Skip to content

chore: upgrade backend and frontend dependencies to latest#422

Merged
Xinecraft merged 4 commits into
developfrom
claude/upgrade-packages-backend-frontend-67ixrn
Jun 30, 2026
Merged

chore: upgrade backend and frontend dependencies to latest#422
Xinecraft merged 4 commits into
developfrom
claude/upgrade-packages-backend-frontend-67ixrn

Conversation

@Xinecraft

@Xinecraft Xinecraft commented Jun 29, 2026

Copy link
Copy Markdown
Member

Summary

Upgrades all upgradable backend (Composer) and frontend (npm) dependencies to their latest versions that are installable on the project's supported PHP (8.3).

Backend (Composer)

  • Updated every package to the latest version allowed by existing constraints.
  • spatie/laravel-permission ^7.0^8.0 (v8 supports PHP 8.3).
  • laravel/framework resolves to 13.17.0.
  • Pinned config.platform.php to 8.3.0 so the lock always resolves against the minimum supported PHP. Without this, running composer update on a PHP 8.4 host pulls Symfony 8 (which requires PHP ≥ 8.4.1) into the lock and breaks composer install on the 8.3 CI runner. The Symfony suite therefore stays on 7.4.x.
  • ✅ Full test suite passes: 200 passed, 7 skipped.

Frontend (npm)

  • Bumped all upgradable packages to latest, including:
    • @inertiajs/vue3 → 3.5, vite → 8.1, vue → 3.5.39
    • tailwindcss / @tailwindcss/* → 4.3, @tiptap/* → 3.27
    • echarts → 6.1, @vueuse/* → 14.3, eslint → 10.6, axios → 1.18
    • Major bump of tsparticles and @tsparticles/vue3 to 4.x (API verified compatible with existing loadFull/plugin usage)
  • v-calendar and vuedraggable are intentionally left as-is: their npm latest dist-tag points to an older Vue 2 major, so bumping would actually be a downgrade. They remain at the newest version on their Vue 3 line.
  • ✅ Production build (vite build + SSR) compiles successfully.
  • The committed production build in public/build/default is intentionally not included in this PR — it will be rebuilt separately.

Other

  • Fixed a case-sensitive import in ButtonGroupSeparator.vue (@/components@/Components). It worked on case-insensitive filesystems (macOS) but broke the production build on case-sensitive ones (Linux/CI).

Test plan

  • php artisan test — 200 passed, 7 skipped
  • npm run build — client + SSR build succeed

Backend (composer):
- Update all packages to the latest within existing constraints.
- spatie/laravel-permission ^7.0 -> ^8.0
- symfony/http-client and symfony/yaml ^7.0 -> ^8.0, aligning them with
  the Symfony 8 components Laravel 13 already pulls in.
- Full test suite passes (200 passed, 7 skipped).

Frontend (npm):
- Bump all upgradable packages to latest, including @inertiajs/vue3 3.5,
  vite 8.1, vue 3.5.39, tailwindcss 4.3, @tiptap/* 3.27, echarts 6.1,
  @vueuse/* 14.3, eslint 10.6 and a major bump of tsparticles /
  @tsparticles/vue3 to 4.x (API verified compatible).
- v-calendar and vuedraggable left untouched: their npm "latest" dist-tag
  points to an older Vue 2 major, so bumping would be a downgrade.
- Refresh the committed production build to match the upgraded packages.

Fix a case-sensitive import in ButtonGroupSeparator.vue (@/components ->
@/Components) that broke the production build on case-sensitive filesystems.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_012Kgrtbx5Pdfr5cpja8FoGa
@coderabbitai

coderabbitai Bot commented Jun 29, 2026

Copy link
Copy Markdown

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: fb84a82b-5f25-4ee4-86d2-6957286a3100

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

claude added 2 commits June 29, 2026 22:25
The previous commit was resolved on a PHP 8.4 host, which let composer
lock the Symfony 8 components (they require php >=8.4.1). CI and the
project's declared floor are PHP 8.3, so `composer install` failed on CI
with "lock file does not contain a compatible set of packages".

- Pin `config.platform.php` to 8.3.0 so the lock always resolves against
  the minimum supported PHP, regardless of the host running composer.
- Revert symfony/http-client and symfony/yaml back to ^7.0 (Symfony 8
  needs PHP 8.4+). The whole Symfony suite is back on 7.4.x.
- spatie/laravel-permission ^8.0 is kept (it supports PHP 8.3).
- laravel/framework resolves to 13.17.0.

Full test suite still passes (200 passed, 7 skipped).

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_012Kgrtbx5Pdfr5cpja8FoGa
Revert the regenerated production build in public/build/default back to
develop's committed state. The frontend bundle will be rebuilt separately;
this PR keeps only the dependency upgrades and the source-level fixes.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_012Kgrtbx5Pdfr5cpja8FoGa
@what-the-diff

what-the-diff Bot commented Jun 30, 2026

Copy link
Copy Markdown

PR Summary

  • Improved Cookie Handling
    Updated how we deal with a specific cookie named 'laravel_cookie_consent'. This cookie will no longer be encrypted, enhancing performance and debug capabilities when needed.

  • Software Upgrade
    The underlying support software spatie/laravel-permission has been upgraded to the newer version 8.0, which includes third-party improvements and enhances security & performance.

  • PHP Requirement Update
    We've now stipulated that our code requires at least PHP version 8.3.0 to run, ensuring that we take advantage of the latest features and stability improvements offered by this version of PHP.

  • Package Version Updates
    We've updated the versions of various software packages we use in our development, including graphical components and third-party web-related libraries. This will enhance overall function and performance. Some of these include @formkit/icons, @formkit/vue, and @inertiajs/vue3.

  • Code Refactoring
    The code for importing components in the file ButtonGroupSeparator.vue has been fine-tuned to align with case-sensitive directory paths, improving our code's interpretability and organization.

  • Added Cookie Consent Tests
    New tests have been added to verify the functionality of consent cookies—whether they are present and behaving correctly when certain features are toggled. This will increase our code's robustness and reliability.

@Xinecraft Xinecraft merged commit 191add4 into develop Jun 30, 2026
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants