Skip to content

chore(webui): Bump react-syntax-highlighter and vite to their latest patch versions. #1328

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

chore(webui): Bump react-syntax-highlighter and vite to their latest patch versions. #1328

wants to merge 3 commits into from

Conversation

hoophalab
Copy link
Contributor

@hoophalab hoophalab commented Sep 24, 2025
edited by coderabbitai bot
Loading

Description

This PR bump react-syntax-highlighter and vite to their latest patch versions.
This resolves dependabot security alerts.

Checklist

  • The PR satisfies the contribution guidelines.
  • This is a breaking change and that has been indicated in the PR title, OR this isn't a
    breaking change.
  • Necessary docs have been updated, OR no docs need to be updated.

Validation performed

  1. client builds
  2. syntax highlighter looks the same as before
  3. search works

Summary by CodeRabbit

  • New Features
    • No user-facing features added.
  • Bug Fixes
    • No direct bug fixes included.
  • Chores
    • Updated dependencies to latest patch versions for stability and build reliability:
      • react-syntax-highlighter to 15.6.6
      • Vite to 6.3.6
    • No changes to public APIs or application behaviour.
    • Routine maintenance to keep the tooling current and reduce potential vulnerabilities.

@hoophalab hoophalab requested a review from a team as a code owner September 24, 2025 19:06
@coderabbitai coderabbitai
Copy link
Contributor

coderabbitai bot commented Sep 24, 2025
edited
Loading

Walkthrough

Updated two dependencies in components/webui/client/package.json: react-syntax-highlighter from ^15.6.1 to ^15.6.6 and vite from ^6.3.5 to ^6.3.6. No source code or API changes.

Changes

Cohort / File(s) Summary
Dependency version bumps
components/webui/client/package.json		 Updated react-syntax-highlighter to ^15.6.6 and vite to ^6.3.6

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check ✅ Passed The title clearly describes the primary change by specifying the chore scope, the targeted webui component, and the two dependencies being bumped to newer patch versions.
Docstring Coverage ✅ Passed No functions found in the changes. Docstring coverage check skipped.
✨ Finishing touches
🧪 Generate unit tests
  • Create PR with unit tests
  • Post copyable unit tests in a comment
📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between b3abc50 and 14f3686.

⛔ Files ignored due to path filters (1)
  • components/webui/package-lock.json is excluded by !**/package-lock.json
📒 Files selected for processing (1)
  • components/webui/client/package.json (2 hunks)
🧰 Additional context used
🧠 Learnings (1)
📚 Learning: 2025-04-08T22:32:05.366Z 
Learnt from: davemarco
PR: y-scope/clp#797
File: components/log-viewer-webui/client/src/components/Layout/MainLayout.tsx:2-5
Timestamp: 2025-04-08T22:32:05.366Z
Learning: In this codebase using React Router v7.4.1, components should be imported directly from "react-router" (e.g., `import { Link, Outlet } from "react-router";`) rather than from "react-router-dom" as was common in previous versions of React Router.

Applied to files:

  • components/webui/client/package.json
🔇 Additional comments (2)
components/webui/client/package.json (2)

39-39: Approve patch bump; lockfile is in sync

  • Lockfile reflects [email protected] and @types/[email protected]
  • Run TS type-check to ensure @types<15.5.x> covers the v15.6.x API
  • Update PR title/description to state this is a patch bump, not a minor upgrade

51-51: Vite patch bump LGTM; verify client lockfile & PR text

  • client lockfile (components/webui/client/package-lock.json or yarn.lock) must include [email protected]
  • PR description says “minor” but this is a patch bump

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@hoophalab hoophalab changed the title chore(webui): Bump react-syntax-highlighter and vite to their latest minor versions. chore(webui): Bump react-syntax-highlighter and vite to their latest patch versions. Sep 24, 2025
junhaoliao
junhaoliao reviewed Sep 24, 2025
View reviewed changes
Copy link
Member

@junhaoliao junhaoliao left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is it a good time for us to bump all dependencies in all workspaces in the webui?

@hoophalab
Copy link
Contributor Author

is it a good time for us to bump all dependencies in all workspaces in the webui?

do we have plan to bump typescript version in eslint config yscope?

@junhaoliao
Copy link
Member

is it a good time for us to bump all dependencies in all workspaces in the webui?

do we have plan to bump typescript version in eslint config yscope?

we should. if you want to, you can upgrade the version inside eslint-config-yscope and see if there're any new rules that should be configured / applied. i can do that do, assuming i'll be available by the end of the coming week

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@junhaoliao junhaoliao junhaoliao left review comments

@davemarco davemarco Awaiting requested review from davemarco

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@hoophalab @junhaoliao