR description—is to fix Pino v10 compatibility and unify logger types. The substantive code changes involve refactoring type definitions across five TypeScript files, replacing pino.Logger | FastifyBaseLogger with a unified ValidLoggers type. The title captures only the dependency update aspect and misses the main engineering intent, making it overly broad rather than a clear summary of the primary change.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch dsingh14/update-deps

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Cache: Disabled due to data retention organization setting

Knowledge base: Disabled due to data retention organization setting

📥 Commits

Reviewing files that changed from the base of the PR and between 3f6cb50 and 8633c7b.

⛔ Files ignored due to path filters (1)

• yarn.lock is excluded by !**/yarn.lock, !**/*.lock

📒 Files selected for processing (9)

• package.json (3 hunks)
• src/api/functions/authorization.ts (2 hunks)
• src/api/functions/entraId.ts (2 hunks)
• src/api/functions/membership.ts (2 hunks)
• src/api/functions/mobileWallet.ts (3 hunks)
• src/api/functions/redisCache.ts (1 hunks)
• src/api/package.json (3 hunks)
• src/archival/package.json (1 hunks)
• src/ui/package.json (2 hunks)

🧰 Additional context used

🪛 ESLint

src/api/functions/membership.ts

[error] 25-25: Unexpected use of file extension "js" for "api/types.js"

(import/extensions)

src/api/functions/entraId.ts

[error] 35-35: Unexpected use of file extension "js" for "api/types.js"

(import/extensions)

src/api/functions/mobileWallet.ts

[error] 23-23: Unexpected use of file extension "js" for "api/types.js"

(import/extensions)

src/api/functions/authorization.ts

[error] 23-23: Unexpected use of file extension "js" for "api/types.js"

(import/extensions)

src/api/functions/redisCache.ts

[error] 3-3: Unexpected use of file extension "js" for "api/types.js"

(import/extensions)

🔇 Additional comments (11)

package.json (1)

35-35: LGTM! Routine dependency updates.

The dependency version bumps look appropriate for this PR's goal of updating dependencies.

Also applies to: 47-48, 58-58

src/api/functions/entraId.ts (1)

35-35: LGTM! Consistent logger type unification.

The change aligns with the broader refactoring across the codebase to standardize logger types.

Also applies to: 47-47

src/api/functions/membership.ts (1)

25-25: LGTM! Logger type unified and unused import removed.

The refactoring is consistent with other files in this PR.

Also applies to: 41-41

src/api/functions/mobileWallet.ts (2)

23-23: LGTM! Logger type unified.

The type refactoring is consistent with other API functions.

Also applies to: 42-42

---

122-122: Good addition for observability.

The info-level log statement provides useful visibility into successful membership file construction.

src/archival/package.json (1)

19-19: LGTM! Routine dependency updates.

The AWS SDK and esbuild version bumps are consistent with updates across the monorepo.

Also applies to: 22-24

src/api/functions/redisCache.ts (1)

3-3: LGTM! Public type signatures unified.

The logger type updates in both GetFromCacheInput and SetInCacheInput complete the consistent refactoring pattern across all API functions.

Also applies to: 8-8, 16-16

src/api/functions/authorization.ts (1)

23-23: Verification complete — no issues found.

The ValidLoggers type definition at src/api/types.d.ts:13 correctly defines the union as FastifyBaseLogger | pino.Logger, ensuring backward compatibility. Usage is consistent across 8 files in the codebase, including the specified locations in src/api/functions/authorization.ts (lines 23 and 105).

src/ui/package.json (1)

22-47: Verify compatibility of major version updates with documented breaking changes.

Web research confirms significant breaking changes in all three packages:

React 19 requires a new JSX transform and removed long-deprecated APIs like ReactDOM.render/hydrate/unmountComponentAtNode. Error handling changed: errors thrown in render are no longer re-thrown but go to window.reportError and caught errors are logged differently. TypeScript type cleanup removed types for deprecated APIs.

React Router v7 changed the lazy API to an object-based format (loader/action/Component) and removed older json/defer helpers.

Zod v4 unified the error API (replace message/errorMap/required_error with a single error param), changed number/string/object handling, and modified .strict()/.passthrough() behavior.

These breaking changes require manual verification:

• Audit code for deprecated React 19 APIs (ReactDOM.render, string refs, legacy context patterns)
• Test React Router lazy routes against the new object-based API
• Verify mantine-form-zod-resolver and all Zod schema patterns work with v4's unified error API and object handling changes
• Confirm React 19 + Mantine 8.x compatibility

src/api/package.json (2)

56-56: Verify Node.js version compatibility for Pino v10 update.

Pino v10's breaking change is dropping support for Node 18. No explicit Node.js version constraint was found in the codebase configuration. Ensure your project targets Node 19+ before merging this update.

---

18-25: Dependencies verified as resolvable from npm registry.

All package versions specified in the PR have been confirmed to exist in npm:

• pino@10.1.0, @aws-sdk/client-dynamodb@3.914.0, argon2@0.44.0, stripe@19.1.0, and uuid@13.0.0 all resolve successfully
• The consistent AWS SDK versioning across all packages (^3.914.0) aligns with best practices
• The Pino v10 update directly addresses the PR objective and has been confirmed to exist in the registry

No blocking version conflicts were detected. The changes are safe to merge from a dependency resolution standpoint.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

💰 Infracost report

Monthly estimate generated

_{This comment will be updated when code changes.}