Skip to content

INTER-2303 chore(deps): update all dependencies to latest supported versions#263

Merged
JuroUhlar merged 7 commits into
chore-upgrade-pnpmfrom
care/update-deps
Jul 13, 2026
Merged

INTER-2303 chore(deps): update all dependencies to latest supported versions#263
JuroUhlar merged 7 commits into
chore-upgrade-pnpmfrom
care/update-deps

Conversation

@JuroUhlar

@JuroUhlar JuroUhlar commented Jul 9, 2026

Copy link
Copy Markdown
Collaborator

Ecosystem care Q2/2027 dependency refresh. The root package has no runtime dependencies, so every bump is dev-only and the engines.node contract is unchanged (>=18.17.0).

  • devDependencies bumped to latest: vitest 3→4, lint-staged 15→17, rimraf 5→6, typedoc 0.27→0.28, @commitlint/cli 19→21, @changesets/cli, rollup + plugins, tslib, yaml, commitizen, and dotenv (example + functional-tests)
  • husky 9.1: prepare script husky installhusky; dropped the deprecated hook preamble
  • dropped tsxgenerate.mts now runs on native Node type-stripping
  • added the corepack packageManager integrity hash
  • GitHub Actions: checkout v4→v7, setup-node v4→v6, download-artifact v4→v8, pnpm/action-setup pinned to the v6.0.9 SHA; added Node 24 to the smoke matrix

Discussion point: TypeScript capped at 6.0, not 7

Latest is 7.0.2 but typescript-eslint (peer <6.1.0), typedoc and rollup-plugin-dts all cap at TS 6.0.x, so TS 7 would break type-aware lint, docs and .d.ts bundling at once. Pinned to ~6.0.3. Pushback welcome if we'd rather hold at 5.x instead.

Discussion point: @types/node pinned to ^18

Deliberately not latest (26) — pinned to the Node 18 engines floor so the build catches use of APIs missing on Node 18. Source typechecks clean against it.

No changeset

Dev-only changes, engines unchanged, and the regenerated src/generatedApiTypes.ts is byte-identical (openapi-typescript unchanged) — no consumer-facing change, so no release.

Follow-up: TS 6 deprecation bridge

Kept moduleResolution: "node" via ignoreDeprecations: "6.0". When we move to TS 7, this becomes moduleResolution: "node10" (identical resolver, current name).

JuroUhlar added 3 commits July 9, 2026 15:28
- actions/checkout v4 -> v7, actions/setup-node v4 -> v6, actions/download-artifact v4 -> v8
- pnpm/action-setup pinned to v6.0.9 commit SHA
- add Node 24 to the functional-test Node matrix
- typescript 5.4 -> 6.0 (capped below 7: typescript-eslint, typedoc and
  rollup-plugin-dts have no TS 7 support yet)
- @types/node pinned to ^18 to match the >=18.17.0 engines floor
- vitest & @vitest/coverage-v8 3 -> 4, lint-staged 15 -> 17, rimraf 5 -> 6,
  typedoc 0.27 -> 0.28, @commitlint/cli 19 -> 21, @changesets/cli, rollup,
  @rollup/plugin-typescript, rollup-plugin-dts, rollup-plugin-license, tslib,
  yaml, commitizen and dotenv (example + functional-tests) to latest
- husky 9.1: prepare script 'husky install' -> 'husky'; drop deprecated hook preamble
- drop tsx: run generate.mts via native Node type stripping
- add corepack packageManager integrity hash
- tsconfig: ignoreDeprecations '6.0' + explicit types:[node] required by TS 6
- test:dts: adapt tsc flags for TS 6; unit tests: toThrowError -> toThrow (vitest 4)
@changeset-bot

changeset-bot Bot commented Jul 9, 2026

Copy link
Copy Markdown

⚠️ No Changeset found

Latest commit: 9e9b662

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@github-actions

github-actions Bot commented Jul 9, 2026

Copy link
Copy Markdown
Contributor

Coverage report

St.
Category Percentage Covered / Total
🟢 Statements
98.15% (-0.25% 🔻)
159/162
🟢 Branches
96.84% (-0.78% 🔻)
92/95
🟢 Functions 100% 35/35
🟢 Lines
98.11% (-0.28% 🔻)
156/159
Show files with reduced coverage 🔻
St.
File Statements Branches Functions Lines
🟢
... / unsealError.ts
100%
50% (-50% 🔻)
100% 100%
🟢 serverApiClient.ts
96.15% (-0.9% 🔻)
97.22% (+1.48% 🔼)
100%
96.15% (-0.9% 🔻)

Test suite run success

83 tests passing in 24 suites.

