fix(deps): update all non-major dependencies#1331
Conversation
|
|
renovate
Bot
force-pushed
the
renovate/all-minor-patch
branch
15 times, most recently
from
8ded137 to
da99432
Compare
renovate
Bot
force-pushed
the
renovate/all-minor-patch
branch
11 times, most recently
from
a89f41b to
69acf42
Compare
renovate
Bot
force-pushed
the
renovate/all-minor-patch
branch
3 times, most recently
from
6c2fc42 to
e277b13
Compare
![pkuhpc-review-bot[bot]](https://avatars.githubusercontent.com/in/631823?s=60&v=4){kind=small}
| # See the Mulan PSL v2 for more details. | ||
|
|
||
| FROM alpine:3.20 | ||
| FROM alpine:3.21 |
There was a problem hiding this comment.
Docker基础镜像从alpine 3.20升级到3.21,这个更新比较合理,因为3.21修复了一些安全漏洞。
建议继续关注后续的alpine版本更新以确保安全性。
| FROM alpine:3.21 | |
| FROM alpine:3.21 |
| "volta": { | ||
| "node": "20.15.0" | ||
| "node": "20.19.0" | ||
| }, |
There was a problem hiding this comment.
Node.js版本从20.15.0更新到20.19.0,这个更新包含了重要的安全修复和性能改进。
建议在升级后测试确认没有兼容性问题。
| }, | |
| "node": "20.19.0" |
| "node": "20.19.0" | ||
| }, | ||
| "packageManager": "pnpm@9.4.0", | ||
| "packageManager": "pnpm@9.15.9", |
There was a problem hiding this comment.
pnpm版本从9.4.0更新到9.15.9,这是个大跨度更新。
建议测试确认新版本没有引入任何包管理相关的问题。
| "packageManager": "pnpm@9.15.9", | |
| "packageManager": "pnpm@9.15.9" |
There was a problem hiding this comment.
本次代码变更新主要包括以下几个方面:
- 更新了多个workflow文件中的pnpm/action-setup版本从v4.0.0升级到v4.1.0
- 升级了多个package.json中的依赖版本,包括@grpc/grpc-js、@ant-design相关组件、next.js、typescript等核心依赖
- 更新了Dockerfile中的基础镜像从alpine:3.20升级到alpine:3.21
- 统一升级了多个库的内部依赖版本,保持workspace:*依赖的一致性
- 更新了Node.js版本从20.15.0升级到20.19.0
- 更新了pnpm版本从9.4.0升级到9.15.9
| # See the Mulan PSL v2 for more details. | ||
|
|
||
| FROM alpine:3.20 | ||
| FROM alpine:3.21 |
There was a problem hiding this comment.
基础镜像从alpine:3.20升级到alpine:3.21,需要注意新版本是否与现有环境兼容,特别是系统库的ABI兼容性。
| "volta": { | ||
| "node": "20.15.0" | ||
| "node": "20.19.0" | ||
| }, |
There was a problem hiding this comment.
Node.js版本从20.15.0升级到20.19.0,需要注意CI/CD环境和新版本在生产环境的兼容性问题。
| "node": "20.19.0" | ||
| }, | ||
| "packageManager": "pnpm@9.4.0", | ||
| "packageManager": "pnpm@9.15.9", |
There was a problem hiding this comment.
pnpm版本从9.4.0升级到9.15.9,跨度较大,需要注意lockfile格式变化和安装行为的潜在变化。
| "@ddadaal/tsgrpc-client": "0.17.8", | ||
| "@ddadaal/tsgrpc-common": "0.2.6", | ||
| "@grpc/grpc-js": "1.13.3", | ||
| "@kubernetes/client-node": "^0.22.0", |
There was a problem hiding this comment.
@kubernetes/client-node从^0.21.0升级到^0.22.0,需要注意API有无破坏性变更,特别是与集群交互的部分。
| }, | ||
| "peerDependencies": { | ||
| "monaco-editor": "0.50.0" | ||
| "monaco-editor": "0.52.2" |
There was a problem hiding this comment.
monaco-editor从0.50.0升级到0.52.2,需要注意编辑器API和功能的兼容性问题。
| # See the Mulan PSL v2 for more details. | ||
|
|
||
| FROM alpine:3.20 | ||
| FROM alpine:3.21 |
There was a problem hiding this comment.
基础镜像从Alpine 3.20升级到3.21,建议确认所有应用的兼容性和稳定性
| FROM alpine:3.21 | |
| 建议在升级后进行全面测试 |
| "node": "20.19.0" | ||
| }, | ||
| "packageManager": "pnpm@9.4.0", | ||
| "packageManager": "pnpm@9.15.9", |
There was a problem hiding this comment.
pnpm版本从9.4.0升级到9.15.9,这是较大的版本跳跃,建议验证新版本下的构建和依赖解析是否正常
| "packageManager": "pnpm@9.15.9", | |
| 建议逐步升级并测试 |
| "@ant-design/icons": "5.6.1", | ||
| "@ddadaal/tsgrpc-client": "0.17.8", | ||
| "@ddadaal/tsgrpc-common": "0.2.6", | ||
| "@grpc/grpc-js": "1.13.3", |
There was a problem hiding this comment.
@grpc/grpc-js从1.10.9升级到1.13.3,涉及gRPC协议的改动,建议测试相关功能
| steps: | ||
| - uses: actions/checkout@v4 | ||
| - uses: pnpm/action-setup@v4.0.0 | ||
| - uses: pnpm/action-setup@v4.1.0 |
There was a problem hiding this comment.
pnpm/action-setup从v4.0.0升级到v4.1.0,这是一个依赖项的升级。
| steps: | ||
| - uses: actions/checkout@v4 | ||
| - uses: pnpm/action-setup@v4.0.0 | ||
| - uses: pnpm/action-setup@v4.1.0 |
There was a problem hiding this comment.
pnpm/action-setup从v4.0.0升级到v4.1.0,这是一个依赖项的升级。
| ref: ${{ github.event.pull_request.head.sha }} | ||
|
|
||
| - uses: pnpm/action-setup@v4.0.0 | ||
| - uses: pnpm/action-setup@v4.1.0 |
There was a problem hiding this comment.
pnpm/action-setup从v4.0.0升级到v4.1.0,这是一个依赖项的升级。
| # See the Mulan PSL v2 for more details. | ||
|
|
||
| FROM alpine:3.20 | ||
| FROM alpine:3.21 |
There was a problem hiding this comment.
基础镜像从alpine:3.20升级到alpine:3.21,这是一个镜像版本的升级。
| "volta": { | ||
| "node": "20.15.0" | ||
| "node": "20.19.1" | ||
| }, |
There was a problem hiding this comment.
Node.js版本从20.15.0升级到20.19.1,请注意测试新版本的兼容性。
| }, | ||
| "packageManager": "pnpm@9.4.0", | ||
| "packageManager": "pnpm@9.15.9", | ||
| "pnpm": { |
There was a problem hiding this comment.
pnpm版本从9.4.0升级到9.15.9,请注意测试新版本的兼容性。
There was a problem hiding this comment.
本次代码变更主要包括以下内容:
- 升级了多个 GitHub Actions 工作流中的 pnpm/action-setup 版本从 v4.0.0 到 v4.1.0
- 更新了大量依赖包的版本号,包括前端框架(Next.js, antd)、TypeScript 相关库(@sinclair/typebox)、后端框架(@grpc/grpc-js)、数据库 ORM(@mikro-orm)、各种工具库(dayjs, dotenv等)
- 将 Docker 基础镜像从 alpine:3.20 升级到 alpine:3.21
- 更新了主项目的开发依赖版本,包括 Node.js 版本从 20.15.0 升级到 20.19.1
- 将 PNPM 版本从 9.4.0 更新到 9.15.9
| "prism-react-renderer": "2.2.0", | ||
| "react": "18.2.0", | ||
| "react-dom": "18.2.0", | ||
| "@easyops-cn/docusaurus-search-local": "0.44.2", |
There was a problem hiding this comment.
@easyops-cn/docusaurus-search-local 升级到 0.49.2 时需注意,这个版本可能有一些 breaking changes,建议检查文档搜索功能是否正常。
| }, | ||
| "volta": { | ||
| "node": "20.15.0" | ||
| "node": "20.19.1" |
There was a problem hiding this comment.
husky 升级到 9.1.7 可能会有 hooks 运行方式的改变,建议检查 git hooks 是否仍然正常工作。
| # See the Mulan PSL v2 for more details. | ||
|
|
||
| FROM alpine:3.20 | ||
| FROM alpine:3.21 |
There was a problem hiding this comment.
基础镜像从 alpine 3.20 升级到 3.21,需要测试 SSH 服务是否仍然正常运行,特别是与新的基础镜像的兼容性。
| "node": "20.19.1" | ||
| }, | ||
| "packageManager": "pnpm@9.4.0", | ||
| "packageManager": "pnpm@9.15.9", |
There was a problem hiding this comment.
PNPM 版本从 9.4.0 升级到 9.15.9 是较大的版本跨度,建议先测试安装和构建过程,确保没有兼容性问题。
| "@types/nprogress": "0.2.3", | ||
| "@types/react": "18.3.3", | ||
| "@types/react-dom": "18.3.0", | ||
| "@types/react": "18.3.20", |
There was a problem hiding this comment.
@testing-library/react 从 16.0.0 升级到 16.3.0,需要注意测试用例是否需要调整,特别是关于渲染和事件处理相关的部分。
| steps: | ||
| - uses: actions/checkout@v4 | ||
| - uses: pnpm/action-setup@v4.0.0 | ||
| - uses: pnpm/action-setup@v4.1.0 |
There was a problem hiding this comment.
将 pnpm/action-setup 从 v4.0.0 升级到 v4.1.0
| steps: | ||
| - uses: actions/checkout@v4 | ||
| - uses: pnpm/action-setup@v4.0.0 | ||
| - uses: pnpm/action-setup@v4.1.0 |
There was a problem hiding this comment.
将 pnpm/action-setup 从 v4.0.0 升级到 v4.1.0
| ref: ${{ github.event.pull_request.head.sha }} | ||
|
|
||
| - uses: pnpm/action-setup@v4.0.0 | ||
| - uses: pnpm/action-setup@v4.1.0 |
There was a problem hiding this comment.
将 pnpm/action-setup 从 v4.0.0 升级到 v4.1.0
| steps: | ||
| - uses: actions/checkout@v4 | ||
|
|
||
| - uses: pnpm/action-setup@v4.0.0 |
There was a problem hiding this comment.
将 pnpm/action-setup 从 v4.0.0 升级到 v4.1.0
| }, | ||
| "dependencies": { | ||
| "@ant-design/cssinjs": "1.21.0", | ||
| "@ant-design/icons": "5.3.7", |
There was a problem hiding this comment.
将 @ant-design/cssinjs 从 1.21.0 升级到 1.23.0
| "dependencies": { | ||
| "@ant-design/cssinjs": "1.21.0", | ||
| "@ant-design/icons": "5.3.7", | ||
| "@ddadaal/tsgrpc-client": "0.17.7", |
There was a problem hiding this comment.
将 @ant-design/icons 从 5.3.7 升级到 5.6.1
| "@ant-design/cssinjs": "1.21.0", | ||
| "@ant-design/icons": "5.3.7", | ||
| "@ddadaal/tsgrpc-client": "0.17.7", | ||
| "@ddadaal/tsgrpc-common": "0.2.5", |
There was a problem hiding this comment.
将 @ddadaal/tsgrpc-client 从 0.17.7 升级到 0.17.8
There was a problem hiding this comment.
这个PR主要包含以下变更:
- 更新了多个GitHub Actions工作流中使用的pnpm/action-setup版本从v4.0.0到v4.1.0
- 更新了多个Docker镜像和依赖库的版本,包括从Alpine 3.20升级到3.21
- 更新了项目中大量NPM包的版本,主要涉及安全补丁和功能更新
- 更新了Node.js版本从20.15.0到20.19.2
- 更新了pnpm版本从9.4.0到9.15.9
- 更新了多个@ant-design相关包的版本
- 更新了多个@ddadaal/tsgrpc相关包的版本
- 更新了多个@mikro-orm相关包的版本
| # See the Mulan PSL v2 for more details. | ||
|
|
||
| FROM alpine:3.20 | ||
| FROM alpine:3.21 |
There was a problem hiding this comment.
Alpine镜像版本升级到3.21,请确认所有依赖包兼容新版本。建议在升级前进行充分测试。
| "node": "20.19.2" | ||
| }, | ||
| "packageManager": "pnpm@9.4.0", | ||
| "packageManager": "pnpm@9.15.9", |
There was a problem hiding this comment.
pnpm版本有较大跨度升级,从9.4.0到9.15.9,可能会有不兼容变更。建议先检查变更日志和测试构建过程是否正常。
| ] | ||
| }, | ||
| "dependencies": { | ||
| "@ant-design/cssinjs": "1.21.0", |
There was a problem hiding this comment.
更新了大量前端依赖包版本,特别是antd从5.18.3升级到5.25.1。建议确认这些更新不会影响UI组件的行为和样式。
| steps: | ||
| - uses: actions/checkout@v4 | ||
| - uses: pnpm/action-setup@v4.0.0 | ||
| - uses: pnpm/action-setup@v4.1.0 |
There was a problem hiding this comment.
pnpm/action-setup版本更新幅度较小(从4.0.0到4.1.0),属于合理的安全更新范围。
| "@ant-design/icons": "5.6.1", | ||
| "@ddadaal/tsgrpc-client": "0.17.8", | ||
| "@ddadaal/tsgrpc-common": "0.2.6", | ||
| "@grpc/grpc-js": "1.13.4", |
There was a problem hiding this comment.
建议检查新版@grpc/grpc-js的兼容性变化,特别是1.13.4版本的升级可能包含重大变更
| "@sinclair/typebox": "0.34.33", | ||
| "asn1": "0.2.6", | ||
| "fastify": "4.28.0", | ||
| "fastify": "4.29.1", |
There was a problem hiding this comment.
fastify从4.28.0升级到4.29.1,需要注意中间件API是否有变化
| # See the Mulan PSL v2 for more details. | ||
|
|
||
| FROM alpine:3.20 | ||
| FROM alpine:3.21 |
There was a problem hiding this comment.
Alpine基础镜像从3.20升级到3.21,建议确认所有基础工具和库都兼容新版本
| "node": "20.19.2" | ||
| }, | ||
| "packageManager": "pnpm@9.4.0", | ||
| "packageManager": "pnpm@9.15.9", |
There was a problem hiding this comment.
node版本从20.15.0升级到20.19.2,需要确保所有开发环境都支持新版本
| # See the Mulan PSL v2 for more details. | ||
|
|
||
| FROM alpine:3.20 | ||
| FROM alpine:3.22 |
There was a problem hiding this comment.
基础镜像从alpine:3.20升级到alpine:3.22,建议检查新版本中是否有任何潜在兼容性问题
| # See the Mulan PSL v2 for more details. | ||
|
|
||
| FROM alpine:3.20 | ||
| FROM alpine:3.22 |
There was a problem hiding this comment.
建议在升级alpine版本时检查所有依赖包的兼容性,特别是如果有使用第三方二进制文件需要验证在3.22上是否可用
| FROM alpine:3.22 | |
| FROM alpine:3.22 |
| "volta": { | ||
| "node": "20.15.0" | ||
| "node": "20.19.2" | ||
| }, |
There was a problem hiding this comment.
Node.js版本从20.15.0升级到20.19.2是较大跨度的版本更新,需要考虑对现有代码的影响
| }, | |
| "node": "20.19.2" |
| "node": "20.19.2" | ||
| }, | ||
| "packageManager": "pnpm@9.4.0", | ||
| "packageManager": "pnpm@9.15.9", |
There was a problem hiding this comment.
pnpm从9.4.0升级到9.15.9变化较大,需要确保构建流程不受影响
| "packageManager": "pnpm@9.15.9", | |
| "packageManager": "pnpm@9.15.9" |
There was a problem hiding this comment.
本次代码变更主要涉及以下几个方面:
- 更新了多个 GitHub Actions 工作流中的 pnpm/action-setup 版本,从 v4.0.0 升级到 v4.1.0
- 更新了多个应用和库的依赖版本,包括 @ant-design 系列、@ddadaal/tsgrpc 系列、@grpc/grpc-js、@mikro-orm 系列等
- 升级了 Next.js 及相关依赖版本
- 更新了 TypeScript 和其他开发工具链版本
- 修改了 Dockerfile 中使用的基础镜像从 alpine:3.20 升级到 alpine:3.22
| # See the Mulan PSL v2 for more details. | ||
|
|
||
| FROM alpine:3.20 | ||
| FROM alpine:3.22 |
There was a problem hiding this comment.
基础镜像从 alpine:3.20 升级到 3.22,建议确认所有依赖在 3.22 上的兼容性
| "node": "20.19.2" | ||
| }, | ||
| "packageManager": "pnpm@9.4.0", | ||
| "packageManager": "pnpm@9.15.9", |
There was a problem hiding this comment.
pnpm 版本从 9.4.0 升级到 9.15.9,这是一个较大的跨度升级,建议测试确认构建过程无误
There was a problem hiding this comment.
这个PR主要进行了以下更新:
- 升级了多个GitHub Actions工作流中的pnpm/action-setup版本到v4.1.0
- 更新了所有应用的依赖包版本,包括@ant-design组件、@grpc/grpc-js、@mikro-orm相关包、dayjs等核心依赖
- 更新了开发依赖包版本,如typescript、@types/node等类型定义
- 升级了基础镜像从alpine:3.20到alpine:3.22
- 更新了项目根目录下的Node.js版本要求和pnpm版本
- 修改了多个库包的peerDependencies版本要求
| "node": "20.15.0" | ||
| "node": "20.19.3" | ||
| }, | ||
| "packageManager": "pnpm@9.4.0", |
There was a problem hiding this comment.
pnpm版本从9.4.0升级到9.15.9,这是一个较大的版本跨度升级,需要确保兼容性。建议检查pnpm的新特性/破坏性变更并与团队确认
| "packageManager": "pnpm@9.4.0", | |
| "packageManager": "pnpm@9.4.0" // 如需回退 |
| # See the Mulan PSL v2 for more details. | ||
|
|
||
| FROM alpine:3.20 | ||
| FROM alpine:3.22 |
There was a problem hiding this comment.
基础镜像从alpine:3.20升级到3.22,建议测试镜像构建和运行时是否有兼容性问题,特别是glibc依赖等
| FROM alpine:3.22 | |
| FROM alpine:3.20 // 如需回退 |
| "@mikro-orm/core": "6.2.9", | ||
| "@mikro-orm/migrations": "6.2.9", | ||
| "@mikro-orm/mysql": "6.2.9", | ||
| "@mikro-orm/seeder": "6.2.9", |
There was a problem hiding this comment.
多个@mikro-orm相关包从6.2.9升级到6.4.16,建议检查ORM相关的破坏性变更和性能改进
| "@mikro-orm/seeder": "6.2.9", | |
| @mikro-orm/cli": "6.2.9" // 如需回退 |
| "@ant-design/icons": "5.6.1", | ||
| "@codemirror/language": "6.11.2", | ||
| "@codemirror/legacy-modes": "6.5.1", | ||
| "@codemirror/view": "6.38.0", |
There was a problem hiding this comment.
@dnd-kit/core从6.1.0升级到6.3.1,涉及拖拽功能,需测试拖拽相关功能是否正常
| "@codemirror/view": "6.38.0", | |
| @dnd-kit/core": "6.1.0" // 如需回退 |
| "@ddadaal/tsgrpc-common": "0.2.5", | ||
| "@grpc/grpc-js": "1.10.9", | ||
| "@kubernetes/client-node": "^0.21.0", | ||
| "@mikro-orm/cli": "6.2.9", |
There was a problem hiding this comment.
建议检查 @kubernetes/client-node 从 0.21.0 升级到 0.22.0 是否有重大变更,确保兼容性
| # See the Mulan PSL v2 for more details. | ||
|
|
||
| FROM alpine:3.20 | ||
| FROM alpine:3.22 |
There was a problem hiding this comment.
基础镜像从 alpine:3.20 升级到 3.22,建议检查相关依赖是否兼容新版本
| "volta": { | ||
| "node": "20.15.0" | ||
| "node": "20.19.4" | ||
| }, |
There was a problem hiding this comment.
Node.js 版本从 20.15.0 升级到 20.19.4,建议确认所有项目功能和构建流程在新版本下正常运行
There was a problem hiding this comment.
本次代码变更主要涉及以下几个方面:
- 升级了多个GitHub Actions工作流中使用的pnpm/action-setup版本从v4.0.0到v4.1.0
- 更新了多个应用的Node.js依赖包版本,包括但不限于@ant-design/、@ddadaal/tsgrpc-、@grpc/grpc-js、@mikro-orm/*、next、react等
- 升级了Docker基础镜像从alpine:3.20到alpine:3.22
- 更新了多个库的依赖包版本,如@sinclair/typebox、zod、antd等
- 更新了项目根目录的开发依赖版本,如@bufbuild/buf、@changesets/cli、eslint等
- 更新了Node.js版本从20.15.0到20.19.4
- 更新了pnpm版本从9.4.0到9.15.9
| "@types/google-protobuf": "3.15.12", | ||
| "@types/http-proxy": "1.17.14", | ||
| "@types/http-proxy": "1.17.16", | ||
| "@types/mime-types": "2.1.4", |
There was a problem hiding this comment.
@types/react从18.3.3升级到18.3.23是一个较大的版本跨度,请注意版本间可能的兼容性问题,建议仔细阅读变更日志
| "less": "4.4.0", | ||
| "mime-types": "2.1.35", | ||
| "next": "14.2.4", | ||
| "next": "14.2.31", |
There was a problem hiding this comment.
升级了less从4.2.0到4.4.0,这个版本包含了一些重要变更,可能会影响现有的样式编译,建议测试样式是否正常
| "node": "20.19.4" | ||
| }, | ||
| "packageManager": "pnpm@9.4.0", | ||
| "packageManager": "pnpm@9.15.9", |
There was a problem hiding this comment.
pnpm从9.4.0升级到9.15.9包含了多个重要更新,建议测试构建和依赖安装过程是否正常
| # See the Mulan PSL v2 for more details. | ||
|
|
||
| FROM alpine:3.20 | ||
| FROM alpine:3.22 |
There was a problem hiding this comment.
从alpine:3.20升级到alpine:3.22,确保所有的系统依赖在新版本中都能正常工作
| FROM alpine:3.22 | |
| FROM alpine:3.22 |
| steps: | ||
| - uses: actions/checkout@v4 | ||
| - uses: pnpm/action-setup@v4.0.0 | ||
| - uses: pnpm/action-setup@v4.1.0 |
There was a problem hiding this comment.
升级pnpm/action-setup版本到v4.1.0,建议检查新版是否与当前CI流程兼容
| steps: | ||
| - uses: actions/checkout@v4 | ||
| - uses: pnpm/action-setup@v4.0.0 | ||
| - uses: pnpm/action-setup@v4.1.0 |
There was a problem hiding this comment.
升级pnpm/action-setup版本到v4.1.0,与docs-preview.yaml保持同步
| ref: ${{ github.event.pull_request.head.sha }} | ||
|
|
||
| - uses: pnpm/action-setup@v4.0.0 | ||
| - uses: pnpm/action-setup@v4.1.0 |
There was a problem hiding this comment.
升级pnpm/action-setup版本到v4.1.0,与其它workflow文件保持一致
| steps: | ||
| - uses: actions/checkout@v4 | ||
|
|
||
| - uses: pnpm/action-setup@v4.0.0 |
There was a problem hiding this comment.
