Skip to content

Upgrade CI actions and project dependencies#78

Open
dsanchezcr wants to merge 1 commit into
mainfrom
update-packages
Open

Upgrade CI actions and project dependencies#78
dsanchezcr wants to merge 1 commit into
mainfrom
update-packages

Conversation

@dsanchezcr

Copy link
Copy Markdown
Member

Bumps actions/checkout from v6 to v7 across CI, CodeQL, and dependency review workflows, and updates the devcontainer Docker-in-Docker feature to v4. Also refreshes frontend and API dependency versions (notably Radix UI, Tailwind, Playwright, ESLint/TypeScript tooling, Azure Functions packages, and Node types) to keep the stack current and aligned with newer toolchain releases.

Purpose

  • ...

Does this introduce a breaking change?

[ ] Yes
[ ] No

Pull Request Type

What kind of change does this Pull Request introduce?

[ ] Bugfix
[ ] Feature
[ ] Code style update (formatting, local variables)
[ ] Refactoring (no functional changes, no api changes)
[ ] Documentation content changes
[ ] Other... Please describe:

How to Test

  • Get the code
git clone [repo-address]
cd [repo-name]
git checkout [branch-name]
npm install
  • Test the code

What to Check

Verify that the following are valid

  • ...

Other Information

Bumps `actions/checkout` from v6 to v7 across CI, CodeQL, and dependency review workflows, and updates the devcontainer Docker-in-Docker feature to v4. Also refreshes frontend and API dependency versions (notably Radix UI, Tailwind, Playwright, ESLint/TypeScript tooling, Azure Functions packages, and Node types) to keep the stack current and aligned with newer toolchain releases.
@dsanchezcr dsanchezcr requested a review from Copilot July 12, 2026 23:15
@dsanchezcr dsanchezcr self-assigned this Jul 12, 2026
@dsanchezcr dsanchezcr added the enhancement New feature or request label Jul 12, 2026
@github-actions

Copy link
Copy Markdown

Dependency Review

The following issues were found:

  • ✅ 0 vulnerable package(s)
  • ✅ 0 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ⚠️ 1 package(s) with unknown licenses.

View full job summary

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR updates CI/devcontainer tooling and refreshes frontend/API npm dependencies to keep the project aligned with newer ecosystem releases (GitHub Actions, Dev Containers features, and JS/TS packages).

Changes:

  • Bumped actions/checkout to v7 across CI, CodeQL, and dependency-review workflows.
  • Updated devcontainer Docker-in-Docker feature to :4.
  • Refreshed frontend and API dependency versions (Radix UI, Tailwind toolchain, Playwright, ESLint/TypeScript tooling, Azure Functions packages, Node types) and updated lockfiles accordingly.
Show a summary per file
File Description
package.json Updates frontend/runtime tooling deps (Radix UI, Tailwind, Playwright, ESLint/TS) including @types/node.
package-lock.json Lockfile updates reflecting the dependency refresh (includes new resolved/integrity entries).
api/package.json Updates API deps (@azure/functions) and dev tooling (@types/node, core tools).
api/package-lock.json Lockfile updates for the API dependency refresh (includes new resolved/integrity entries).
.github/workflows/dependency-review.yml Bumps checkout action to v7.
.github/workflows/codeql.yml Bumps checkout action to v7.
.github/workflows/ci-cd.yml Bumps checkout action to v7 across multiple jobs.
.devcontainer/devcontainer.json Updates Docker-in-Docker devcontainer feature to major :4.

Review details

Files not reviewed (1)
  • api/package-lock.json: Generated file
  • Files reviewed: 6/8 changed files
  • Comments generated: 3
  • Review effort level: Low

Comment thread api/package-lock.json
Comment on lines 237 to 241
"node_modules/@azure/functions": {
"version": "4.16.0",
"resolved": "https://registry.npmjs.org/@azure/functions/-/functions-4.16.0.tgz",
"integrity": "sha512-cwLld7tRi1VLYNdm1evgS9n8ABP/e+0uLjRO++OjM/kigERG80OfFRRMbag/vpXUzCtda83lDiuCvcwPlxgwZw==",
"version": "4.16.1",
"resolved": "https://ms-feed-2.pkgs.visualstudio.com/1es-public/_packaging/npm-public/npm/registry/@azure/functions/-/functions-4.16.1.tgz",
"integrity": "sha1-wy8A+f2oWzRYlbAQB2oDjWmcDPM=",
"license": "MIT",
Comment thread package.json
Comment on lines +74 to 77
"@playwright/test": "^1.61.0",
"@tailwindcss/postcss": "^4.3.2",
"@types/node": "^26.1.0",
"@types/qrcode": "^1.5.6",
Comment thread api/package.json
Comment on lines 22 to +24
"@types/jest": "^30.0.0",
"@types/node": "^25.9.2",
"azure-functions-core-tools": "^4.12.0",
"@types/node": "^26.1.0",
"azure-functions-core-tools": "^4.12.1",
@github-actions

Copy link
Copy Markdown

Azure Static Web Apps: Your stage site is ready! Visit it here: https://black-cliff-03b41b10f-78.eastus2.7.azurestaticapps.net

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

enhancement New feature or request

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants