Several production dependencies in arrows-ts (the deployed app) are significantly behind. Flagged by npm outdated:
High priority (breaking changes or security-relevant)
| Package |
Current |
Available |
Notes |
neo4j-driver |
5.8.1 |
5.28.3 / 6.0.1 |
6.x has breaking package name change; update to 5.28.x first |
redux |
4.2.1 |
5.0.1 |
Major — API changes, TypeScript-first rewrite |
redux-thunk |
2.4.2 |
3.1.0 |
Major — API changed in v3 |
react-redux |
8.0.5 |
9.3.0 |
Major — requires Redux 5 |
Minor / patch (low risk)
| Package |
Current |
Available |
graphql |
16.6.0 |
16.14.0 |
redux-undo |
1.0.1 |
1.1.0 |
semantic-ui-react |
2.1.4 |
2.1.5 |
js-base64 |
3.7.5 |
3.7.8 |
memoizee |
0.4.15 |
0.4.17 |
react-from-dom |
0.6.2 |
0.7.5 |
Suggested approach
- Apply the low-risk patch/minor bumps first (separate PR, low blast radius).
- Update
neo4j-driver to 5.28.x (compatible with existing ^5 range).
- Evaluate
redux 5 + redux-thunk 3 + react-redux 9 together — they must be upgraded in lockstep.
Note: react 19, typescript 6, and vite 8 are major upgrades with wider blast radius — out of scope here.
Several production dependencies in
arrows-ts(the deployed app) are significantly behind. Flagged bynpm outdated:High priority (breaking changes or security-relevant)
neo4j-driverreduxredux-thunkreact-reduxMinor / patch (low risk)
graphqlredux-undosemantic-ui-reactjs-base64memoizeereact-from-domSuggested approach
neo4j-driverto 5.28.x (compatible with existing^5range).redux5 +redux-thunk3 +react-redux9 together — they must be upgraded in lockstep.Note:
react19,typescript6, andvite8 are major upgrades with wider blast radius — out of scope here.