Report generated by 🧪jest coverage report action from 45c8f24

Show full coverage report
St File % Stmts % Branch % Funcs % Lines Uncovered Line #s
🟢 All files 98.14 96.84 100 98.11
🟢  src 98.43 98.66 100 98.41
🔴   ...edApiTypes.ts 0 0 0 0
🔴   index.ts 0 0 0 0
🟢   sealedResults.ts 100 100 100 100
🟢   ...rApiClient.ts 96.15 97.22 100 96.15 358,362
🟢   types.ts 100 100 100 100
🟢   urlUtils.ts 100 100 100 100
🟢   webhook.ts 100 100 100 100
🟢  src/errors 97.05 90 100 96.96
🟢   apiErrors.ts 100 100 100 100
🟢   ...orResponse.ts 100 100 100 100
🟢   toError.ts 87.5 88.88 100 87.5 21
🟢   unsealError.ts 100 50 100 100 10

JuroUhlar added 2 commits July 9, 2026 16:04
pnpm/action-setup v6 errors when both a 'version' input and a
packageManager field specify pnpm. Let the corepack packageManager
field be the single source of truth.
@JuroUhlar JuroUhlar changed the base branch from main to chore-upgrade-pnpm July 9, 2026 15:57
Resolve package.json/pnpm-lock.yaml conflicts: keep dep bumps from
care/update-deps, adopt base's eslint stack (eslint ^10,
typescript-eslint ^8, eslint-config-dx-team ^3.0.0), drop tsx.
Regenerated lockfile; typescript-eslint@8.63 resolves cleanly against
typescript@6.0.3.

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR performs a broad dev-dependency/tooling refresh (Vitest, Husky, Rollup, TypeScript, etc.) while keeping the runtime/engines contract unchanged (node >=18.17.0) and updating CI workflows and local tooling to match.

Changes:

  • Updated TypeScript/Vitest and related tooling; adjusted configs and tests for compatibility.
  • Updated Husky setup (prepare script + hook preambles removed) and refreshed CI actions/matrix.
  • Bumped ancillary dev/test dependencies (dotenv in example/functional tests, rollup plugins, etc.).

Reviewed changes

Copilot reviewed 9 out of 11 changed files in this pull request and generated 2 comments.

Show a summary per file
File Description
tsconfig.json Adds TS 6 deprecation bridge and pins included global types to Node.
tests/unit-tests/sealedResults.spec.ts Updates Vitest assertion helpers to newer API (toThrowErrortoThrow).
tests/functional-tests/package.json Bumps dotenv for functional tests.
package.json Updates tooling dependencies, Husky prepare script, and switches generateTypes runner.
example/package.json Bumps dotenv for the example package.
.husky/pre-push Removes Husky v8-era preamble; retains custom push-protection logic.
.husky/pre-commit Removes Husky preamble; keeps lint-staged invocation.
.husky/commit-msg Removes Husky preamble; keeps commitlint invocation.
.github/workflows/functional_tests.yml Updates action versions and adds Node 24 to smoke matrix; updates pnpm setup pin.
.github/workflows/e2e-tests.yml Updates checkout action version.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread .husky/pre-push Outdated
Comment thread package.json
husky v9 runs hooks via `sh -e`, ignoring the shebang. The bash-only
`[[ =~ ]]` matcher silently failed under a POSIX sh (dash on Linux/CI),
disabling the main-branch push guard. Replace it with a POSIX `case`.
@github-actions

Copy link
Copy Markdown
Contributor

🚀 Following releases will be created using changesets from this PR:

@fingerprint/node-sdk@7.5.0

Minor Changes

  • Separate Server API errors from other request errors and strongly type the error code.

    • Added ServerApiError (extends RequestError), thrown when the Server API returns a structured error response. It narrows errorCode to the strongly typed ErrorCode and exposes responseBody: ErrorResponse.
    • Exported the ErrorCode type (the union of error codes returned by the Fingerprint Server API).
    • TooManyRequestsError now extends ServerApiError.
    • RequestError remains the base class for request-level errors and is thrown directly for non–Server-API responses (for example, errors returned by an intermediate proxy). Its errorCode stays a free-form string (a best-effort placeholder derived from statusText), exactly as before.

    This is a backward-compatible change: structured Server API errors are now instances of ServerApiError (a subclass of RequestError). error instanceof RequestError checks keep working, and errorCode stays populated on every error. To get the strictly typed errorCode, narrow to ServerApiError (if (error instanceof ServerApiError) { error.errorCode }). (808c802)

Patch Changes

  • errors: Normalize caught values into real Error instances, so errors from unseal and JSON parsing always carry a genuine Error. (5764c11)
  • Throw a RequestError instead of a top-level SdkError when a Server API error response has a non-JSON body (e.g. an HTML error page from a proxy). (b16cb93)

@JuroUhlar JuroUhlar changed the title chore(deps): update all dependencies to latest supported versions INTER-2303 chore(deps): update all dependencies to latest supported versions Jul 13, 2026
@JuroUhlar JuroUhlar merged commit 6de6486 into chore-upgrade-pnpm Jul 13, 2026
18 checks passed
@JuroUhlar JuroUhlar deleted the care/update-deps branch July 13, 2026 11:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants