chore: bump all (dev)Dependencies #17

JounQin · 2025-06-04T10:34:42Z

Important

Bump various dependencies and GitHub Actions versions to ensure the latest updates are used.

Dependencies:
- Bump stable-hash to ^0.0.6 in dependencies.
- Update multiple devDependencies in package.json, including @1stg/common-config, @eslint-react/eslint-plugin, @shikijs/rehype, @types/node, @vitejs/plugin-react-swc, @vitest/coverage-v8, eslint, react-router-dom, stylelint, unrs-resolver, and vitest.
GitHub Actions:
- Update actions/checkout to v4.2.2 in all workflows.
- Update pkg-size/action to v1.1.1 in pkg-size.yml.
- Update andresz1/size-limit-action to v1.8.0 in size-limit.yml.

^{This description was created by}^{for 09e1a5b. You can customize this summary. It will automatically update as commits are pushed.}

Summary by CodeRabbit

Chores
- Updated GitHub Actions workflows to use more specific and up-to-date versions of actions for improved reliability.
- Upgraded multiple dependencies and development tools to their latest patch or minor versions for enhanced stability and compatibility.

changeset-bot · 2025-06-04T10:34:46Z

🦋 Changeset detected

Latest commit: 69bee6a

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 1 package

Name	Type
eslint-import-context	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

coderabbitai · 2025-06-04T10:34:49Z

Walkthrough

This update revises several GitHub Actions workflow files to use more specific version tags for actions, particularly actions/checkout, and bumps a range of dependencies and devDependencies in package.json to newer versions. No changes were made to workflow logic or exported/public entities.

Changes

Files/Groups	Change Summary
.github/workflows/autofix.yml .github/workflows/ci.yml .github/workflows/pkg-pr-new.yml .github/workflows/release.yml .github/workflows/vercel.yml	Updated `actions/checkout` version tag from `v4` to `v4.2.2` (commit SHA unchanged).
.github/workflows/pkg-size.yml	Updated `actions/checkout` (`v4` → `v4.2.2`) and `pkg-size/action` (`v1` → `v1.1.1`).
.github/workflows/size-limit.yml	Updated `actions/checkout` (`v4` → `v4.2.2`) and `andresz1/size-limit-action` (`v1` → `v1.8.0`).
package.json	Bumped multiple dependencies and devDependencies to newer versions.
.changeset/selfish-llamas-camp.md	Added patch update for `stable-hash` dependency to version `0.0.6`.

Poem

A rabbit hopped through workflows bright,
Updating tags to versions right.
Dependencies got a shiny new coat,
Each package now more up-to-note.
CI and Vercel, all in tune—
This code will hop to the moon!
🐇✨

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 09e1a5b and 69bee6a.

📒 Files selected for processing (1)

.changeset/selfish-llamas-camp.md (1 hunks)

✅ Files skipped from review due to trivial changes (1)

.changeset/selfish-llamas-camp.md

⏰ Context from checks skipped due to timeout of 90000ms (14)

GitHub Check: Lint and Test with Node.js 24 on windows-latest
GitHub Check: Lint and Test with Node.js 24 on ubuntu-latest
GitHub Check: Lint and Test with Node.js 22 on windows-latest
GitHub Check: Lint and Test with Node.js 22 on ubuntu-latest
GitHub Check: Lint and Test with Node.js 20 on ubuntu-latest
GitHub Check: Lint and Test with Node.js 24 on macos-latest
GitHub Check: Lint and Test with Node.js 18 on ubuntu-latest
GitHub Check: Lint and Test with Node.js 18 on windows-latest
GitHub Check: Lint and Test with Node.js 20 on windows-latest
GitHub Check: Lint and Test with Node.js 20 on macos-latest
GitHub Check: Lint and Test with Node.js 18 on macos-latest
GitHub Check: Lint and Test with Node.js 22 on macos-latest
GitHub Check: Lint and Test with Node.js 22 on windows-latest
GitHub Check: Lint and Test with Node.js 18 on windows-latest

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

Review comments: Directly reply to a review comment made by CodeRabbit. Example:
- I pushed a fix in commit <commit_id>, please review it.
- Explain this complex logic.
- Open a follow-up GitHub issue for this discussion.
Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
- @coderabbitai explain this code block.
- @coderabbitai modularize this function.
PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
- @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
- @coderabbitai read src/utils.ts and explain its main purpose.
- @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
- @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

@coderabbitai pause to pause the reviews on a PR.
@coderabbitai resume to resume the paused reviews.
@coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
@coderabbitai full review to do a full review from scratch and review all the files again.
@coderabbitai summary to regenerate the summary of the PR.
@coderabbitai generate docstrings to generate docstrings for this PR.
@coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
@coderabbitai resolve resolve all the CodeRabbit review comments.
@coderabbitai configuration to show the current CodeRabbit configuration for the repository.
@coderabbitai help to get help.

Other keywords and placeholders

Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (`.coderabbit.yaml`)

You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
Please see the configuration documentation for more information.
If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

Visit our Documentation for detailed information on how to use CodeRabbit.
Join our Discord Community to get help, request features, and share feedback.
Follow us on X/Twitter for updates and announcements.

codesandbox-ci · 2025-06-04T10:35:10Z

This pull request is automatically built and testable in CodeSandbox.

To see build info of the built libraries, click here or the icon next to each commit SHA.

pkg-pr-new · 2025-06-04T10:35:28Z

Open in StackBlitz

npm i https://pkg.pr.new/eslint-import-context@17

commit: 671151e

github-actions · 2025-06-04T10:35:38Z

size-limit report 📦

Path	Size
src/index.ts	184 B (0%)

codecov · 2025-06-04T10:35:44Z

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 100.00%. Comparing base (51e5c82) to head (69bee6a).
Report is 1 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff            @@
##              main       #17   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files            3         3           
  Lines           53        53           
  Branches        16        16           
=========================================
  Hits            53        53

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

github-actions · 2025-06-04T10:35:44Z

📊 Package size report `No changes`

File	Before	After
Total _{(Includes all files)}	`20.6 kB`	`20.6 kB`
Tarball size	`6.6 kB`	^-0.06%↓`6.6 kB`

Unchanged files

File	Size
`lib/index.d.ts`	`351 B`
`lib/index.js`	`1.2 kB`
`lib/index.js.map`	`452 B`
`lib/types.d.ts`	`4.6 kB`
`lib/types.js`	`110 B`
`lib/types.js.map`	`102 B`
`lib/utils.d.ts`	`741 B`
`lib/utils.js`	`2.0 kB`
`lib/utils.js.map`	`1.4 kB`
`LICENSE`	`1.1 kB`
`package.json`	`3.5 kB`
`README.md`	`5.0 kB`

_{🤖 This report was automatically generated by pkg-size-action}

socket-security · 2025-06-04T10:35:59Z

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Quality	Maintenance
	@unrs/resolver-binding-darwin-arm64@1.7.2 ⏵ 1.7.9			⁺⁶
	@unrs/resolver-binding-freebsd-x64@1.7.2 ⏵ 1.7.9			⁺⁶
	@unrs/resolver-binding-linux-arm-gnueabihf@1.7.2 ⏵ 1.7.9			⁺⁶
	@unrs/resolver-binding-linux-arm-musleabihf@1.7.2 ⏵ 1.7.9			⁺⁶
	@unrs/resolver-binding-linux-arm64-gnu@1.7.2 ⏵ 1.7.9			⁺⁶
	@unrs/resolver-binding-linux-arm64-musl@1.7.2 ⏵ 1.7.9			⁺⁶
	@unrs/resolver-binding-linux-ppc64-gnu@1.7.2 ⏵ 1.7.9			⁺⁶
	@unrs/resolver-binding-linux-s390x-gnu@1.7.2 ⏵ 1.7.9			⁺⁶
	@unrs/resolver-binding-linux-x64-gnu@1.7.2 ⏵ 1.7.9			⁺⁶
	@unrs/resolver-binding-linux-x64-musl@1.7.2 ⏵ 1.7.9			⁺⁶
	@unrs/resolver-binding-win32-arm64-msvc@1.7.2 ⏵ 1.7.9			⁺⁶
	@unrs/resolver-binding-win32-ia32-msvc@1.7.2 ⏵ 1.7.9			⁺⁶
	@unrs/resolver-binding-win32-x64-msvc@1.7.2 ⏵ 1.7.9			⁺⁶
	@unrs/resolver-binding-darwin-x64@1.7.2 ⏵ 1.7.9			⁺⁶
	@unrs/resolver-binding-linux-riscv64-gnu@1.7.2 ⏵ 1.7.9			⁺⁷
	@unrs/resolver-binding-linux-riscv64-musl@1.7.2 ⏵ 1.7.9			⁺⁹
	is-negative-zero@2.0.3
	array-includes@3.1.8 ⏵ 3.1.9
	@pkgr/utils@3.1.2 ⏵ 4.0.0
	@1stg/commitlint-config@5.0.6 ⏵ 5.1.0	⁺¹		⁺³
	@unrs/resolver-binding-wasm32-wasi@1.7.2 ⏵ 1.7.9	⁺¹	⁺¹	⁺⁶
See 51 more rows in the dashboard

View full report

ellipsis-dev

Important

Looks good to me! 👍

Reviewed everything up to 09e1a5b in 1 minute and 16 seconds. Click for details.

Reviewed 180 lines of code in 8 files
Skipped 1 files when reviewing.
Skipped posting 8 draft comments. View those below.
Modify your settings and rules to customize what types of comments Ellipsis leaves. And don't forget to react with 👍 or 👎 to teach Ellipsis.

1. .github/workflows/autofix.yml:19

Draft comment:
Updated checkout action reference to v4.2.2 for consistency. Confirm this intentional update.
Reason this comment was not posted:
Comment did not seem useful. Confidence is useful = 0% <= threshold 50% The comment is asking the PR author to confirm their intention regarding a version update, which violates the rule against asking for confirmation of intention. It does not provide a specific code suggestion or highlight a potential issue with the change.

2. .github/workflows/ci.yml:29

Draft comment:
Checkout action updated to v4.2.2. Ensure uniform versioning across workflows.
Reason this comment was not posted:
Comment did not seem useful. Confidence is useful = 0% <= threshold 50% The comment is related to a dependency version change, which is not allowed according to the rules. It suggests ensuring uniform versioning, which is a general suggestion and not a specific code suggestion.

3. .github/workflows/pkg-pr-new.yml:17

Draft comment:
Checkout action is updated to v4.2.2. Confirm consistency with other workflows.
Reason this comment was not posted:
Comment did not seem useful. Confidence is useful = 0% <= threshold 50% The comment is asking the PR author to confirm consistency with other workflows, which is similar to asking them to double-check something. This violates the rule against asking the author to confirm or ensure things. The comment does not provide a specific suggestion or point out a specific issue with the code.

4. .github/workflows/pkg-size.yml:20

Draft comment:
Bumped pkg-size/action to v1.1.1; review its changelog to check for any breaking changes.
Reason this comment was not posted:
Comment did not seem useful. Confidence is useful = 0% <= threshold 50% This comment is about a dependency change and suggests reviewing the changelog for breaking changes. It violates the rule against commenting on dependency changes or asking the author to double-check things.

5. .github/workflows/release.yml:23

Draft comment:
Checkout action updated to v4.2.2; version alignment appears correct.
Reason this comment was not posted:
Comment did not seem useful. Confidence is useful = 0% <= threshold 50% This comment is purely informative and does not provide any actionable feedback or suggestions. It simply states that the version alignment appears correct, which is not necessary for the PR author to know.

6. .github/workflows/size-limit.yml:28

Draft comment:
Updated size-limit-action to v1.8.0. Verify that the new version remains compatible with the current setup.
Reason this comment was not posted:
Comment did not seem useful. Confidence is useful = 0% <= threshold 50% This comment is asking the PR author to verify compatibility of a dependency update, which is against the rules. It doesn't provide a specific suggestion or point out a specific issue.

7. .github/workflows/vercel.yml:17

Draft comment:
Updated checkout action to v4.2.2 in the Vercel deployment workflow.
Reason this comment was not posted:
Comment did not seem useful. Confidence is useful = 0% <= threshold 50% This comment is purely informative, as it only states that a version update was made in the workflow. It doesn't provide any actionable feedback or suggestions.

8. package.json:55

Draft comment:
Multiple dependency version bumps (e.g. stable-hash, @1stG packages, eslint, etc.). Ensure that the updated versions are compatible and the lockfile is updated accordingly.
Reason this comment was not posted:
Comment did not seem useful. Confidence is useful = 0% <= threshold 50% This comment is asking the PR author to ensure compatibility and update the lockfile, which falls under the rule of not asking the author to double-check or ensure things. It also relates to dependency changes, which should not be commented on unless there's a specific issue identified.

Workflow ID: wflow_48IfCD0hmCazZy5y

^{You can customize}^{by changing your verbosity settings, reacting with 👍 or 👎, replying to comments, or adding code review rules.}

github-actions · 2025-06-04T10:36:06Z

Deploy preview for eslint-import-context ready!

✅ Preview
https://eslint-import-context-rj3s856cl-1stg.vercel.app

Built with commit 69bee6a.
This pull request is being automatically deployed with vercel-action

Copilot

Pull Request Overview

This PR updates various dependency versions in package.json and refreshes GitHub Action references across CI/workflow files.

Bump stable-hash and multiple devDependencies to their latest minor/patch versions
Update actions/checkout, size-limit-action, and pkg-size/action references in workflow YAMLs
Align comments with updated action versions where applicable

Reviewed Changes

Copilot reviewed 9 out of 9 changed files in this pull request and generated no comments.

Show a summary per file

File	Description
package.json	Upgraded dependency and devDependency versions
.github/workflows/vercel.yml	Updated `actions/checkout` comment to v4.2.2
.github/workflows/size-limit.yml	Updated `actions/checkout` and `size-limit-action` versions
.github/workflows/release.yml	Updated `actions/checkout` comment to v4.2.2
.github/workflows/pkg-size.yml	Updated `actions/checkout` and `pkg-size/action` versions
.github/workflows/pkg-pr-new.yml	Updated `actions/checkout` comment to v4.2.2
.github/workflows/ci.yml	Updated `actions/checkout` comment to v4.2.2
.github/workflows/autofix.yml	Updated `actions/checkout` comment to v4.2.2

Comments suppressed due to low confidence (2)

.github/workflows/vercel.yml:17

The SHA for actions/checkout remains unchanged from v4; the comment indicates v4.2.2 but still points to the original commit. Consider updating the action reference to the correct commit SHA for v4.2.2 or revert the comment to match the pinned version.

      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

coderabbitai

Actionable comments posted: 0

🧹 Nitpick comments (1)

package.json (1)

57-101: Bulk bump of devDependencies
All devDependencies have been upgraded to newer minor/patch versions. Ensure there are no breaking changes, run the full test suite, and regenerate the lockfile (yarn install) to lock in these updates.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 51e5c82 and 09e1a5b.

⛔ Files ignored due to path filters (1)

yarn.lock is excluded by !**/yarn.lock, !**/*.lock

📒 Files selected for processing (8)

.github/workflows/autofix.yml (1 hunks)
.github/workflows/ci.yml (1 hunks)
.github/workflows/pkg-pr-new.yml (2 hunks)
.github/workflows/pkg-size.yml (1 hunks)
.github/workflows/release.yml (1 hunks)
.github/workflows/size-limit.yml (2 hunks)
.github/workflows/vercel.yml (1 hunks)
package.json (2 hunks)

🔇 Additional comments (10)

.github/workflows/release.yml (1)

23-23: Pin checkout action to specific version
Using a commit SHA for actions/checkout with a clear v4.2.2 comment enhances workflow stability by freezing the exact action version.