再次升级pnpm/action-setup版本到v4.1.0,确保整个文件中版本一致
| # See the Mulan PSL v2 for more details. | ||
|
|
||
| FROM alpine:3.20 | ||
| FROM alpine:3.22 |
There was a problem hiding this comment.
将基础镜像从alpine:3.20升级到3.22,建议确认新版本是否有兼容性问题
| "volta": { | ||
| "node": "20.15.0" | ||
| "node": "20.19.4" | ||
| }, |
There was a problem hiding this comment.
node版本从20.15.0升级到20.19.4,建议检查新版本是否会导致构建或运行问题
| "node": "20.19.4" | ||
| }, | ||
| "packageManager": "pnpm@9.4.0", | ||
| "packageManager": "pnpm@9.15.9", |
There was a problem hiding this comment.
pnpm版本从9.4.0升级到9.15.9,建议测试构建过程是否受影响
| # See the Mulan PSL v2 for more details. | ||
|
|
||
| FROM alpine:3.20 | ||
| FROM alpine:3.22 |
There was a problem hiding this comment.
更新基础镜像版本到alpine:3.22可以获取最新的安全补丁和功能改进,建议在合并前测试兼容性以确保稳定性。
| "node": "20.19.4" | ||
| }, | ||
| "packageManager": "pnpm@9.4.0", | ||
| "packageManager": "pnpm@9.15.9", |
There was a problem hiding this comment.
pnpm版本从9.4.0升级到9.15.9,这是一个较大版本的升级,建议在团队内部协调升级策略以避免潜在的构建问题。
|
| # See the Mulan PSL v2 for more details. | ||
|
|
||
| FROM alpine:3.20 | ||
| FROM alpine:3.22 |
There was a problem hiding this comment.
Alpine 3.22是最新稳定版本,这是一个合理的升级
| FROM alpine:3.22 | |
| FROM alpine:3.22 |
There was a problem hiding this comment.
此次提交主要进行了以下批量更新:\n- 将 GitHub Actions 中的 pnpm/action-setup 版本从 v4.0.0 升级至 v4.4.0。\n- 将开发环境 Docker 镜像 dev/ssh-server/Dockerfile 的基础镜像从 alpine:3.20 升级至 alpine:3.23。\n- 对多个 package.json 文件中的大量依赖版本进行了升级,涉及 @ant-design/、@ddadaal/、@grpc/、@mikro-orm/、@sinclair/typebox、antd、next、typescript、zod 等核心运行时依赖,以及构建、测试、工具链相关的开发依赖。\n- 更新了根目录 package.json 中的开发依赖、Volta 工具链(Node 版本从 20.15.0 升至 20.20.2)和包管理器(pnpm 从 9.4.0 升至 9.15.9)。\n- 修复了文档站点 docs/package.json 中对 @docusaurus/core 等依赖的版本升级。\n- 此提交似乎是一次大规模的依赖版本升级,旨在保持与最新生态的兼容性。
| "dotenv": "16.6.1", | ||
| "http-proxy": "1.18.1", | ||
| "lodash": "4.17.21", | ||
| "long": "5.2.3", |
There was a problem hiding this comment.
将 lodash 从 4.17.21 升级到 4.18.1 需要谨慎。lodash 在 4.17.21 之后很久没有官方发布,4.18.x 版本可能是一个非官方包或被恶意利用的 fork。请确认这个版本包的来源和安全性。如果只是一个单纯的小版本升级,请验证其兼容性。
| "long": "5.2.3", | |
| 建议在升级前检查该版本来源,并确保所有使用 `lodash` 的代码与新版本兼容。如果 `4.18.1` 是来自 npm 的官方版本,请确认其安全公告。 |
| "lodash": "4.18.1", | ||
| "long": "5.3.2", | ||
| "mime-types": "2.1.35", | ||
| "next": "14.2.4", |
There was a problem hiding this comment.
将 next 从 14.2.4 升级到 14.2.35 是一个很大的版本跳升,可能包含破坏性变更。请仔细阅读 Next.js 的发布说明,特别是与 pages 或 app router 相关的变更,并确保与项目中使用的中间件、API 路由、配置等完全兼容。
| "next": "14.2.4", | |
| 在升级前请确认新版本是否与当前项目代码完全兼容,并测试应用的构建和运行。 |
| "google-protobuf": "3.21.4", | ||
| "http-proxy": "1.18.1", | ||
| "iconv-lite": "^0.6.3", | ||
| "less": "4.2.0", |
There was a problem hiding this comment.
将 iconv-lite 从 ^0.6.3 升级到 ^0.7.0 是一个主版本升级,可能包含破坏性变更。请检查 iconv-lite 的迁移指南,确保兼容性。
| "less": "4.2.0", | |
| 建议在升级 iconv-lite 之前,检查文档并更新代码以适配 v0.7.0 的破坏性变更。 |
| "zod": "3.23.8", | ||
| "shell-quote": "1.8.1", | ||
| "replace-in-file": "8.1.0" | ||
| "@xterm/addon-fit": "0.11.0", |
There was a problem hiding this comment.
将 zod 从 3.23.8 升级到 3.25.76 是一个较大的版本跳升。请检查 zod 的 changelog,查看是否有 API 变更、新增的验证模式或破坏性更新,例如 safeParse 的返回值结构变更。
| "@xterm/addon-fit": "0.11.0", | |
| 建议查看 Zod 的 CHANGELOG,特别是与 `ZodError` 或 `ZodEffects` 相关的变动,确保应用中的数据验证逻辑仍然正确。 |
| steps: | ||
| - uses: actions/checkout@v4 | ||
| - uses: pnpm/action-setup@v4.0.0 | ||
| - uses: pnpm/action-setup@v4.4.0 |
There was a problem hiding this comment.
将 pnpm/action-setup 从 v4.0.0 更新到 v4.4.0,但需要注意 v4.x 版本是否包含重大变更,建议查阅版本更新日志确认兼容性。
| steps: | ||
| - uses: actions/checkout@v4 | ||
| - uses: pnpm/action-setup@v4.0.0 | ||
| - uses: pnpm/action-setup@v4.4.0 |
There was a problem hiding this comment.
与 docs-preview.yaml 相同的更新,同样建议确认兼容性。
| ref: ${{ github.event.pull_request.head.sha }} | ||
|
|
||
| - uses: pnpm/action-setup@v4.0.0 | ||
| - uses: pnpm/action-setup@v4.4.0 |
There was a problem hiding this comment.
此处 pnpm/action-setup 更新,但未使用最新的 v4.x 版本,建议保持与其他 workflow 一致。
| "antd": "5.29.3", | ||
| "dayjs": "1.11.20", | ||
| "dotenv": "16.6.1", | ||
| "http-proxy": "1.18.1", |
There was a problem hiding this comment.
将 lodash 从 4.17.21 更新到 4.18.1。这似乎是一个次要版本升级,但 4.18.1 版本可能包含不兼容的更改。请确认此更改不会破坏现有功能。
| "csv-stringify": "6.7.0", | ||
| "dayjs": "1.11.20", | ||
| "google-protobuf": "3.21.4", | ||
| "http-proxy": "1.18.1", |
There was a problem hiding this comment.
将 iconv-lite 的版本从 ^0.6.3 更新到 ^0.7.0。这是一个主版本更新,可能引入破坏性更改。请确保代码兼容 iconv-lite v0.7.x。
| "eslint-plugin-license-header": "0.9.0" | ||
| }, | ||
| "volta": { | ||
| "node": "20.15.0" |
There was a problem hiding this comment.
将 Node.js 版本从 20.15.0 更新到 20.20.20。这是一个重大更新,请确保所有依赖和代码与新版本兼容。同时检查 GitHub Actions 中的 node-version 是否也需要更新。
| "node": "20.20.2" | ||
| }, | ||
| "packageManager": "pnpm@9.4.0", | ||
| "packageManager": "pnpm@9.15.9", |
There was a problem hiding this comment.
将 pnpm 版本从 9.4.0 更新到 9.15.9。这是一个主要的版本更新,可能包含重大更改。请确保所有工作流和本地环境都更新到相应版本。
| "http-proxy": "1.18.1", | ||
| "lodash": "4.17.21", | ||
| "long": "5.2.3", | ||
| "lodash": "4.18.1", |
There was a problem hiding this comment.
lodash版本从4.17.21更新到4.18.1。lodash的最新版本是4.17.21,4.18.1可能不是一个官方发布的版本,或者是一个被篡改的包。请确认该版本的来源和安全性。建议使用官方维护的4.17.21或检查是否有更新到5.x的计划。
| "lodash": "4.18.1", | |
| "lodash": "4.17.21" |
| "lodash": "4.18.1", | ||
| "long": "5.3.2", | ||
| "mime-types": "2.1.35", | ||
| "next": "14.2.4", |
There was a problem hiding this comment.
next版本从14.2.4跳升到14.2.35。这是一个较大的版本跳跃,通常Next.js的次版本号更新(如14.2.x)不会导致API不兼容,但建议查阅Next.js的发布说明,确认没有破坏性变更,特别是如果项目使用了实验性功能。
| "dayjs": "1.11.20", | ||
| "google-protobuf": "3.21.4", | ||
| "http-proxy": "1.18.1", | ||
| "iconv-lite": "^0.6.3", |
There was a problem hiding this comment.
iconv-lite从^0.6.3升级到^0.7.0。iconv-lite的0.7.0版本可能包含破坏性变更(major version change),需要检查项目中iconv-lite的使用方式,确保与新版本兼容。
| "iconv-lite": "^0.6.3", | |
| 检查所有 import/require 'iconv-lite' 的使用,确认API是否有变化。 |
| steps: | ||
| - uses: actions/checkout@v4 | ||
| - uses: pnpm/action-setup@v4.0.0 | ||
| - uses: pnpm/action-setup@v4.4.0 |
There was a problem hiding this comment.
pnpm/action-setup版本从v4.0.0更新到v4.4.0。虽然这看起来像是“更新依赖”,但需要确保这个新版本与项目中使用的pnpm版本(在package.json的packageManager字段中指定为pnpm@9.15.9)兼容。
| - uses: pnpm/action-setup@v4.4.0 | |
| 建议在更新此Action之前,先测试与p@9.15.9的兼容性。 |
| "node": "20.20.2" | ||
| }, | ||
| "packageManager": "pnpm@9.4.0", | ||
| "packageManager": "pnpm@9.15.9", |
There was a problem hiding this comment.
packageManager字段的值从pnpm@9.4.0更改为pnpm@9.15.9。这是一个pnpm的minor版本更新,通常不会引入破坏性变更,但仍建议查看pnpm的发布说明(特别是9.4到9.15之间的突出变更),以确保没有影响项目构建或依赖安装的更改。
| "packageManager": "pnpm@9.4.0", | ||
| "packageManager": "pnpm@9.15.9", | ||
| "pnpm": { | ||
| "patchedDependencies": { |
There was a problem hiding this comment.
在pnpm.patchedDependencies中新增了react-typed-i18n@2.3.0的补丁文件。这个补丁是针对旧的版本(2.3.0)的,但apps/ai/package.json中已经将react-typed-i18n更新到2.6.1。这会导致补丁不生效,或者需要更新补丁文件以匹配新版本。请确保补丁文件patches/react-typed-i18n@2.3.0.patch也相应更新,或者移除该补丁配置。
| "patchedDependencies": { | |
| 删除 'react-typed-i18n@2.3.0': 'patches/react-typed-i18n@2.3.0.patch' 这一行,或提供一个新的、适用于2.6.1版本的补丁。 |
There was a problem hiding this comment.
- 将多个 GitHub Actions 工作流中的
pnpm/action-setup版本从v4.0.0更新到v4.4.0。 - 更新了
apps/ai/package.json中lodash的版本从4.17.21到4.18.1。 - 更新了根目录
package.json中的packageManager字段,使用pnpm@9.15.9代替pnpm@9.4.0。 - 大量更新了多个
package.json文件中的依赖版本,包括但不限于@ant-design/icons、@ddadaal/tsgrpc-client、@mikro-orm/core、antd、next、typescript等。 - 更新了
dev/ssh-server/Dockerfile中的基础镜像从alpine:3.20到alpine:3.23。 - 更新了
libs/web/package.json中peerDependencies的版本号,以确保与主机项目版本一致。
| "dotenv": "16.6.1", | ||
| "http-proxy": "1.18.1", | ||
| "lodash": "4.17.21", | ||
| "long": "5.2.3", |
There was a problem hiding this comment.
将 lodash 从 4.17.21 升级到 4.18.1 是一个不安全的升级。lodash 的最新稳定版本是 4.17.21,4.18.1 可能是一个恶意或测试版本。建议确认此版本的来源,并确保它来自官方 lodash 仓库或是一个经过验证的 fork。如果是不小心打错版本号,请修正为 4.17.21。
| "long": "5.2.3", | |
| "lodash": "4.17.21" |
| "dayjs": "1.11.20", | ||
| "google-protobuf": "3.21.4", | ||
| "http-proxy": "1.18.1", | ||
| "iconv-lite": "^0.6.3", |
There was a problem hiding this comment.
将 iconv-lite 从 ^0.6.3 升级到 ^0.7.0 是一个主版本升级,可能引入破坏性变更。需要检查项目中 iconv-lite 的用法,确保在新版本下正常工作。
| "iconv-lite": "^0.6.3", | |
| 如果不需要新功能或修复,建议保留使用 `^0.6.3` 的版本范围,或者测试 `iconv-lite@0.7.0` 的兼容性。 |
| "node": "20.20.2" | ||
| }, | ||
| "packageManager": "pnpm@9.4.0", | ||
| "packageManager": "pnpm@9.15.9", |
There was a problem hiding this comment.
将 react-typed-i18n@2.3.0 的补丁移除,同时将 react-typed-i18n 升级到 2.6.1。需要确认新版本不再需要之前的补丁,否则应更新补丁文件或保留补丁。
There was a problem hiding this comment.
此代码 diff 主要涉及以下更改:
- 更新 GitHub Actions 工作流中的
pnpm/action-setup动作版本,从v4.0.0升级到v4.4.0。 - 将所有
package.json文件中的依赖项版本升级到较新版本,包括@ant-design/cssinjs、@ant-design/icons、@ddadaal/tsgrpc-client、@grpc/grpc-js等。 - 更新 Dockerfile 中的基础镜像,从
alpine:3.20升级到alpine:3.23。 - 更新根
package.json中的 Node.js 版本从20.15.0到20.20.2,以及包管理器版本从pnpm@9.4.0到pnpm@9.15.9。
| "node": "20.20.2" | ||
| }, | ||
| "packageManager": "pnpm@9.4.0", | ||
| "packageManager": "pnpm@9.15.9", |
There was a problem hiding this comment.
包管理器版本从 pnpm@9.4.0 升级到 pnpm@9.15.9。这是一个大版本升级,需要确保所有开发者都安装了新的 pnpm 版本,并且项目中的 pnpm-lock.yaml 文件与新的 pnpm 版本兼容。请执行 pnpm install 重新生成 lock 文件以确保一致性。
| }, | ||
| "volta": { | ||
| "node": "20.15.0" | ||
| "node": "20.20.2" |
There was a problem hiding this comment.
Node.js 版本从 20.15.0 升级到 20.20.2。这是一个小版本升级,通常兼容,但建议在升级后运行完整的测试套件以确保没有回归问题。
There was a problem hiding this comment.
- 将此 PR 中所有包管理器的依赖项更新到了最新版本。
- 在 GitHub Actions 工作流中将 pnpm/action-setup 从 v4.0.0 升级到 v4.4.0。
- 将基础 Docker 镜像从 alpine:3.20 更新到 alpine:3.23。
- 将 TypeScript 版本从 5.5.2 升级到 5.9.3,可能会导致类型错误或构建失败,需要验证。
- 将 lodash 从 4.17.21 更新到 4.18.1(在 apps/ai/package.json 中),这不是一个标准的 semver 补丁版本,可能存在破坏性变更,需要验证兼容性。
- 将 Next.js 从 14.2.4 更新到 14.2.35,并相应更新了 @next/bundle-analyzer。
- 将 Ant Design 从 5.18.3 更新到 5.29.3,这是一个跨越多个小版本的更新,可能存在破坏性 UI 变更。
- 将 pnpm 从 9.4.0 更新到 9.15.9。
| "http-proxy": "1.18.1", | ||
| "lodash": "4.17.21", | ||
| "long": "5.2.3", | ||
| "lodash": "4.18.1", |
There was a problem hiding this comment.
将 lodash 从 4.17.21 更新到 4.18.1。请注意,版本号从 4.17 跳到 4.18,中间跳过了多个次要版本,这被认为是一个“次版本”更新,可能包含破坏性更改。虽然 lodash 通常遵循语义化版本控制,但需要验证此版本是否与项目代码兼容。建议检查 lodash 的发布说明或更新日志,以确保没有破坏性变更。
| "lodash": "4.18.1", | |
| 可以考虑保持现有版本,除非有明确的兼容性验证。如果需要更新,请确保进行全面的单元测试和集成测试。 |
| "google-protobuf": "3.21.4", | ||
| "http-proxy": "1.18.1", | ||
| "iconv-lite": "^0.6.3", | ||
| "less": "4.2.0", |
There was a problem hiding this comment.
将 iconv-lite 从 ^0.6.3 更新到 ^0.7.0。这是一个主要版本升级,可能包含破坏性变更。由于使用了脱字符版本范围 (^),这将允许安装 0.x 系列的最新版本,但从 0.6 到 0.7 的跳转可能引入了不兼容的 API 变更。请检查 iconv-lite 的更新日志,验证项目代码是否兼容。
| "less": "4.2.0", | |
| 如果项目依赖了 iconv-lite 中的具体 API,建议在升级前阅读其 changelog,或固定到特定版本(如 0.6.5)以确保稳定性。 |
There was a problem hiding this comment.
