Skip to content

IS-11486 Update dependencies#241

Merged
luisgoncalves merged 1 commit into
devfrom
feature/IS-11486-upgrade-dependencies
Jun 22, 2026
Merged

IS-11486 Update dependencies#241
luisgoncalves merged 1 commit into
devfrom
feature/IS-11486-upgrade-dependencies

Conversation

@luisgoncalves

@luisgoncalves luisgoncalves commented Jun 19, 2026

Copy link
Copy Markdown
Contributor

Summary

Brings in the direct dependency (package.json) updates that Dependabot opened PRs for, applied directly to this branch instead of merging the Dependabot PRs.

Why not just merge the Dependabot PRs?

The open Dependabot PRs target the wrong base branch — the Dependabot configuration was changed after those PRs were created, so their diffs are computed against an outdated base and can't be merged cleanly (several even contain garbled hunks, e.g. a spurious react downgrade). Instead, the version bumps were re-applied by hand to the correct dependency declarations in the working tree, preserving the ^ ranges. Lock file changes were intentionally excluded — package-lock.json is regenerated via npm install against these new ranges.

Dependency changes

Package Previous version New version Dependabot PR Files
astro 6.1.6 6.4.6 #237 css/docs
react-router 7.9.4 / 7.13.1 7.18.0 #234 component-library / ssp
cypress 15.11.0 15.17.0 #197 ssp
stylelint-config-standard 39.0.1 40.0.0 #191 component-library, ssp
react-i18next 16.1.5 17.0.8 #190 ssp
react-dom 19.2.0 / 19.0.0 / 19.2.4 19.2.7 #189 css/docs / haapi-react-app / ssp
@types/react-dom 19.0.2 / 19.0.4 / 19.0.2 19.2.3 #189 css/docs / haapi-react-app / ssp
react-error-boundary 6.0.0 6.1.2 #188 ssp
jsdom 27.0.1 / 26.1.0 / 27.0.1 29.1.1 #187 component-library / haapi-react-app / ssp

(Slash-separated versions correspond to the listed files in the same order. ssp = self-service-portal/app.)

Lock-file-only Dependabot PRs (not included here)

These PRs only touched package-lock.json (transitive dependency bumps with no package.json change), so there was nothing specific to bring in, since the lock file was also regenerated for this PR:

  • #239 — js-yaml 4.1.1 → 4.2.0
  • #238 — form-data 4.0.5 → 4.0.6
  • #209 — tmp 0.2.5 → 0.2.7
  • #183 — lodash, @microsoft/api-extractor and @graphql-codegen/plugin-helpers
  • #182 — systeminformation 5.31.3 → 5.31.6
  • #180 — follow-redirects 1.15.11 → 1.16.0
  • #179 — postcss 8.5.6 → 8.5.14
  • #178 — fast-uri 3.1.0 → 3.1.2
  • #170 — devalue 5.6.4 → 5.8.1

Note: #197 also removes uuid, but it is not a direct dependency in any package.json, so only the cypress bump applied.

🤖 Generated with Claude Code

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Updates several workspace package.json files in the ui-kit monorepo to incorporate Dependabot-driven dependency version bumps (without merging the original Dependabot PRs).

Changes:

  • Bump core runtime deps in Self Service Portal (e.g., react-dom, react-router, react-i18next, i18next, react-error-boundary).
  • Update dev/test tooling deps across workspaces (e.g., cypress, jsdom, stylelint-config-standard, @types/react-dom).
  • Update CSS docs site deps (e.g., astro, react-dom).

Reviewed changes

Copilot reviewed 4 out of 5 changed files in this pull request and generated 2 comments.

File Description
src/self-service-portal/app/package.json Dependency bumps for the self-service portal app (React ecosystem + tooling).
src/haapi-react-app/package.json Updates React DOM/types and jsdom for the HAAPI React app.
src/common/css/docs/package.json Updates Astro + React DOM/types for the CSS docs site.
src/common/component-library/package.json Updates react-router/jsdom/stylelint config and adjusts React peer dependency constraints.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread src/common/component-library/package.json
Comment thread src/self-service-portal/app/package.json
@luisgoncalves luisgoncalves force-pushed the feature/IS-11486-upgrade-dependencies branch from 647c2f1 to 1e65973 Compare June 19, 2026 16:34
Comment thread src/common/component-library/package.json
@luisgoncalves luisgoncalves merged commit 5477210 into dev Jun 22, 2026
4 checks passed
@luisgoncalves luisgoncalves deleted the feature/IS-11486-upgrade-dependencies branch June 22, 2026 14:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants