chore: update package dependencies and configurations

[eliteprox]

Summary

This PR is intended to resolve all npm audit findings which are currently blocking the CI

• Added "analytics": false to nx.json.
• Updated various package versions in package.json and package-lock.json, including:
  • Upgraded @nx packages to version ^22.6.5.
  • Updated vite to version 8.0.8 and @vitejs/plugin-react to version ^6.0.1.
  • Added new dependencies: @rollup/plugin-terser and next at version 15.5.15.
• Removed outdated dependencies and cleaned up package-lock.json for better consistency.

Summary

Changes

• Updated all packages across all plugins

Type

• Feature
• Bug fix
• Refactor
• Documentation
• CI / Tooling
• Plugin (new or update)
• Dependencies

Plugin(s) Affected

Checklist

• Tests pass locally
• Lint passes (npm run lint)
• Build succeeds (npm run build)
• No new lint warnings introduced
• Breaking changes documented below
• Database migration included (if Prisma schema changed)

Breaking Changes

None

Screenshots / Recordings

Summary by CodeRabbit

Release Notes

• Chores

  • Updated build tooling and development dependencies across all frontend applications to improve development experience and build performance.
  • Disabled analytics collection in workspace configuration.

• Security

  • Added HTML sanitization library to enhance security measures.

[vercel]

@eliteprox is attempting to deploy a commit to the Livepeer Foundation Team on Vercel.

A member of the Team first needs to authorize it.

[github-actions]

⚠️ This PR is very large (24394 lines changed). Please split it into smaller, focused PRs if possible.

[coderabbitai]

Caution

Review failed

Pull request was closed or merged during review

📝 Walkthrough

Walkthrough

This PR upgrades frontend build tooling across the monorepo by bumping @vitejs/plugin-react to ^6.0.1 and pinning vite to 8.0.8, updates Nx packages to ^22.6.5, pins vitest to 4.1.4, adds Next.js dependency to multiple packages, updates build overrides, and disables Nx analytics workspace-wide.

Changes

Cohort / File(s)	Summary
Frontend Vite Toolchain apps/web-next/package.json, apps/workflows/*/package.json, examples/*/frontend/package.json, plugins/*/frontend/package.json, plugins/service-gateway/frontend/package.json	Bumped @vitejs/plugin-react from ^4.x.x to ^6.0.1 and pinned vite to 8.0.8 (from semver ranges). Added next@15.5.15 to select frontend packages.
Root Workspace Configuration package.json, nx.json	Updated Nx packages (@nx/js, @nx/node, @nx/react, @nx/vite, @nx/web, nx) from fixed 22.5.3 to ^22.6.5. Added runtime deps: @rollup/plugin-terser@1.0.0, next@15.5.15, vitest@4.1.4. Expanded overrides to pin esbuild, vite, vitest. Bumped minimatch and eslint packages to 10.2.5. Disabled analytics in nx.json.
Build & SDK Packages packages/plugin-build/package.json, packages/plugin-sdk/package.json	Updated Vite toolchain (@vitejs/plugin-react to ^6.0.1, vite to 8.0.8). Added @nx/react, @nx/vite, next@15.5.15, vite. Bumped @rollup/plugin-terser to ^1.0.0.
Backend Services examples/daydream-video/backend/package.json, plugins/service-gateway/backend/package.json, services/infrastructure-svc/package.json	Added build tooling and dependencies (@nx/react, @nx/vite, @rollup/plugin-terser, next, vite). Pinned vitest to 4.1.4. Updated vite to 8.0.8 in infrastructure service.
Web-Next Dependency Reordering apps/web-next/package.json	Moved dompurify within dependencies (no version change). Updated next from 15.5.12 to ^15.5.15.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

• chore(deps): resolve npm audit findings #138: Modifies repository-wide package.json dependency overrides and upgrades dev/tooling dependencies (Vite/Vitest), directly overlapping scope.
• fix: example plugin migration, quality gates, and devx improvements #122: Updates the same package.json files across examples and packages with dependency/devDependency changes.
• feat(admin): configurable core plugins with auto-install #42: Overlaps on Vitest, Vite, @vitejs/plugin-react, and Next.js version upgrades across packages.

Suggested labels

scope/packages, scope/infra, size/XL

Suggested reviewers

• seanhanca

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'chore: update package dependencies and configurations' directly summarizes the main changes, which involve updating dependencies across multiple package.json files and adding a configuration setting to nx.json.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}