Skip to content

Develop#58

Merged
FrancoStino merged 16 commits into
mainfrom
develop
Jun 30, 2026
Merged

Develop#58
FrancoStino merged 16 commits into
mainfrom
develop

Conversation

@FrancoStino

@FrancoStino FrancoStino commented Jun 30, 2026

Copy link
Copy Markdown
Owner

Summary by cubic

Updated axios to 1.18.1 and refreshed build tooling to keep dependencies current and builds stable. Bumped webpack to 5.108.3, webpack-cli to 7.1.0, eslint to 10.6.0, @types/node to 26.0.1, and ts-loader to 9.6.1; updated yarn.lock.

Written for commit 6cd4bfe. Summary will update on new commits.

Review in cubic

Greptile Summary

This PR bumps several dependencies to their latest available versions, updating both package.json and the yarn.lock lockfile consistently.

  • axios 1.17.0 → 1.18.1, eslint 10.5.0 → 10.6.0, ts-loader 9.6.0 → 9.6.1, webpack 5.107.2 → 5.108.3, webpack-cli 7.0.3 → 7.1.0 — routine minor/patch bumps in both runtime and dev tools.
  • @types/node jumps a full major version from ^25.9.3 to ^26.0.1, pulling in a new undici-types ~8.3.0 transitive dependency and swapping the upstream minifier from terser-webpack-plugin to minimizer-webpack-plugin inside webpack's own dependency graph.

Confidence Score: 4/5

Safe to merge; all bumps are minor/patch except @types/node which jumps a major version and may need a TypeScript compile check before landing.

The six dependency bumps are straightforward and the lockfile is internally consistent. The one area that deserves a look is @types/node moving from ^25 to ^26: if any source file uses a Node.js API whose type signature changed between those two major releases, TypeScript will fail to compile. Because the project has no automated test script, there is no CI gate that would catch a compile regression before merge.

No files require special attention beyond a manual yarn tsc --noEmit check to confirm the @types/node v26 types are compatible with existing source files.

Important Files Changed

Filename Overview
package.json Six dependency version bumps; @types/node crosses a major version boundary (25→26) which could surface TypeScript type errors if any consumed Node.js APIs changed in v26 types.
yarn.lock Lockfile updated consistently with package.json; terser-webpack-plugin replaced by minimizer-webpack-plugin in webpack's dep graph, glob-to-regexp removed from watchpack and webpack, registry URLs for some packages switched from npmjs.org to yarnpkg.com (mirror, no impact).

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[package.json changes] --> B[Runtime deps]
    A --> C[Dev deps]
    B --> D["axios 1.17.0 → 1.18.1"]
    C --> E["@types/node 25.9.3 → 26.0.1 ⚠️ major"]
    C --> F["eslint 10.5.0 → 10.6.0"]
    C --> G["ts-loader 9.6.0 → 9.6.1"]
    C --> H["webpack 5.107.2 → 5.108.3"]
    C --> I["webpack-cli 7.0.3 → 7.1.0"]
    E --> J["undici-types 7.x → 8.3.x (transitive)"]
    H --> K["minimizer-webpack-plugin 5.6.1 replaces terser-webpack-plugin"]
    H --> L["glob-to-regexp removed from dep graph"]
Loading
%%{init: {'theme': 'base', 'themeVariables': {"darkMode": true, "background": "#0d1117", "primaryColor": "#21262d", "primaryTextColor": "#e6edf3", "primaryBorderColor": "#8b949e", "lineColor": "#8b949e", "textColor": "#e6edf3", "edgeLabelBackground": "#161b22", "actorBkg": "#21262d", "actorBorder": "#8b949e", "actorTextColor": "#e6edf3", "actorLineColor": "#8b949e", "signalColor": "#8b949e", "signalTextColor": "#e6edf3", "noteBkgColor": "#373320", "noteBorderColor": "#d4a72c", "noteTextColor": "#f0e6c0", "labelBoxBkgColor": "#21262d", "labelBoxBorderColor": "#8b949e", "labelTextColor": "#e6edf3", "loopTextColor": "#e6edf3", "activationBkgColor": "#30363d", "activationBorderColor": "#8b949e"}}}%%
flowchart TD
    A[package.json changes] --> B[Runtime deps]
    A --> C[Dev deps]
    B --> D["axios 1.17.0 → 1.18.1"]
    C --> E["@types/node 25.9.3 → 26.0.1 ⚠️ major"]
    C --> F["eslint 10.5.0 → 10.6.0"]
    C --> G["ts-loader 9.6.0 → 9.6.1"]
    C --> H["webpack 5.107.2 → 5.108.3"]
    C --> I["webpack-cli 7.0.3 → 7.1.0"]
    E --> J["undici-types 7.x → 8.3.x (transitive)"]
    H --> K["minimizer-webpack-plugin 5.6.1 replaces terser-webpack-plugin"]
    H --> L["glob-to-regexp removed from dep graph"]
Loading

Fix All in Devin

Reviews (1): Last reviewed commit: "Merge pull request #57 from FrancoStino/..." | Re-trigger Greptile

Greptile also left 1 inline comment on this PR.

dependabot Bot and others added 16 commits June 20, 2026 07:22
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 25.9.3 to 26.0.0.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-version: 26.0.0
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Bumps [axios](https://github.com/axios/axios) from 1.17.0 to 1.18.0.
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.17.0...v1.18.0)

---
updated-dependencies:
- dependency-name: axios
  dependency-version: 1.18.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Bumps [ts-loader](https://github.com/TypeStrong/ts-loader) from 9.6.0 to 9.6.1.
- [Release notes](https://github.com/TypeStrong/ts-loader/releases)
- [Changelog](https://github.com/TypeStrong/ts-loader/blob/main/CHANGELOG.md)
- [Commits](TypeStrong/ts-loader@v9.6.0...v9.6.1)

---
updated-dependencies:
- dependency-name: ts-loader
  dependency-version: 9.6.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
…op/axios-1.18.0

chore(deps): bump axios from 1.17.0 to 1.18.0
…op/types/node-26.0.0

chore(deps-dev): bump @types/node from 25.9.3 to 26.0.0
…op/ts-loader-9.6.1

chore(deps-dev): bump ts-loader from 9.6.0 to 9.6.1
Bumps [axios](https://github.com/axios/axios) from 1.18.0 to 1.18.1.
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.18.0...v1.18.1)

---
updated-dependencies:
- dependency-name: axios
  dependency-version: 1.18.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Bumps [webpack-cli](https://github.com/webpack/webpack-cli) from 7.0.3 to 7.1.0.
- [Release notes](https://github.com/webpack/webpack-cli/releases)
- [Changelog](https://github.com/webpack/webpack-cli/blob/main/CHANGELOG.md)
- [Commits](https://github.com/webpack/webpack-cli/compare/webpack-cli@7.0.3...webpack-cli@7.1.0)

---
updated-dependencies:
- dependency-name: webpack-cli
  dependency-version: 7.1.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Bumps [eslint](https://github.com/eslint/eslint) from 10.5.0 to 10.6.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Commits](eslint/eslint@v10.5.0...v10.6.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-version: 10.6.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 26.0.0 to 26.0.1.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-version: 26.0.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
…op/axios-1.18.1

chore(deps): bump axios from 1.18.0 to 1.18.1
…op/webpack-cli-7.1.0

chore(deps-dev): bump webpack-cli from 7.0.3 to 7.1.0
…op/eslint-10.6.0

chore(deps-dev): bump eslint from 10.5.0 to 10.6.0
…op/types/node-26.0.1

chore(deps-dev): bump @types/node from 26.0.0 to 26.0.1
Bumps [webpack](https://github.com/webpack/webpack) from 5.107.2 to 5.108.3.
- [Release notes](https://github.com/webpack/webpack/releases)
- [Changelog](https://github.com/webpack/webpack/blob/main/CHANGELOG.md)
- [Commits](webpack/webpack@v5.107.2...v5.108.3)

---
updated-dependencies:
- dependency-name: webpack
  dependency-version: 5.108.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
…op/webpack-5.108.1

chore(deps-dev): bump webpack from 5.107.2 to 5.108.3
@FrancoStino FrancoStino self-assigned this Jun 30, 2026
@vercel

vercel Bot commented Jun 30, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
github-contribution-card Ready Ready Preview, Comment Jun 30, 2026 7:31am

@snyk-io

snyk-io Bot commented Jun 30, 2026

Copy link
Copy Markdown

Snyk checks have passed. No issues have been found so far.

Status Scan Engine Critical High Medium Low Total (0)
Open Source Security 0 0 0 0 0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

@coderabbitai

coderabbitai Bot commented Jun 30, 2026

Copy link
Copy Markdown

Review Change Stack

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: cf539dfd-8805-44fc-979c-8ea3a1991c7a

📥 Commits

Reviewing files that changed from the base of the PR and between 40d6c39 and 6cd4bfe.

⛔ Files ignored due to path filters (1)
  • yarn.lock is excluded by !**/yarn.lock, !**/*.lock
📒 Files selected for processing (1)
  • package.json
📜 Recent review details
⏰ Context from checks skipped due to timeout. (2)
  • GitHub Check: cubic · AI code reviewer
  • GitHub Check: Greptile Review
🔇 Additional comments (2)
package.json (2)

27-27: LGTM!


42-53: 🩺 Stability & Availability

No change needed.


📝 Walkthrough

Summary by CodeRabbit

  • Chores
    • Updated several project dependencies and development tools to newer versions.
    • Included minor version bumps for networking, typing, linting, and build tooling packages.

Walkthrough

Six dependency version pins in package.json are incremented: axios from ^1.17.0 to ^1.18.1, and @types/node, eslint, ts-loader, webpack, and webpack-cli to their respective newer versions.

Changes

Dependency Version Bumps

Layer / File(s) Summary
Dependency version bumps
package.json
axios bumped to ^1.18.1; @types/node, eslint, ts-loader, webpack, and webpack-cli each incremented to newer versions.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Poem

A hop, a skip, versions anew,
axios leaps past 1.17 too,
webpack and eslint follow the trail,
ts-loader hops without fail.
🐇 All bumped up, fresh as morning dew!

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name Status Explanation Resolution
Title check ❓ Inconclusive The title is too generic and does not describe the dependency update changes. Rename it to a concise summary like 'Update axios and build tooling dependencies'.
✅ Passed checks (4 passed)
Check name Status Explanation
Description check ✅ Passed The description matches the dependency and tooling version bumps in the changeset.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch develop
✨ Simplify code
  • Create PR with simplified code
  • Commit simplified code in branch develop

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

Comment thread package.json
"devDependencies": {
"@types/express": "^5.0.6",
"@types/node": "^25.9.3",
"@types/node": "^26.0.1",

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 @types/node crosses a major version boundary without a compile check

The bump from ^25.9.3 to ^26.0.1 is a full major-version jump in the Node type definitions. If any source file calls a Node.js API whose signature changed between @types/node v25 and v26 (e.g. renamed overloads in fs, stream, or http), TypeScript compilation will break silently from a reviewer's perspective because the project's test script is a no-op placeholder. Running yarn tsc --noEmit before merging would confirm compatibility.

Note: If this suggestion doesn't match your team's coding style, reply to this and let me know. I'll remember it for next time!

Fix in Devin

@cubic-dev-ai cubic-dev-ai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

1 issue found across 2 files

Prompt for AI agents (unresolved issues)

Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.


<file name="package.json">

<violation number="1" location="package.json:42">
P2: `@types/node` crosses a major version boundary (v25 → v26) without a compile check. v26 includes breaking changes across many modules (crypto, fs, stream, child_process, buffer, http, etc.), removes deprecated interfaces, changes buffer input types, and requires TypeScript ≥5.6. Since the project's `test` script doesn't run `tsc`, type incompatibilities introduced by this bump won't be caught before merge. Consider running `yarn tsc --noEmit` to confirm compatibility.</violation>
</file>

Shadow auto-approve: would not auto-approve because issues were found.

Re-trigger cubic

Comment thread package.json
"devDependencies": {
"@types/express": "^5.0.6",
"@types/node": "^25.9.3",
"@types/node": "^26.0.1",

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2: @types/node crosses a major version boundary (v25 → v26) without a compile check. v26 includes breaking changes across many modules (crypto, fs, stream, child_process, buffer, http, etc.), removes deprecated interfaces, changes buffer input types, and requires TypeScript ≥5.6. Since the project's test script doesn't run tsc, type incompatibilities introduced by this bump won't be caught before merge. Consider running yarn tsc --noEmit to confirm compatibility.

Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At package.json, line 42:

<comment>`@types/node` crosses a major version boundary (v25 → v26) without a compile check. v26 includes breaking changes across many modules (crypto, fs, stream, child_process, buffer, http, etc.), removes deprecated interfaces, changes buffer input types, and requires TypeScript ≥5.6. Since the project's `test` script doesn't run `tsc`, type incompatibilities introduced by this bump won't be caught before merge. Consider running `yarn tsc --noEmit` to confirm compatibility.</comment>

<file context>
@@ -39,17 +39,17 @@
   "devDependencies": {
     "@types/express": "^5.0.6",
-    "@types/node": "^25.9.3",
+    "@types/node": "^26.0.1",
     "@vercel/node": "^5.8.17",
     "concurrently": "^10.0.3",
</file context>

@FrancoStino FrancoStino merged commit c6933e8 into main Jun 30, 2026
10 checks passed
@sonarqubecloud

Copy link
Copy Markdown

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant