chore: upgrade dependencies

[pan93412]

Summary by CodeRabbit

• Chores
  • Updated Node engine requirement (>= 20.9.0).
  • Bumped and aligned dependencies across core SDKs, UI libraries, and development tooling.
  • Added and adjusted public UI/component libraries to the dependency list.
  • Migrated experimental/canary package references toward stable-compatible versions.
  • No changes to public API signatures or runtime scripts.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Preview	Comments	Updated (UTC)
dbplay-app	Ready	Preview	Comment	Nov 19, 2025 4:50pm

[coderabbitai]

Walkthrough

Updated package.json to add an engines.node constraint (>=20.9.0) and bump multiple dependency and devDependency versions across SDKs, React, Next, UI libraries, codegen, linting, and tooling. No code, scripts, or exported API signature changes.

Changes

Cohort / File(s)	Change Summary
Package manifest package.json	Added engines.node (>=20.9.0). Multiple dependency and devDependency version bumps (e.g., @ai-sdk/*, next, react, react-dom, lucide-react, @radix-ui/*, @graphql-codegen/*, @typescript-eslint/*, eslint-config-next, posthog-*, streamdown, and related tooling). No source-code or script changes.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

• Check peer dependency compatibility (Next/React, Radix, SDKs).
• Verify no incompatible canary/experimental versions are introduced.
• Confirm the Node engine constraint is acceptable for CI and deployments.

Possibly related PRs

• chore: upgrade dependencies #36: Overlapping package.json dependency/version upgrades affecting next, React, Radix UI, @ai-sdk packages, and related tooling.

Poem

🐰 I hopped through package.json, versions in a row,
Engines set to newer skies where builds can safely go.
SDKs and Radix polished, canaries tucked in nest,
A tidy hop of updates — now off to take a rest. ✨

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'chore: upgrade dependencies' accurately summarizes the main change of the pull request, which involves bumping multiple dependency versions and adding Node.js engine requirements.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch upgrade-dependencies

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between a69b897 and fa476ac.

⛔ Files ignored due to path filters (1)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (1)

• package.json (2 hunks)

🔇 Additional comments (7)

package.json (7)

56-56: Verify version constraint consistency across React ecosystem.

React (canary), react-dom (canary), and Next.js (16.0.3) have been updated together. While the React versions match, verify that Next.js 16 officially supports React 19.3.0-canary. Mismatched versions in this ecosystem can cause SSR mismatches, hydration errors, or runtime issues.

Also applies to: 58-58, 52-52

---

17-18: Verify AI SDK package compatibility after version bump.

The @ai-sdk/anthropic, @ai-sdk/react, and ai packages have been updated. Confirm that:

1. The API surface hasn't changed between versions
2. Any new peer dependencies are satisfied
3. Type definitions are compatible with TypeScript updates (line 81)
4. Existing hook calls in components still work (especially if @ai-sdk/react's hooks changed)

Also applies to: 45-45

---

73-73: Verify @graphql-codegen and TypeScript parser compatibility.

Both @graphql-codegen/cli (line 73) and @typescript-eslint/parser (line 81) have been updated. Since codegen likely generates TypeScript code and the parser processes it, ensure:

1. Generated code is compatible with the new parser version
2. No new linting errors are introduced on generated files
3. Run npm run codegen and npm run lint to verify

Also applies to: 81-81

---

41-41: Verify @swc-contrib plugin pinning strategy.

The @swc-contrib/plugin-graphql-codegen-client-preset uses tilde (~0.9.0), allowing patch-level updates. This is inconsistent with most other dependencies that use caret (^). Confirm this tighter constraint is intentional—perhaps due to known instability in minor versions?

---

26-40: Verify @radix-ui package versions are compatible with React 19.3.0-canary.

All @radix-ui packages are now explicitly listed in dependencies. Confirm they officially support React 19.3.0 (canary). Pre-release React versions may lack compatibility guarantees.

---

51-51: Note: lucide-react is updated to 0.554.0.

lucide-react has been bumped to version 0.554.0. Confirm that all icon names and usage in the codebase remain valid—while lucide maintains good backward compatibility, icon removal or renaming does occasionally occur in minor/patch versions.

---

56-56: Verify intentional use of React canary and confirm testing coverage.

The project uses React and react-dom from the canary channel (19.3.0-canary-eb89912e-20251118), which are pre-release experimental builds. Current stable React is 19.2.0 (released Oct 1, 2025), and React 19.3.0 only has canary/prerelease builds with no official stable release date announced.

Confirm that:

1. Using canary versions is intentional and aligned with your project's risk tolerance
2. All tests pass and cover the experimental APIs you're using
3. There's a documented plan to migrate to stable releases when 19.3.0 ships

Also applies to: 58-58

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

Verify Next.js 16 compatibility and breaking changes.

Next.js has been bumped to version 16.0.3 (new major version). Major version upgrades typically include breaking changes and require careful testing. Ensure:

1. All existing routes and middleware continue to function
2. API routes and server components are still compatible
3. Build and deployment processes have been tested
4. Environment variables and configuration remain valid

---

🌐 Web query:

What are the major breaking changes in Next.js 16.0 compared to the previous version?

💡 Result:

Here are the major breaking changes in Next.js 16 (summary + migration impacts):

• Async Request APIs — synchronous access removed: params, searchParams, cookies(), headers(), draftMode() are now Promises and must be awaited (update pages/layouts/routes that read them). [1]
• Image & image-generation changes — image defaults and image-generation props (opengraph/twitter/icon/apple-image) now use async params / changed defaults (TTL, qualities, blocked local IP optimization). Adjust image code and next.config.js. [1][2]
• Middleware → proxy rename/behaviour change — middleware.ts patterns are replaced by proxy.ts (different request interception model). Update middleware/proxy usage. [2]
• Node / TypeScript minimums bumped — Node.js >= 20.9.0 and TypeScript >= 5.1 required (Node 18 no longer supported). Update runtimes/CI. [2]
• Removed legacy features/configs — AMP support removed; serverRuntimeConfig/publicRuntimeConfig removed (use env vars); next lint command removed from build (use ESLint/Biome CLI). [2]
• Caching API changes & new cache primitives — new/changed APIs (revalidateTag(), updateTag(), refresh(), Cache Components / use cache) alter caching patterns and some function signatures. [1][2]
• Bundler/runtime defaults & other renames — Turbopack promoted/stable as default bundler and some experimental flags/config locations changed (e.g., experimental.turbopack → top-level turbopack). Review config. [2]

For detailed migration instructions and codemods (e.g., async API codemod, typegen), see the official upgrade guide and release notes. [1][2]

Sources: [1] Next.js — Upgrading: Version 16 (docs) ; [2] Next.js — Next 16 release notes/blog.

---

🏁 Script executed:

#!/bin/bash
# Check package.json for Node/TS version requirements and related configs
cat package.json

Length of output: 3000

---

🏁 Script executed:

#!/bin/bash
# Look for middleware.ts or middleware patterns
fd -e ts -e js | xargs grep -l "middleware" 2>/dev/null | head -20

Length of output: 0

---

🏁 Script executed:

#!/bin/bash
# Search for params, searchParams, cookies, headers usage (async API patterns)
rg -n "(params|searchParams|cookies|headers|draftMode)\(" --type=ts --type=tsx --type=js --type=jsx -C2 | head -50

Length of output: 27

---

🏁 Script executed:

#!/bin/bash
# Search for legacy removed configs/features
rg -n "(serverRuntimeConfig|publicRuntimeConfig|AMP)" --type=ts --type=tsx --type=js --type=jsx

Length of output: 27

---

🏁 Script executed:

#!/bin/bash
# Check for image/image-generation usage
rg -n "(Image|generateImageMetadata)" --type=ts --type=tsx --type=js --type=jsx | head -20

Length of output: 27

---

🏁 Script executed:

#!/bin/bash
# Look for middleware.ts specifically
fd -name "middleware.ts" -o -name "middleware.js"

Length of output: 230

---

🏁 Script executed:

#!/bin/bash
# Check directory structure for Next.js app patterns
find . -type f -name "*.ts" -o -name "*.tsx" | grep -E "(route|layout|page)" | head -20

Length of output: 618

---

🏁 Script executed:

#!/bin/bash
# Check for next.config.js and potential config changes
cat next.config.js 2>/dev/null || echo "next.config.js not found in root"

Length of output: 32

---

🏁 Script executed:

#!/bin/bash
# Search for potential experimental.turbopack or turbopack config
rg -n "turbopack|experimental" --type=js --type=ts

Length of output: 94

---

🏁 Script executed:

#!/bin/bash
# Check tsconfig for TypeScript version target or settings
cat tsconfig.json 2>/dev/null || echo "tsconfig.json not found"

Length of output: 843

---

🏁 Script executed:

#!/bin/bash
# Check .npmrc or .node-version for Node version requirements
[ -f .node-version ] && cat .node-version || echo ".node-version not found"
[ -f .npmrc ] && cat .npmrc || echo ".npmrc not found"

Length of output: 40

---

🏁 Script executed:

#!/bin/bash
# Search for cache() usage and revalidateTag patterns
rg -n "(revalidateTag|updateTag|cache\(|unstable_cache)" --type=ts --type=tsx --type=js --type=jsx

Length of output: 27

---

🏁 Script executed:

#!/bin/bash
# Check for legacy next lint usage
rg -n "next lint" --type=json --type=js --type=ts

Length of output: 0

---

🏁 Script executed:

#!/bin/bash
# List key files in the project root to understand structure
ls -la | grep -E "^\." | head -20

Length of output: 0

---

🏁 Script executed:

#!/bin/bash
# Check if there are app router or pages router routes
fd -type d -name "app" -o -name "pages" | head -10

Length of output: 170

---

🏁 Script executed:

#!/bin/bash
# Look for actual route definitions
find . -path "*/app/*/route.ts" -o -path "*/pages/api/*.ts" 2>/dev/null | head -20

Length of output: 117

---

🏁 Script executed:

#!/bin/bash
# Check env variable usage
rg -n "process\.env|ENV" --type=ts --type=tsx --type=js --type=jsx | head -30

Length of output: 27

---

🏁 Script executed:

#!/bin/bash
# Search for cookie/header access patterns
rg -n "cookies\(\)|headers\(\)|searchParams|params" --type=tsx -C2 | head -40

Length of output: 27

---

🏁 Script executed:

#!/bin/bash
# Look for old middleware patterns vs new proxy patterns
rg -n "NextRequest|NextResponse" --type=ts --type=tsx | head -20

Length of output: 27

---

🏁 Script executed:

#!/bin/bash
# Check engines field in package.json for Node/TS requirements
jq '.engines' package.json 2>/dev/null || echo "No engines field"

Length of output: 4

---

🏁 Script executed:

#!/bin/bash
# Check for imports from @next/image or image generation
rg -n "from.*next/image|generateMetadata|generateViewport" --type=ts --type=tsx | head -20

Length of output: 27

---

🏁 Script executed:

#!/bin/bash
# Check if there are build scripts that might be affected
jq '.scripts' package.json 2>/dev/null

Length of output: 267

---

🏁 Script executed:

#!/bin/bash
# Look for any AMP configurations
rq '.amp' next.config.js 2>/dev/null || grep -i "amp" next.config.js 2>/dev/null || echo "No AMP config found"

Length of output: 19

---

🏁 Script executed:

#!/bin/bash
# Check TypeScript version in package.json
jq '.devDependencies.typescript, .dependencies.typescript' package.json

Length of output: 13

---

🏁 Script executed:

#!/bin/bash
# Check Node version requirement
jq '.engines.node' package.json

Length of output: 4

---

🏁 Script executed:

#!/bin/bash
# Get comprehensive package info on versions
jq '{node: .engines.node, typescript: (.devDependencies.typescript // .dependencies.typescript), next: .dependencies.next}' package.json

Length of output: 64

---

🏁 Script executed:

#!/bin/bash
# Search for src directory structure
fd --type f --extension ts --extension tsx --extension js --extension jsx . | head -40

Length of output: 2004

---

🏁 Script executed:

#!/bin/bash
# List directory tree to understand app structure
find . -type d -not -path "*/node_modules/*" -not -path "*/.next/*" -not -path "*/.git/*" | head -30

Length of output: 837

---

🏁 Script executed:

#!/bin/bash
# Check for config patterns that might use removed serverRuntimeConfig
grep -r "serverRuntimeConfig\|publicRuntimeConfig" . --include="*.ts" --include="*.tsx" --include="*.js" --include="*.json" 2>/dev/null | head -10

Length of output: 0

---

🏁 Script executed:

#!/bin/bash
# Search for Next lint configurations or usage
grep -r "next lint" . --include="*.json" --include="*.js" --include="*.config.*" 2>/dev/null

Length of output: 0

---

🏁 Script executed:

#!/bin/bash
# Check package.json for all Next-related deps and their versions
jq '.dependencies, .devDependencies' package.json | grep -i next

Length of output: 162

---

🏁 Script executed:

#!/bin/bash
# Check if there's a vercel.json or deployment config
[ -f vercel.json ] && cat vercel.json || echo "vercel.json not found"

Length of output: 21

---

🏁 Script executed:

#!/bin/bash
# Look for environment configuration files
ls -la | grep -i env

Length of output: 0

---

🏁 Script executed:

#!/bin/bash
# Summary check: are there route handlers that access async APIs?
rg -n "export.*GET|export.*POST|export.*route" --type=ts --type=tsx -A10 | head -50

Length of output: 27

---

🏁 Script executed:

#!/bin/bash
# Check for layout files that might use params
fd -name "layout.tsx" -o -name "layout.ts" -o -name "layout.jsx" -o -name "layout.js" -exec cat {} + 2>/dev/null | head -80

Length of output: 0

---

🏁 Script executed:

#!/bin/bash
# Check for page files that might use params
fd -name "page.tsx" -o -name "page.ts" | head -5 | xargs cat 2>/dev/null | head -60

Length of output: 230

---

🏁 Script executed:

#!/bin/bash
# Look for metadata generation which uses async params
rg -n "generateMetadata|generateViewport|generateStaticParams" --type=ts --type=tsx -B2 -A10 | head -50

Length of output: 27

---

🏁 Script executed:

#!/bin/bash
# Check for imports of cache(), use cache, or related
rg -n "use cache|import.*cache|from.*cache" --type=ts --type=tsx

Length of output: 27

---

🏁 Script executed:

#!/bin/bash
# Final summary: show full package.json for reference
echo "=== Full package.json ===" && cat package.json

Length of output: 3026

---

🏁 Script executed:

#!/bin/bash
# Check if next.config.ts or next.config.js exists
ls -la next.config.* 2>/dev/null || echo "No next.config file found"

Length of output: 62

---

🏁 Script executed:

#!/bin/bash
# Check for any TypeScript errors or configurations
[ -f tsconfig.json ] && jq '.' tsconfig.json 2>/dev/null || echo "No tsconfig.json"

Length of output: 843

---

🏁 Script executed:

#!/bin/bash
# Verify repository root and structure
pwd && ls -la

Length of output: 1850

---

🏁 Script executed:

#!/bin/bash
# Check if there's documentation or migration notes
find . -name "MIGRATION*" -o -name "CHANGELOG*" -o -name "UPGRADE*" 2>/dev/null | head -10

Length of output: 0

---

🏁 Script executed:

#!/bin/bash
# Check tests to understand what features are being used
find . -path "*/test/*" -o -path "*/__tests__/*" -o -path "*.test.ts" | head -20

Length of output: 0

---

🏁 Script executed:

#!/bin/bash
# Get file count by type to understand codebase scope
find . -not -path "*/node_modules/*" -not -path "*/.next/*" -not -path "*/.git/*" -type f | wc -l

Length of output: 3

---

🏁 Script executed:

#!/bin/bash
# Check for image optimization or image component usage
rg -n "new Image|Image\s*from|getImage|<Image" --type=tsx --type=jsx

Length of output: 27

---

🏁 Script executed:

#!/bin/bash
# Look for potentially problematic patterns - synchronous cookies/headers calls
rg -n "cookies\(\)\s*\." --type=ts --type=tsx | head -20

Length of output: 27

---

🏁 Script executed:

#!/bin/bash
# Check for middleware.ts and its patterns
[ -f middleware.ts ] && echo "=== middleware.ts found ===" && cat middleware.ts || echo "middleware.ts not found"

Length of output: 23

---

🏁 Script executed:

#!/bin/bash
# Check if there's a src directory
ls -la src/ 2>/dev/null | head -20 || echo "src/ not found"

Length of output: 0

---

🏁 Script executed:

#!/bin/bash
# Run a final structural check
echo "=== Next.js App Structure ===" && \
([ -d app ] && echo "✓ app router detected" || echo "✗ app router not found") && \
([ -d pages ] && echo "✓ pages router detected" || echo "✗ pages router not found") && \
([ -f middleware.ts ] && echo "✓ middleware.ts found" || echo "✗ middleware.ts not found") && \
([ -f middleware.js ] && echo "✓ middleware.js found" || echo "✗ middleware.js not found")

Length of output: 128

---

🏁 Script executed:

#!/bin/bash
# Check Node and TypeScript versions required
echo "=== Version Requirements ===" && \
jq -r '.engines.node // "not specified"' package.json && \
jq -r '.devDependencies.typescript // .dependencies.typescript // "not specified"' package.json

Length of output: 49

---

🏁 Script executed:

#!/bin/bash
# List all files in root that might contain config/migration info
echo "=== Root Config Files ===" && \
ls -1 *.json *.js *.config.* 2>/dev/null | head -20

Length of output: 143

---

🏁 Script executed:

#!/bin/bash
# Get next.config.ts content to verify turbopack config
cat next.config.ts

Length of output: 873

---

🏁 Script executed:

#!/bin/bash
# Search for params and searchParams usage in layout and page files
find ./app -type f \( -name "layout.tsx" -o -name "page.tsx" \) -exec echo "=== {} ===" \; -exec cat {} \;

Length of output: 8095

---

🏁 Script executed:

#!/bin/bash
# Check API route handlers for patterns
find ./app/api -type f -name "route.ts" -exec echo "=== {} ===" \; -exec cat {} \;

Length of output: 18141

---

Add engines.node field to package.json to specify Next.js 16 compatibility.

Next.js 16 requires Node.js >= 20.9.0, but package.json lacks an engines constraint. This could cause deployment failures on Node 18 runtimes. Add:

"engines": {
  "node": ">=20.9.0"
}

Additionally, review next.config.ts line with experimental.turbopackFileSystemCacheForDev: true—verify this config is still valid in Next.js 16's stable Turbopack release or migrate it per the upgrade guide.

Positive note: The codebase already correctly uses async params patterns (e.g., ./app/(app)/challenges/[id]/page.tsx properly awaits params), so no migration needed there. No middleware, legacy configs, or removed features were detected.

🤖 Prompt for AI Agents

In package.json around line 52, add an "engines" field to require Node >=20.9.0
so Next.js 16 runs on a compatible runtime; update package.json to include
"engines": { "node": ">=20.9.0" }. Also review next.config.ts for the line
setting experimental.turbopackFileSystemCacheForDev: true and either remove or
migrate that setting per the Next.js 16 Turbopack stable docs if it is
deprecated or changed — adjust the config accordingly to match the upgrade
guide.

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between fa476ac and dad5904.

📒 Files selected for processing (1)

• package.json (3 hunks)

🔇 Additional comments (2)

package.json (2)

6-8: ✅ Engines field correctly added.

The engines.node: ">=20.9.0" constraint properly enforces Next.js 16's minimum Node.js requirement. This prevents deployment failures on older runtimes. This directly addresses the prior review concern.

---

20-48: Verify Next.js 16 breaking changes are fully addressed in the codebase.

While the version bump to Next.js 16.0.3 looks good, and TypeScript 5.9.3 meets the >=5.1 requirement, Next.js 16 includes several breaking changes (caching semantics, client router cache defaults, async Request APIs, middleware→proxy pattern changes).

The prior review verified that async params usage is correctly implemented in your app code, but confirm:

1. Client router cache defaults — If your app relies on cached page segments, verify the staleTime = 0 default doesn't break your UX or add unintended refetches.
2. next.config.ts — If you're using experimental.turbopackFileSystemCacheForDev or other experimental flags, review the upgrade guide to ensure they're still valid in Next.js 16's stable Turbopack.
3. Route caching — GET route handlers now default to no caching; if any routes need caching, verify export dynamic = 'force-static' is set.
4. Removed legacy configs — Confirm no usage of removed features (AMP, serverRuntimeConfig/publicRuntimeConfig, deprecated image APIs).

Also applies to: 55-55, 73-91

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

⚠️ React and react-dom canary versions carry stability risk.

Both react and react-dom are pinned to canary versions (19.3.0-canary-eb89912e-20251118). Canary releases are pre-release and unstable; they may introduce breaking changes, performance regressions, or bugs in production. Consider whether a stable React 19 release (when available) is more appropriate for your deployment model.

If the canary is intentional (e.g., for a bleeding-edge experimental project), document this decision and ensure your CI/testing is robust. Otherwise, verify if a stable version exists and consider migrating to it.

Also applies to: 61-61

---

🏁 Script executed:

#!/bin/bash
# Check if there's any README or documentation about React version choice
fd -e md -e txt | head -20 | xargs grep -l "react" -i 2>/dev/null | head -5

Length of output: 0

---

🏁 Script executed:

#!/bin/bash
# Inspect package.json to understand project context and any comments about canary
cat package.json | grep -A5 -B5 "react"

Length of output: 2387

---

🏁 Script executed:

#!/bin/bash
# Check if there are lock files indicating intentional pinning
ls -la package-lock.json yarn.lock pnpm-lock.yaml 2>/dev/null || echo "No lock file found"

Length of output: 84

---

🌐 Web query:

React 19 stable release date status 2025

💡 Result:

React 19 is already stable — it was released (stable) on December 5, 2024. Since then the team published minor 19.x releases in 2025 (19.1 on March 28, 2025 and 19.2 on October 1, 2025). [1][2][3]

Sources:

• React 19 announcement (stable: Dec 5, 2024). [1]
• React releases (19.1 tag, Mar 28, 2025). [2]
• React 19.2 blog post (Oct 1, 2025). [3]

---

🌐 Web query:

Is using React canary version in production acceptable practice

💡 Result:

Short answer: Usually no for general apps — use the Latest (stable) channel for production. Canary is an officially supported pre-release channel intended for framework authors, advanced adopters, and integration testing; it may include breaking changes and must be pinned and handled with extra safeguards if used in production. [1][2][3]

If you still consider running a canary in production, follow these rules:

• Pin the exact canary version (do not float @canary). [3]
• Limit exposure (internal canary, feature flags, small % rollout). [1][3]
• Run full automated and real‑world integration tests and CI cron jobs against new canaries. [1][3]
• Have a tested rollback plan and monitoring/alerting for regressions. [1][2]

Sources: React versioning policy / canary guidance, React blog post on Canaries, React Native release-level notes. [1][3][2]

---

Migrate from React canary to stable React 19.2.

React 19 is stable and was released on December 5, 2024; React 19.2 was released October 1, 2025. The current react and react-dom versions are pinned to a pre-release canary (19.3.0-canary-eb89912e-20251118, dated November 18, 2025).

Canary is an officially supported pre-release channel intended for framework authors, advanced adopters, and integration testing; it may include breaking changes. If running canary in production, exact version pinning is required—but should still be limited in exposure and paired with full automated testing and a rollback plan.

Since stable React 19.2 exists and is more appropriate for production deployments, upgrade to that unless there is a specific technical requirement for the canary (e.g., access to experimental APIs). If canary is necessary, document the decision and ensure all guardrails (comprehensive testing, monitoring, rollback) are in place.

Lines 59, 61: Update "react" and "react-dom" to a stable 19.x release (e.g., "19.2.x" or pinned to "19.2.0").

🤖 Prompt for AI Agents

In package.json around lines 59 and 61, the dependency pins use a React canary
release ("19.3.0-canary-eb89912e-20251118") which should be replaced with a
stable React 19.x release; change both "react" and "react-dom" to a stable 19.2
version (e.g., "19.2.0" or "19.2.x") and update any lockfile/installed deps (run
npm/yarn install) so manifest and lockfile are consistent; if you truly require
the canary, add a short justification comment in the repo docs and ensure
test/rollback guardrails are documented instead of switching to stable.