Skip to content

mono - chore: upgrade code quality dependencies#1669

Merged
jaredwray merged 1 commit into
mainfrom
claude/cacheable-dependency-management-d6gb1r
Jul 5, 2026
Merged

mono - chore: upgrade code quality dependencies#1669
jaredwray merged 1 commit into
mainfrom
claude/cacheable-dependency-management-d6gb1r

Conversation

@jaredwray

Copy link
Copy Markdown
Owner

Please check if the PR fulfills these requirements

  • Followed the Contributing guidelines and Code of Conduct
  • Tests for the changes have been added (for bug fixes/features) with 100% code coverage. — N/A: dependency-only upgrade with no source changes; existing suites still pass at 100% coverage where runnable in this environment.

What kind of change does this PR introduce?

Maintenance (chore) — upgrades the code-quality tooling group (test runner, linter/formatter, and fake-data generator) to their latest minimumReleaseAge-gated versions. No source or public-API changes. This is the first PR of a dependency-management pass (dev phase, one group per PR).

Versions

  • vitest ^4.1.5^4.1.9
  • @vitest/coverage-v8 ^4.1.5^4.1.9
  • @vitest/spy ^4.1.5^4.1.9
  • @biomejs/biome ^2.4.14^2.5.2
  • @faker-js/faker ^10.4.0^10.5.0 (root devDep and @cacheable/benchmark dependency, kept in lockstep so a single faker version is resolved)

Verification

  • pnpm build passes

  • pnpm test — every package passes at 100% coverage except 3 tests that reproduce identically on main (verified by re-running with the pre-upgrade lockfile) and are specific to this sandbox, not caused by this change:

    • cacheable-request › return with url and port — issues a real request to external mockhttp.org:8080, unreachable in this sandbox and so times out (the :80 variant of the same test passes).
    • file-entry-cache › should return a file descriptor with checksum and error and normalizeEntries() › should return all entries — both chmod 0o000 a file to force a read error, but the sandbox runs as root, which bypasses permission bits so no error is produced.

    All three pass on GitHub CI (non-root runner, full network).


Generated by Claude Code

Upgrade the code-quality tooling group to their latest minimumReleaseAge-gated
versions:

- vitest, @vitest/coverage-v8, @vitest/spy 4.1.5 -> 4.1.9
- @biomejs/biome 2.4.14 -> 2.5.2
- @faker-js/faker 10.4.0 -> 10.5.0 (root devDep and @cacheable/benchmark
  dependency, kept in lockstep)

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01P1TBuMiXotBjpNHYcbwvqf
@socket-security

Copy link
Copy Markdown

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security
Vulnerability Quality Maintenance License
Added@​vitest/​spy@​4.1.91001007398100
Addedvitest@​4.1.9981007998100
Added@​vitest/​coverage-v8@​4.1.9991007998100
Added@​faker-js/​faker@​10.5.01001001009180
Added@​biomejs/​biome@​2.5.210010010098100

View full report

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request updates several development and project dependencies across the workspace, including upgrading @biomejs/biome to 2.5.2, @faker-js/faker to 10.5.0, and vitest (along with its related packages) to 4.1.9. The pnpm-lock.yaml file has been updated accordingly to reflect these changes and clean up unused transitive dependencies. There are no review comments, and I have no additional feedback to provide.

@codecov

codecov Bot commented Jul 5, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 100.00%. Comparing base (2d9ba73) to head (2993f67).

Additional details and impacted files
@@            Coverage Diff            @@
##              main     #1669   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files           29        29           
  Lines         3504      3504           
  Branches       795       808   +13     
=========================================
  Hits          3504      3504           

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@jaredwray jaredwray merged commit 52c60fc into main Jul 5, 2026
12 checks passed
@jaredwray jaredwray deleted the claude/cacheable-dependency-management-d6gb1r branch July 5, 2026 18:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants