fix: Expo SDK 호환성 깨지는 패키지 dependabot 대상 추가 제외#21
Merged
Conversation
There was a problem hiding this comment.
Code Review
This pull request updates the Dependabot configuration in .github/dependabot.yml to ignore updates for react and react-dom, as well as major version updates for several other dependencies. The reviewer suggested also ignoring @types/react to prevent potential type mismatches and build failures since the main React packages are locked.
Important
The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.
yangeunjun00
previously approved these changes
Jul 6, 2026
g-hyxn
approved these changes
Jul 6, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
💡 배경 및 개요
Dependabot이 연 PR #13~#18 (react, react-dom, @sentry/react-native, tailwindcss, jest/@types/jest, eslint 업데이트)이 모두 CI(
verify)에서 실패했습니다. 원인을 확인해보니 전부 Expo SDK 57이 요구하는 고정 버전/peer 버전 범위를 벗어나는 업데이트였습니다.react/react-dom19.2.3 → 19.2.7: expo-doctor가 요구하는 정확한 버전(19.2.3)과 불일치,npm installpeer 충돌@sentry/react-native7.11.0 → 8.17.1 (major): expo-doctor major 버전 불일치tailwindcss3.4.19 → 4.3.2 (major): nativewind가 tailwind v3 기준이라 jest에서react-native-css-interop모듈 로드 실패jest/@types/jest(major):jest-expopreset이 신규 jest mocker API를 지원하지 않아 테스트 실패eslint9.39.4 → 10.6.0 (major):eslint-config-expo가 물고 있는 구버전eslint-plugin-react가 ESLint 10 context API 변경으로 깨짐이전에
expo*/react-native*를 dependabot 대상에서 제외한 것과 동일한 원인이라, dependabot 설정을 확장해 재발을 막습니다.📃 작업내용
react,react-dom을 dependabot 업데이트 대상에서 완전히 제외 (Expo SDK가 exact 버전을 요구)@sentry/react-native,tailwindcss,jest,@types/jest,eslint는 major 버전 업데이트만 제외 (minor/patch는 계속 받음)🙋♂️ 리뷰노트
major 업데이트만 막고 minor/patch는 계속 받도록 한 패키지(
@sentry/react-native,tailwindcss,jest,@types/jest,eslint)와, 아예 전부 제외한 패키지(react,react-dom)를 다르게 처리했습니다. 전자는 Expo SDK 내 다른 패키지들이 major 버전에만 민감하고, 후자는 SDK가 patch 단위까지 정확히 고정하기 때문입니다. 추후 Expo SDK를 업그레이드할 때 이 ignore 목록도 같이 재검토가 필요합니다.✅ PR 체크리스트
.env,노션,README)"API 개발 완료됐어요","환경값 추가되었어요")🎸 기타
닫힌 PR #13~#18에는 이 PR 머지 커밋을 참조하는 코멘트를 남겼습니다.