Skip to content

chore(deps): update npm dependencies#10

Open
deniswsrosa wants to merge 1 commit into
mainfrom
chore/dependency-update-20260706-t_efd3845e
Open

chore(deps): update npm dependencies#10
deniswsrosa wants to merge 1 commit into
mainfrom
chore/dependency-update-20260706-t_efd3845e

Conversation

@deniswsrosa

Copy link
Copy Markdown

Summary

  • Updates npm direct dependencies to the latest stable same-major compatible releases.
  • Regenerates package-lock.json with npm while preserving the existing npm package-manager workflow.
  • Links back to Hermes Kanban task t_efd3845e.

Updated dependencies

Ecosystem Dependency Previous Updated Type Notes
npm @langchain/classic ^1.0.14 ^1.0.38 dependency same-major stable
npm @langchain/community ^1.1.8 ^1.1.29 dependency same-major stable; npm warns package is deprecated upstream
npm @langchain/core ^1.1.19 ^1.2.1 dependency same-major stable
npm @langchain/openai ^1.2.4 ^1.5.3 dependency same-major stable
npm ai ^2.1.28 ^2.2.37 dependency same-major stable; skipped latest v7 major
npm couchbase ^4.4.2 ^4.7.1 dependency same-major stable
npm date-fns ^3.3.1 ^3.6.0 dependency same-major stable; skipped latest v4 major
npm langchain ^1.2.2 ^1.5.2 dependency same-major stable
npm next 14.2.15 14.2.35 dependency same-major stable; skipped latest v16 major
npm pdf-parse 1.1.1 1.1.4 dependency same-major stable; skipped latest v2 major
npm pdfjs-dist 3.4.120 3.11.174 dependency same-major stable; skipped latest v6 major
npm react ^18.2.0 ^18.3.1 dependency same-major stable; skipped latest v19 major
npm react-dom ^18.2.0 ^18.3.1 dependency same-major stable; skipped latest v19 major
npm react-dropzone ^14.2.3 ^14.4.1 dependency same-major stable; skipped latest v15 major
npm react-markdown ^9.0.1 ^9.1.0 dependency same-major stable; skipped latest v10 major
npm @types/node ^20 ^20.19.43 devDependency same-major stable; skipped latest v26 major
npm @types/react ^18.3.1 ^18.3.31 devDependency same-major stable; skipped latest v19 major
npm @types/react-dom ^18.3.0 ^18.3.7 devDependency same-major stable; skipped latest v19 major
npm autoprefixer ^10.0.1 ^10.5.2 devDependency same-major stable
npm eslint ^8 ^8.57.1 devDependency same-major stable; skipped latest v10 major
npm eslint-config-next 14.1.3 14.2.35 devDependency aligned with Next 14.2.35; skipped latest v16 major
npm postcss ^8 ^8.5.16 devDependency same-major stable
npm tailwindcss ^3.3.0 ^3.4.19 devDependency same-major stable; skipped latest v4 major
npm typescript ^5 ^5.9.3 devDependency same-major stable; skipped latest v6 major

Validation

npm install
npm run build
npm run lint
npm run dev

Outcomes:

  • npm install passed and regenerated package-lock.json.
  • npm run build passed with Next.js 14.2.35.
  • npm run lint passed with no ESLint warnings or errors.
  • npm run dev started successfully and reported ready at http://localhost:3000.

Evidence status

Evidence Status Notes
Browser passed Loaded http://127.0.0.1:3000/; page rendered heading "PDF Chat Demo using Couchbase, NextJS, Langchain, and OpenAI" and upload UI.
Swagger/OpenAPI not_applicable Next.js web demo does not expose documented Swagger/OpenAPI UI.
Tests not_applicable No test script is defined in package.json; used build and lint as strongest available local validation.

Risk notes

  • Existing Dependabot PR Bump the npm_and_yarn group across 1 directory with 2 updates #9 only changes package-lock.json; this PR updates direct manifests and lockfile, so it is not an exact duplicate.
  • Major versions were intentionally skipped to avoid framework/runtime migrations.
  • npm install reports remaining audit findings; this PR does not run npm audit fix --force or perform major-version migrations.
  • @langchain/community@1.1.29 emits an upstream deprecation warning during install; retained because it is still the same-major compatible update for the existing direct dependency.

Rollback

Revert this PR to restore the previous package.json and package-lock.json dependency set.

@vercel

vercel Bot commented Jul 6, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
vector-search-nodejs Ready Ready Preview, Comment Jul 6, 2026 7:42pm

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request updates various dependencies and devDependencies in package.json to newer versions, including LangChain packages, Next.js, React, and other utility libraries. There are no review comments, and I have no additional feedback to provide.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant