Skip to content

chore(deps): upgraded to latest dependencies#162

Merged
yeshamavani merged 4 commits intomasterfrom
GH-161
Apr 16, 2026
Merged

chore(deps): upgraded to latest dependencies#162
yeshamavani merged 4 commits intomasterfrom
GH-161

Conversation

@vinaygupta-sourcefuse
Copy link
Copy Markdown
Collaborator

@vinaygupta-sourcefuse vinaygupta-sourcefuse commented Apr 10, 2026

Description

This issue tracks upgrading all project dependencies to their latest stable versions.

Changes

  • Updated all dependencies and devDependencies to latest versions
  • Resolved version conflicts and peer dependency issues
  • Fixed breaking changes introduced by major version upgrades

Checklist:

  • Performed a self-review of my own code
  • npm test passes on your machine
  • New tests added or existing tests modified to cover all changes
  • Code conforms with the style guide
  • API Documentation in code was updated
  • Any dependent changes have been merged and published in downstream modules

Build Passed:

Screenshot 2026-04-10 at 11 39 12 AM

Test Passed:

Screenshot 2026-04-10 at 11 39 52 AM

@vinaygupta-sourcefuse vinaygupta-sourcefuse self-assigned this Apr 10, 2026
@vinaygupta-sourcefuse
chore(deps): upgraded to latest dependencies
49b260e 
upgraded to latest dependencies

GH-161
Tyagi-Sunny
Tyagi-Sunny reviewed Apr 13, 2026
View reviewed changes
Comment thread src/providers/authorization-metadata.provider.ts
yeshamavani
yeshamavani reviewed Apr 14, 2026
View reviewed changes
Comment thread package.json Outdated
"fs-extra": "^11.3.4",
"git-release-notes": "^5.0.0",
"husky": "^7.0.4",
"jsdom": "^21.0.0",
Copy link
Copy Markdown
Contributor

@yeshamavani yeshamavani Apr 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

jsdom

Copy link
Copy Markdown
Collaborator Author

@vinaygupta-sourcefuse vinaygupta-sourcefuse Apr 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i'll update this in follow-up PR since it is a major version change.

Comment thread package.json Outdated
Comment on lines 58 to 71
"@loopback/boot": "^8.0.11",
"@loopback/build": "^12.0.10",
"@loopback/context": "^8.0.10",
"@loopback/eslint-config": "^16.0.1",
"@loopback/rest": "^15.0.4",
"@loopback/testlab": "^8.0.3",
"@semantic-release/changelog": "^6.0.1",
"@loopback/rest": "^15.0.11",
"@loopback/testlab": "^8.0.10",
"@semantic-release/changelog": "^6.0.3",
"@semantic-release/commit-analyzer": "^9.0.2",
"@semantic-release/git": "^10.0.1",
"@semantic-release/github": "^12.0.0",
"@semantic-release/npm": "^13.1.1",
"@semantic-release/github": "^12.0.6",
"@semantic-release/npm": "^13.1.5",
"@semantic-release/release-notes-generator": "^10.0.3",
"@types/lodash": "^4.14.181",
"@types/lodash": "^4.17.24",
"@types/node": "^18.11.9",
Copy link
Copy Markdown
Contributor

@yeshamavani yeshamavani Apr 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

please keep the packages at the same version in all the extensions
the versions @semantic-release packages look diff in all the extensions.

Copy link
Copy Markdown
Contributor

@yeshamavani yeshamavani Apr 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@semantic-release/release-notes-generator

Copy link
Copy Markdown
Collaborator Author

@vinaygupta-sourcefuse vinaygupta-sourcefuse Apr 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should i need to revert versions of all @semantic-release/ and what about
@semantic-release/release-notes-generator, need little clarification.

@vinaygupta-sourcefuse
chore(deps): upgraded to latest dependencies, comment resolved
11c49e5 
upgraded to latest dependencies, comment resolved

Gh-161
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud bot commented Apr 16, 2026

SonarQube reviewer guide

Summary: Update loopback4-authorization package dependencies and GitHub workflows with security patches and feature improvements across multiple framework packages.

Review Focus:

  • Significant version bumps for core LoopBack packages (@loopback/core, @loopback/rest, @loopback/boot) and semantic-release plugins (@semantic-release/commit-analyzer, @semantic-release/release-notes-generator)
  • Migration to newer versions of casbin (5.49.0) and simple-git (3.36.0) with potentially breaking API changes
  • Updated build tools including TypeScript (5.2.2 → 5.5.4) and nyc (17.1.0 → 18.0.0)
  • Downgrade of lodash (4.17.21 → 4.18.1) which appears unusual and should be verified

Start review at: package.json. This is where all dependency changes are declared and should be verified first to understand the scope of updates, particularly noting the unusual lodash downgrade and the major version changes in semantic-release plugins that may require config updates.

💬 Please send your feedback

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@yeshamavani yeshamavani merged commit 87e8980 into master Apr 16, 2026
7 checks passed
@yeshamavani yeshamavani deleted the GH-161 branch April 16, 2026 06:40
@yeshamavani
Copy link
Copy Markdown
Contributor

yeshamavani commented Apr 16, 2026

🎉 This PR is included in version 8.1.4 🎉

The release is available on:

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@yeshamavani yeshamavani yeshamavani approved these changes

@Tyagi-Sunny Tyagi-Sunny Tyagi-Sunny approved these changes

Assignees

@vinaygupta-sourcefuse vinaygupta-sourcefuse

Labels

released

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@vinaygupta-sourcefuse @yeshamavani @Tyagi-Sunny