Skip to content

chore(deps): Bump @tanstack/react-query from 5.90.12 to 5.90.14 #243

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
mchestr merged 1 commit into from
Dec 30, 2025
Merged

chore(deps): Bump @tanstack/react-query from 5.90.12 to 5.90.14 #243

mchestr merged 1 commit into from
Dec 30, 2025

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 29, 2025
edited
Loading

Bumps @tanstack/react-query from 5.90.12 to 5.90.14.

Release notes

Sourced from @​tanstack/react-query's releases.

@​tanstack/react-query-persist-client@​5.90.14

Patch Changes

  • Updated dependencies []:
    • @​tanstack/query-persist-client-core@​5.91.11
    • @​tanstack/react-query@​5.90.12

@​tanstack/react-query@​5.90.14

Patch Changes

  • Updated dependencies [d576092]:
    • @​tanstack/query-core@​5.90.14

@​tanstack/react-query-persist-client@​5.90.13

Patch Changes

  • Updated dependencies [c01b150]:
    • @​tanstack/react-query@​5.90.11
    • @​tanstack/query-persist-client-core@​5.91.10
Changelog

Sourced from @​tanstack/react-query's changelog.

5.90.14

Patch Changes

  • Updated dependencies [d576092]:
    • @​tanstack/query-core@​5.90.14

5.90.13

Patch Changes

  • Updated dependencies [4a0a78a]:
    • @​tanstack/query-core@​5.90.13
Commits
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​tanstack/react-query since your current version.


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@mchestr
Copy link
Owner

mchestr commented Dec 30, 2025

@dependabot rebase

@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/tanstack/react-query-5.90.14 branch from 567e247 to 27b1553 Compare December 30, 2025 04:20
@mchestr mchestr force-pushed the dependabot/npm_and_yarn/tanstack/react-query-5.90.14 branch from 27b1553 to 450282e Compare December 30, 2025 04:24
@claude
Copy link

claude bot commented Dec 30, 2025
edited
Loading

Claude finished @dependabot[bot]'s task in 2m 7s —— View job

PR Review Complete ✅

Tasks

  • Read package.json to understand React Query usage
  • Review the PR diff changes
  • Check for React Query usage patterns in codebase
  • Verify test coverage exists
  • Review release notes and changelog
  • Post review feedback via gh pr comment

Review Summary

I've completed a comprehensive review of this Dependabot PR that updates @tanstack/react-query from 5.90.12 to 5.90.15.

Key Findings:

  • ✅ Safe patch-level update with no breaking changes
  • ✅ Minimal React Query usage in codebase (1 component + provider)
  • ✅ Excellent test coverage for the component using React Query
  • ✅ No security concerns or performance impact
  • ✅ All current usage patterns remain compatible

Minor Note: PR title mentions 5.90.14, but actual update is to 5.90.15 (likely due to rebase after PR creation).

Recommendation: Safe to merge after CI passes. This is routine dependency maintenance.

Full review posted here

@claude
Copy link

claude bot commented Dec 30, 2025

Code Review: React Query Dependency Update

Summary

Approval Recommended - This is a safe patch-level dependency update with no breaking changes.

Changes Reviewed

  • Version Update: @tanstack/react-query from 5.90.12 → 5.90.15
  • Files Changed:
    • package.json: Version bump
    • package-lock.json: Lockfile update with integrity hashes

What Changed (5.90.13 → 5.90.15)

Based on the release notes, these three patch versions include:

  • Internal updates to @tanstack/query-core dependency
  • Test improvements for SSR scenarios (useIsFetching SSR tests)
  • Test enhancements for HydrationBoundary edge cases
  • Infrastructure change: Move to trusted npm publishing
  • No breaking changes, no API modifications, no behavioral changes

Code Quality Assessment

✅ Current React Query Usage

The codebase has minimal, well-structured React Query usage:

  1. Provider Setup (lib/providers.tsx)

    • Proper QueryClient instantiation with stable reference
    • Sensible defaults: 60s staleTime, disabled refetch on window focus
    • Correctly wrapped in SessionProvider and ToastProvider

  2. Client Component (components/admin/users/user-activity-timeline.tsx)

    • Clean useQuery implementation with proper queryKey structure
    • Appropriate error and loading state handling
    • Good use of initialData for SSR/initial render optimization

  3. Test Coverage (components/__tests__/user-activity-timeline.test.tsx)

    • Comprehensive test suite (360 lines)
    • Proper QueryClient mocking with retry disabled
    • Tests for pagination, rendering, state badges, and error cases
    • Follows project's data-testid convention

Security Review

✅ No security concerns:

  • Dependency comes from official TanStack registry
  • Integrity hashes present in package-lock.json
  • No known vulnerabilities in these versions

Performance Considerations

✅ No performance impact:

  • Patch updates typically include only bug fixes and internal improvements
  • No API surface changes that would affect rendering or query behavior

Compatibility

✅ Fully compatible:

  • The existing code uses basic React Query features (useQuery, QueryClient)
  • All current usage patterns remain valid
  • Test suite should pass without modifications

Recommendations

  1. Version Mismatch in PR Title: Minor issue - the PR title mentions 5.90.14 but the actual update is to 5.90.15. This is likely because Dependabot created the PR for .14 but then rebased, picking up .15. Not a blocker.

  2. Testing: Run the existing test suite to verify compatibility

  3. Merge Strategy: Safe to merge after CI passes. This is a routine dependency maintenance update.

Final Verdict

✅ LGTM - This is a clean, safe dependency update. The codebase's limited use of React Query means there's minimal surface area for issues, and the comprehensive test coverage provides good regression protection.

Review completed by Claude Code

@mchestr
Copy link
Owner

mchestr commented Dec 30, 2025

@dependabot rebase

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 30, 2025

Looks like this PR has been edited by someone other than Dependabot. That means Dependabot can't rebase it - sorry!

If you're happy for Dependabot to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

@mchestr
Copy link
Owner

mchestr commented Dec 30, 2025

@dependabot recreate

@dependabot
chore(deps): Bump @tanstack/react-query from 5.90.12 to 5.90.14
7e31a35 
Bumps [@tanstack/react-query](https://github.com/TanStack/query/tree/HEAD/packages/react-query) from 5.90.12 to 5.90.14.
- [Release notes](https://github.com/TanStack/query/releases)
- [Changelog](https://github.com/TanStack/query/blob/main/packages/react-query/CHANGELOG.md)
- [Commits](https://github.com/TanStack/query/commits/@tanstack/react-query@5.90.14/packages/react-query)

---
updated-dependencies:
- dependency-name: "@tanstack/react-query"
  dependency-version: 5.90.14
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/tanstack/react-query-5.90.14 branch from 450282e to 7e31a35 Compare December 30, 2025 04:53
@mchestr mchestr merged commit bc44554 into main Dec 30, 2025
6 checks passed
@mchestr mchestr deleted the dependabot/npm_and_yarn/tanstack/react-query-5.90.14 branch December 30, 2025 05:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies npm

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@mchestr