chore: pin pages-components to 2.0.2

[asanehisa]

I don't think we want to upgrade mapbox yet til every part of it is ready. See: https://yext.slack.com/archives/C02UVSE7P6W/p1773854139855149?thread_ts=1773334309.653709&cid=C02UVSE7P6W

[coderabbitai]

Walkthrough

The pull request updates version constraints for the @yext/pages-components dependency across two package.json files. In packages/visual-editor/package.json, the peerDependencies constraint changes from a caret range (^2.0.2) to an exact version (2.0.2). Similarly, in starter/package.json, the devDependencies constraint for the same package is updated from a caret range to an exact version. This change pins the dependency to a specific version, preventing automatic minor and patch version upgrades during installation.

Possibly related PRs

• chore: update pages-components to 1.2.x #961: Modifies the same @yext/pages-components dependency entries in both package.json files with similar version specifier changes
• chore: update pages-components #977: Updates @yext/pages-components dependency declaration in packages/visual-editor/package.json with version constraint modifications
• chore: upgrade pages-components to 1.1.16 #918: Changes the version constraint for @yext/pages-components in the same package.json entries by pinning exact versions instead of using caret ranges

Suggested reviewers

• mkilpatrick
• briantstephan
• colton-demetriou

🚥 Pre-merge checks | ✅ 2

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'chore: pin pages-components to 2.0.2' clearly and concisely describes the main change of pinning the dependency to an exact version.
Description check	✅ Passed	The description explains the rationale for pinning the dependency, stating the intent to avoid upgrading Mapbox until all parts are ready.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch package

📝 Coding Plan

• Generate coding plan for human review comments

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

Tip

Migrating from UI to YAML configuration.

Use the @coderabbitai configuration command in a PR comment to get a dump of all your UI settings in YAML format. You can then edit this YAML file and upload it to the root of your repository to configure CodeRabbit programmatically.

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

starter/package.json (1)

56-56: Consider using tilde range to allow patch updates in devDependencies.

Exact pinning (2.0.2) prevents all patch updates, including potential security fixes and bug fixes for 2.0.x releases. If the intent is to avoid minor version changes (e.g., to block breaking changes in 2.1.0+), use ~2.0.2 instead, which allows patch updates while preventing minor and major version bumps.

♻️ Proposed alternative using tilde range

-    "@yext/pages-components": "2.0.2",
+    "@yext/pages-components": "~2.0.2",

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@starter/package.json` at line 56, The dependency "@yext/pages-components" is
pinned to an exact version "2.0.2" which prevents patch updates; change its
entry in package.json to use a tilde range (~2.0.2) so patch releases (2.0.x)
are allowed while still blocking minor/major bumps—update the devDependencies
entry for "@yext/pages-components" accordingly and run your lockfile update
(npm/yarn/pnpm install) to refresh the lockfile.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@packages/visual-editor/package.json`:
- Line 156: The peerDependency "@yext/pages-components" is pinned to an exact
version ("2.0.2") which can cause install conflicts; update the package.json
peerDependencies entry for "@yext/pages-components" to allow patch updates but
block 2.1+ (e.g., use a tilde range "~2.0.2" or an explicit range ">=2.0.2
<2.1.0") so consumers can receive patch/bugfix releases without permitting a
minor version upgrade.

---

Nitpick comments:
In `@starter/package.json`:
- Line 56: The dependency "@yext/pages-components" is pinned to an exact version
"2.0.2" which prevents patch updates; change its entry in package.json to use a
tilde range (~2.0.2) so patch releases (2.0.x) are allowed while still blocking
minor/major bumps—update the devDependencies entry for "@yext/pages-components"
accordingly and run your lockfile update (npm/yarn/pnpm install) to refresh the
lockfile.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: fffa6933-b947-4588-82b4-762dae4a68b4

📥 Commits

Reviewing files that changed from the base of the PR and between e9a0275 and 8301451.

⛔ Files ignored due to path filters (1)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (2)

• packages/visual-editor/package.json
• starter/package.json