Conversation
There was a problem hiding this comment.
Pull request overview
This PR updates workspace and app dependencies to address direct vulnerability advisories, aligns shared catalog versions, and keeps the Next.js homepage theme demo compatible with the upgraded dependencies.
Changes:
- Bump workspace catalog/tooling versions (Storybook ecosystem, localflare, wrangler, workers types) and root pnpm version metadata
- Update Next.js homepage app dependencies (Next, OpenNext Cloudflare, eslint-config-next)
- Remove deprecated
@types/diffand adjust the theme demo page to avoid a stale config field
Reviewed changes
Copilot reviewed 6 out of 7 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
| pnpm-workspace.yaml | Aligns shared catalog dependency versions across the monorepo. |
| package.json | Updates pinned pnpm version and packageManager metadata. |
| apps/ottabase-template-app-tanstack/package.json | Removes deprecated @types/diff dependency. |
| apps/ottabase-template-app-nextjs-homepage/package.json | Upgrades Next/OpenNext-related dependencies for the homepage app. |
| apps/ottabase-template-app-nextjs-homepage/app/theme-demo/page.tsx | Adjusts theme demo display to use a supported config field. |
| README.md | Updates pnpm prerequisite and adds corepack setup instruction. |
| const { config } = useBrand(); | ||
| const themeName = config?.brandName || 'Current theme'; |
There was a problem hiding this comment.
Using || will replace valid falsy values (e.g., an intentionally-empty brandName of "") with the fallback. If the intent is only to fall back when the value is null/undefined, prefer nullish coalescing (??) or compute after the if (!config) guard and use config.brandName with ??.
| </div> | ||
|
|
||
| <h1 className="font-heading text-4xl font-bold text-foreground">Theme Demo: {config.themeBase}</h1> | ||
| <h1 className="font-heading text-4xl font-bold text-foreground">Theme Demo: {themeName}</h1> |
There was a problem hiding this comment.
Using || will replace valid falsy values (e.g., an intentionally-empty brandName of "") with the fallback. If the intent is only to fall back when the value is null/undefined, prefer nullish coalescing (??) or compute after the if (!config) guard and use config.brandName with ??.
|
|
||
| - **Node.js**: `>=24.0.0` | ||
| - **pnpm**: `>=10.0.0` | ||
| - **pnpm**: `10.32.1` |
There was a problem hiding this comment.
The README now pins pnpm to an exact version, but the repo metadata still allows a broader range (engines.pnpm is >=10.0.0). To avoid confusing setup instructions, consider aligning these: either keep README as a minimum requirement (and rely on packageManager for the exact version), or update engines.pnpm to match the documented/pinned version. Also, corepack enable pnpm enables pnpm but doesn’t ensure the specific pnpm version is activated; consider documenting the Corepack step that activates the repo’s packageManager version explicitly.
|
|
||
| ```bash | ||
| # Install | ||
| corepack enable pnpm |
There was a problem hiding this comment.
The README now pins pnpm to an exact version, but the repo metadata still allows a broader range (engines.pnpm is >=10.0.0). To avoid confusing setup instructions, consider aligning these: either keep README as a minimum requirement (and rely on packageManager for the exact version), or update engines.pnpm to match the documented/pinned version. Also, corepack enable pnpm enables pnpm but doesn’t ensure the specific pnpm version is activated; consider documenting the Corepack step that activates the repo’s packageManager version explicitly.
Summary
@types/diffand fix the Next theme demo to keep the upgraded build greenAffected packages/apps
apps/ottabase-template-app-nextjs-homepageapps/ottabase-template-app-tanstackpackage.json,pnpm-workspace.yaml,pnpm-lock.yaml,README.md)Testing
pnpm installpnpm --filter @ottabase/ottabase-template-app-nextjs-homepage buildpnpm --filter @ottabase/ottabase-template-app-nextjs-homepage test -- --runpnpm --filter @ottabase/ottabase-template-app-tanstack test -- --runpnpm audit --jsonpnpm outdated -r --no-tableNotes
pnpm --filter @ottabase/ottabase-template-app-nextjs-homepage type-checkpreviously failed on a staleconfig.themeBasereference inapp/theme-demo/page.tsx; this PR updates that page to use a supported field so the build/type-check path remains green.pnpm --filter @ottabase/ottabase-template-app-tanstack type-checkstill reports pre-existing repo issues unrelated to these dependency changes, so verification for that app relied on its passing Vitest suite instead.localflareand the TanStack app's Vite/esbuild chain, and were intentionally left out of this minimal safe tranche.