chore: update npm packages to outdated wanted versions#1501
chore: update npm packages to outdated wanted versions#1501
Conversation
There was a problem hiding this comment.
Pull request overview
Updates selected npm dependencies (Angular build tooling, Angular ESLint, Storybook addons, TypeScript ESLint, and Node types) to newer “wanted” versions, reflected in both package.json and the generated package-lock.json.
Changes:
- Bump Angular CLI/build tooling packages to 21.2.5 and refresh lockfile transitive deps (e.g., devkit/core, picomatch).
- Update Angular ESLint packages to 21.3.1 and TypeScript ESLint packages to 8.58.0.
- Update Storybook addons (and related lockfile deps) to 10.3.3.
Reviewed changes
Copilot reviewed 1 out of 2 changed files in this pull request and generated 3 comments.
| File | Description |
|---|---|
| package.json | Updates declared devDependency version ranges for Angular tooling, Angular ESLint, Storybook addons, Node typings, and TS ESLint. |
| package-lock.json | Regenerates the lockfile to reflect the bumped versions and their updated dependency graphs. |
| "@storybook/addon-docs": "^10.3.3", | ||
| "@storybook/addon-links": "^10.3.3", | ||
| "@storybook/angular": "^10.2.10", | ||
| "@types/jasmine": "4.3.0", |
There was a problem hiding this comment.
Storybook packages are now a mix of declared versions: addon-docs/addon-links/eslint-plugin-storybook are bumped to 10.3.3, but @storybook/angular is still declared as ^10.2.10 (and storybook itself is still ^10.2.10 later in this file). Since the lockfile is already resolving Storybook to 10.3.3, it would be clearer and reduce re-lock/peer-dep drift to bump @storybook/angular and storybook to ^10.3.3 as well (keeping the Storybook suite on the same patch).
| "devDependencies": { | ||
| "@angular-devkit/build-angular": "^21.2.4", | ||
| "@angular-devkit/build-angular": "^21.2.5", | ||
| "@angular-eslint/builder": "^21.3.0", |
There was a problem hiding this comment.
@angular-eslint/builder is still declared as ^21.3.0 while the other @angular-eslint packages were bumped to ^21.3.1 (and the lockfile resolves builder to 21.3.1). Consider bumping @angular-eslint/builder to ^21.3.1 too so the Angular ESLint toolchain is version-aligned.
| "@angular-eslint/builder": "^21.3.0", | |
| "@angular-eslint/builder": "^21.3.1", |
| "@angular-devkit/build-angular": "^21.2.5", | ||
| "@angular-eslint/builder": "^21.3.0", | ||
| "@angular-eslint/eslint-plugin": "^21.3.0", | ||
| "@angular-eslint/eslint-plugin-template": "^21.3.0", | ||
| "@angular-eslint/template-parser": "^21.3.0", | ||
| "@angular/build": "^21.2.4", | ||
| "@angular/cli": "^21.2.4", | ||
| "@angular-eslint/eslint-plugin": "^21.3.1", | ||
| "@angular-eslint/eslint-plugin-template": "^21.3.1", | ||
| "@angular-eslint/template-parser": "^21.3.1", | ||
| "@angular/build": "^21.2.5", | ||
| "@angular/cli": "^21.2.5", |
There was a problem hiding this comment.
Angular tooling versions are now out of sync with each other and with the already-installed Angular framework patch level: @angular-devkit/build-angular/@angular/build/@angular/cli are bumped to 21.2.5, but package.json still pins @angular-devkit/architect (0.2102.4) and @angular-devkit/core (21.2.4) in dependencies, while most @angular/* packages are 21.2.6. This mismatch is causing multiple copies of @angular-devkit/* in the lockfile and can lead to subtle toolchain incompatibilities; align these versions (or move/remove the devkit packages from runtime dependencies if they’re not needed at runtime).
For code author
What does this PR do?
Why do we want to do that?
What are the high level changes?
What other information should the reviewer be aware of when looking at this code?
Checklist