.github/workflows/pkg-pr-new.yml (1)

17-17: Pin checkout action to specific version
Consistent with other workflows, actions/checkout is now pinned to the same SHA and version comment (v4.2.2), improving reproducibility.

.github/workflows/autofix.yml (1)

19-19: Pin checkout action to specific version
Bumping actions/checkout to the precise commit SHA (with v4.2.2 comment) aligns with the repository’s reproducibility guidelines.

.github/workflows/vercel.yml (1)

17-17: Pin checkout action to specific version
Updating actions/checkout here ensures all workflows reference the same SHA and version tag (v4.2.2) for consistency.

.github/workflows/ci.yml (1)

29-29: Pin checkout action to specific version
The CI workflow now uses the exact actions/checkout SHA with a v4.2.2 comment, matching other workflows for consistency.

.github/workflows/size-limit.yml (2)

16-16: Pin actions/checkout to a specific patch release
Updating from v4 to v4.2.2 improves reproducibility and guards against unexpected breaking changes in minor updates.

28-28: Bump andresz1/size-limit-action to v1.8.0
Aligns with other workflows and ensures you’re using the latest features and fixes.

.github/workflows/pkg-size.yml (2)

17-17: Pin actions/checkout to v4.2.2
Consistent with other workflows for stability and traceability.

20-20: Upgrade pkg-size/action to v1.1.1
Keeps package size reporting action up-to-date without altering workflow logic.

package.json (1)

53-56: Patch bump stable-hash → ^0.0.6
A non-breaking patch bump—looks good.

Signed-off-by: JounQin <admin@1stg.me>

chore: bump all (dev)Dependencies

09e1a5b

JounQin self-assigned this Jun 4, 2025

Copilot AI review requested due to automatic review settings June 4, 2025 10:34

JounQin added the dependencies label Jun 4, 2025

ellipsis-dev bot reviewed Jun 4, 2025

View reviewed changes

Copilot AI reviewed Jun 4, 2025

View reviewed changes

coderabbitai bot reviewed Jun 4, 2025

View reviewed changes

Create selfish-llamas-camp.md

69bee6a

Signed-off-by: JounQin <admin@1stg.me>

JounQin merged commit b610b6c into main Jun 4, 2025
40 checks passed

JounQin deleted the chore/deps branch June 4, 2025 10:45

github-actions bot mentioned this pull request Jun 4, 2025

chore: release eslint-import-context #18

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

chore: bump all (dev)Dependencies #17

chore: bump all (dev)Dependencies #17

Uh oh!

Uh oh!

Uh oh!

Chat

Support

CodeRabbit Commands (Invoked using PR comments)

Other keywords and placeholders

CodeRabbit Configuration File (`.coderabbit.yaml`)

Documentation and Community

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

chore: bump all (dev)Dependencies #17

chore: bump all (dev)Dependencies #17

Uh oh!

Conversation

Uh oh!

Summary by CodeRabbit

Uh oh!

Uh oh!

🦋 Changeset detected

Uh oh!

Uh oh!

Walkthrough

Changes

Poem

Chat

Support

CodeRabbit Commands (Invoked using PR comments)

Other keywords and placeholders

CodeRabbit Configuration File (.coderabbit.yaml)

Documentation and Community

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

size-limit report 📦

Uh oh!

Uh oh!

Codecov Report

Uh oh!

Uh oh!

📊 Package size report No changes

Uh oh!

Uh oh!

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Choose a reason for hiding this comment

Pull Request Overview

Reviewed Changes

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

CodeRabbit Configuration File (`.coderabbit.yaml`)

📊 Package size report `No changes`