Skip to content

chore(deps): update all non-major dependencies #65

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
renovate merged 1 commit into from
Jun 15, 2026
Merged

chore(deps): update all non-major dependencies #65

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 9 additions & 9 deletions package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,18 +35,18 @@
},
"devDependencies": {
"@playwright/test": "^1.60.0",
"@rsbuild/core": "^2.0.9",
"@rsbuild/core": "^2.0.14",
"@rsbuild/plugin-react": "^2.0.1",
"@rsbuild/plugin-type-check": "^1.3.5",
"@rslib/core": "^0.22.0",
"@rsbuild/plugin-type-check": "^1.4.0",
"@rslib/core": "^0.22.1",
"@rslint/core": "^0.6.1",
Comment on lines +38 to +42

@coderabbitai coderabbitai Bot Jun 14, 2026

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Description: Verify that the Rsbuild-related package versions exist on npm registry.

for pkg_ver in "`@rsbuild/core`@2.0.14" "`@rsbuild/plugin-type-check`@1.4.0" "`@rslib/core`@0.22.1" "`@rslint/core`@0.6.1"; do
  echo "Checking $pkg_ver..."
  curl -sL "https://registry.npmjs.org/${pkg_ver%@*}" | jq -e ".versions.\"${pkg_ver#*@}\"" > /dev/null
  if [ $? -eq 0 ]; then
    echo "$pkg_ver exists"
  else
    echo "$pkg_ver NOT FOUND"
  fi
done

Repository: rstackjs/rsbuild-plugin-source-build

Length of output: 360

🏁 Script executed:

#!/bin/bash
# Description: Check for security advisories on Rsbuild-related packages.

for pkg in "`@rsbuild/core`" "`@rsbuild/plugin-type-check`" "`@rslib/core`" "`@rslint/core`"; do
  echo "Checking advisories for $pkg..."
  gh api graphql -f query="
  {
    securityVulnerabilities(first: 5, ecosystem: NPM, package: \"$pkg\") {
      nodes {
        advisory {
          summary
          severity
          publishedAt
        }
        vulnerableVersionRange
        firstPatchedVersion {
          identifier
        }
      }
    }
  }" | jq '.data.securityVulnerabilities.nodes'
done

Repository: rstackjs/rsbuild-plugin-source-build

Length of output: 448

🏁 Script executed:

cat package.json | grep -A 5 '"`@rsbuild/core`"'

Repository: rstackjs/rsbuild-plugin-source-build

Length of output: 475

🏁 Script executed:

#!/bin/bash
# Check what versions actually exist for these packages
for pkg in "`@rsbuild/core`" "`@rsbuild/plugin-type-check`" "`@rslib/core`" "`@rslint/core`"; do
  echo "=== Latest versions for $pkg ==="
  curl -sL "https://registry.npmjs.org/$pkg" | jq '.versions | keys[-5:]'
done

Repository: rstackjs/rsbuild-plugin-source-build

Length of output: 508

Fix non-existent package versions in devDependencies.

Verification reveals critical issues with pinned versions:

  • @rsbuild/core@2.0.14 does not exist on npm; latest available is 2.0.9
  • @rslib/core@0.22.1 does not exist on npm; latest available is 0.9.2 (verify this is the correct package)
  • @rsbuild/plugin-type-check@1.4.0 exists ✓
  • @rslint/core@0.6.1 exists ✓

Installation will fail with the non-existent versions. Downgrade @rsbuild/core to 2.0.9 and correct @rslib/core (verify the intended version and package name).

🤖 Prompt for AI Agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@package.json` around lines 38 - 42, Update the devDependencies in
package.json to use existing package versions. Downgrade `@rsbuild/core` from
^2.0.14 to ^2.0.9 since version 2.0.14 does not exist on npm. For `@rslib/core`,
verify the correct package name and intended version (the current version 0.22.1
does not exist; the latest available is 0.9.2), then update it to the correct
version. The other packages `@rsbuild/plugin-type-check` and `@rslint/core` are
correctly specified and require no changes.

"@types/node": "^24.12.4",
"@types/react": "^19.2.15",
"@types/node": "^24.13.2",
"@types/react": "^19.2.17",
Comment on lines +43 to +44

@coderabbitai coderabbitai Bot Jun 14, 2026

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Description: Verify that the type definitions and formatter package versions exist on npm registry.

for pkg_ver in "`@types/node`@24.13.2" "`@types/react`@19.2.17" "prettier@3.8.4"; do
  echo "Checking $pkg_ver..."
  curl -sL "https://registry.npmjs.org/${pkg_ver%@*}" | jq -e ".versions.\"${pkg_ver#*@}\"" > /dev/null
  if [ $? -eq 0 ]; then
    echo "$pkg_ver exists"
  else
    echo "$pkg_ver NOT FOUND"
  fi
done

Repository: rstackjs/rsbuild-plugin-source-build

Length of output: 261

🏁 Script executed:

#!/bin/bash
# Description: Check for security advisories on type definitions and formatter packages.

for pkg in "`@types/node`" "`@types/react`" "prettier"; do
  echo "Checking advisories for $pkg..."
  gh api graphql -f query="
  {
    securityVulnerabilities(first: 5, ecosystem: NPM, package: \"$pkg\") {
      nodes {
        advisory {
          summary
          severity
          publishedAt
        }
        vulnerableVersionRange
        firstPatchedVersion {
          identifier
        }
      }
    }
  }" | jq '.data.securityVulnerabilities.nodes'
done

Repository: rstackjs/rsbuild-plugin-source-build

Length of output: 345

@types/node@24.13.2 and @types/react@19.2.17 do not exist on the npm registry.

The version bumps for @types/node and @types/react reference versions that are not available. Verify the actual latest available versions for these packages and update accordingly. prettier@3.8.4 exists and is valid.

🤖 Prompt for AI Agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@package.json` around lines 43 - 44, The versions specified for `@types/node`
and `@types/react` in package.json do not exist on the npm registry. Look up the
actual latest available versions for both `@types/node` and `@types/react` packages
on npm, and update the version numbers in package.json lines 43-44 to match the
valid versions that are currently available. Verify the updated versions are
correct before committing.

"@types/react-dom": "^19.2.3",
"playwright": "^1.60.0",
"prettier": "^3.8.3",
"react": "^19.2.6",
"react-dom": "^19.2.6",
"prettier": "^3.8.4",
"react": "^19.2.7",
"react-dom": "^19.2.7",
"simple-git-hooks": "^2.13.1",
"typescript": "6.0.3"
},
Expand All @@ -58,7 +58,7 @@
"optional": true
}
},
"packageManager": "pnpm@11.5.0",
"packageManager": "pnpm@11.6.0",
"publishConfig": {
"access": "public",
"registry": "https://registry.npmjs.org/"
Expand Down
Loading