deps: update dependencies#161
Conversation
ehrelevant
left a comment
There was a problem hiding this comment.
Hello, thank you so much for the PR!
Could you kindly edit in a PR description of what was changed here and the reason for the changes? Specifically, asking about the addition of cookies to overrides in pnpm-workspace.yaml. Additionally, it may be better to change the PR title to something more appropriate, like deps: update dependencies, since I don't seem to see what makes the updates to pnpm-workspace.yaml notable.
Anyways, from what I can see, this is a PR focused on updating the dependencies. In that case, you may want to run pnpm outdated to see the outdated packages, as our current package.json setup makes it so that pnpm update only changes the minor version, but not the major version (See Semantic Versioning).
As far as I know, updating most of these in pnpm outdated simply involves changing the versions in package.json (e.g., "globals": "^16.5.0" => "globals": "^17.6.0"). However, there are a couple of packages (mainly, eslint and vite) that will require some more deliberate and manual work to figure out, since migrating major versions always means dealing with breaking changes and deprecations.
Lastly, as much as possible, please make sure that the formatting (pnpm fmt:fix) and linting (pnpm lint) checks pass before committing.
ehrelevant
left a comment
There was a problem hiding this comment.
I'd still like to follow up on bumping the major versions of the website's dependencies, as can be seen from the output of pnpm outdated. In particular, please migrate the code from Eslint 9 to Eslint 10 and Vite 7 to Vite 8. As mentioned, doing this will definitely involve some tinkering to fix/replace deprecated parts of the codebase, where you will likely need these relevant pieces of migration documentation for Eslint and Vite.
package.jsonto ESLint 10, Vite 8, and compatible related packages so the site works with the newer major releases.eslint.config.jsto disable rules that became noisy or incompatible under ESLint 10, keeping linting aligned with the current codebase.ImageCarousel.sveltebecause the rule no longer applies.project.tsandindex.ts withstring[]` since the newer package no longer exports that type.cookiepackage to resolve vulnerability found duringpnpm audit.