这是一个大规模的依赖版本更新 PR,涉及多个 GitHub Actions 配置文件和项目中的 package.json 文件。主要变更包括:
- 更新 GitHub Actions 中
pnpm/action-setup版本从 v4.0.0 到 v4.4.0 - 更新多个应用和库的依赖包版本,包括 @ant-design、@grpc、@mikro-orm、next、antd 等核心库
- 更新根 package.json 中的开发依赖和工具版本
- 更新 Dockerfile 中基础镜像版本
- 更新 Node.js 和 pnpm 版本
| "dotenv": "16.6.1", | ||
| "http-proxy": "1.18.1", | ||
| "lodash": "4.17.21", | ||
| "long": "5.2.3", |
There was a problem hiding this comment.
lodash 从 4.17.21 升级到 4.18.1,但这个版本号在 npm 上可能不存在。官方最新版本是 4.17.21,4.18.1 可能是内部版本或 typo。请确认版本号是否正确。
| "long": "5.2.3", | |
| "lodash": "4.17.21" |
| "long": "5.2.3", | ||
| "lodash": "4.18.1", | ||
| "long": "5.3.2", | ||
| "mime-types": "2.1.35", |
There was a problem hiding this comment.
next 从 14.2.4 升级到 14.2.35,这是一个较大的跳跃。请确认没有 breaking changes 影响现有代码,尤其是 App Router 和 Server Components 相关的改动。
| "dayjs": "1.11.20", | ||
| "google-protobuf": "3.21.4", | ||
| "http-proxy": "1.18.1", | ||
| "iconv-lite": "^0.6.3", |
There was a problem hiding this comment.
iconv-lite 从 ^0.6.3 升级到 ^0.7.0,0.7.0 版本引入了 breaking changes(例如移除了某些 API)。请检查项目中是否使用了受影响的 API,并更新相关代码。
| "ws": "8.17.1" | ||
| "styled-components": "6.4.1", | ||
| "tslib": "2.8.1", | ||
| "typescript": "5.9.3", |
There was a problem hiding this comment.
typescript 从 5.5.2 升级到 5.9.3,这是一个大版本跳跃。请确保项目代码兼容 TypeScript 5.9.x 的新语法或类型检查规则。建议先使用 5.7.x 或 5.8.x 逐步升级。
| "typescript": "5.9.3", | |
| "typescript": "5.7.3" |
| "node": "20.15.0" | ||
| "node": "20.20.2" | ||
| }, | ||
| "packageManager": "pnpm@9.4.0", |
There was a problem hiding this comment.
packageManager 从 pnpm@9.4.0 升级到 pnpm@9.15.9,同时 turbo 从 2.0.4 升级到 2.9.14。这两个工具的大版本跳跃可能导致 CI/CD 行为变化,需要确认兼容性。
This PR contains the following updates:
8.0.2→8.0.117.0.2→7.2.11.21.0→1.24.01.21.0→1.24.05.3.7→5.6.15.3.7→5.6.15.3.7→5.6.11.34.0→1.69.01.34.0→1.69.01.8.0→1.10.11.8.0→1.10.12.27.6→2.31.06.10.2→6.12.36.4.0→6.5.36.28.2→6.43.019.2.2→19.8.11.4.0→1.7.01.4.0→1.7.01.4.0→1.7.02.1.0→2.3.00.17.7→0.17.90.17.7→0.17.90.2.5→0.2.70.2.5→0.2.70.19.5→0.19.80.19.5→0.19.86.1.0→6.3.13.4.0→3.10.13.4.0→3.10.13.4.0→3.10.13.4.0→3.10.10.44.2→0.55.14.0.0→4.2.01.10.9→1.14.3^0.21.0→^0.22.06.2.9→6.6.146.2.9→6.6.146.2.9→6.6.146.2.9→6.6.146.2.9→6.6.146.2.9→6.6.144.6.0→4.7.014.2.4→14.2.351.10.3→1.10.49.1.1→9.1.35.0.0→5.2.00.32.34→0.34.490.32.34→0.34.496.4.6→6.9.116.0.0→16.3.210.45.2→10.45.410.45.2→10.45.410.45.2→10.45.410.45.2→10.45.42.0.3→2.0.91.17.14→1.17.1729.5.12→29.5.1420.14.8→20.19.416.4.15→6.4.231.5.5→1.5.618.3.3→18.3.2818.3.0→18.3.71.15.0→1.15.55.1.34→5.1.364.18.3→4.19.08.5.10→8.18.117.0.32→17.0.354.22.2→4.25.90.10.0→0.11.08.16.0→8.20.03.20→3.235.18.3→5.29.35.18.3→5.29.35.18.3→5.29.39.1.2→9.3.16.5.0→6.7.01.11.11→1.11.201.11.11→1.11.201.11.11→1.11.2016.4.5→16.6.116.4.5→16.6.17.4.2→7.4.48.0.0→8.1.19.6.0→9.39.49.6.0→9.39.40.6.1→0.9.04.28.0→4.29.14.0.0→4.0.511.2.0→11.3.514.0.1→14.1.03.21.2→3.21.47.0.4→7.0.69.0.11→9.1.7^0.6.3→^0.7.05.4.1→5.10.14.1.0→4.1.14.2.0→4.6.410.14.0→10.27.04.17.21→4.18.15.2.3→5.3.20.50.0→0.55.15.0.7→5.1.1114.2.4→14.2.3514.2.4→14.2.3514.2.4→14.2.352.2.0→2.2.11.1.5→1.1.920.15.0→20.20.21.15.0→1.17.213.2.0→13.2.16.9.14→6.10.13.1.4→3.1.146.1.0→6.2.05.4.1→5.4.39.4.0→9.15.9v4.0.0→v4.4.08.4.38→8.5.147.3.2→7.5.91.5.3→1.5.42.3.0→2.6.12.12.7→2.15.42.12.3→2.15.48.1.0→8.4.06.0.1→6.1.31.8.1→1.8.36.1.11→6.4.16.1.11→6.4.16.1.11→6.4.12.2.1→2.2.65.17.14→5.32.629.1.5→29.4.92.2.5→2.2.72.2.5→2.2.71.180.0→1.181.21.8.10→1.8.172.6.3→2.8.12.0.4→2.9.145.5.2→5.9.3