Skip to content

Bump dependencies and related bug fixes #95

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
k0d13 merged 6 commits into from
Jul 16, 2025
Merged

Bump dependencies and related bug fixes #95

k0d13 merged 6 commits into from
Jul 16, 2025

Conversation

@k0d13
Copy link
Owner

@k0d13 k0d13 commented Jul 16, 2025
edited by coderabbitai bot
Loading

Summary by CodeRabbit

New Features

  • Improved integration of Tailwind CSS with the build toolchain, including optimised CSS handling and dependency tracking.

Bug Fixes

  • User-facing error messages in the Discord bot are now consistently ephemeral, visible only to the user.
  • Minor punctuation and linting directive corrections across the website.

Refactor

  • Updated internal naming conventions and interaction IDs for Discord bot components and modals.
  • Reorganised and clarified event handling in several website and bot components.
  • Enhanced export visibility for several namespaces in website components.

Chores

  • Upgraded numerous dependencies across browser extension, Discord bot, website, and shared packages for improved stability and performance.
  • Updated workspace configuration to manage and allow patched dependencies.

@vercel
Copy link

vercel bot commented Jul 16, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
evaluate ✅ Ready (Inspect) Visit Preview 💬 Add feedback Jul 16, 2025 11:20pm

@coderabbitai
Copy link
Contributor

coderabbitai bot commented Jul 16, 2025
edited
Loading

Walkthrough

This update encompasses dependency upgrades across multiple packages and apps, refactors several custom Vite plugins, and introduces minor code and configuration cleanups. Notably, it replaces the removeImportAttributes Vite plugin with the new replaceJsonImports, updates Discord bot interaction IDs, and exports several TypeScript namespaces for broader accessibility.

Changes

Files/Paths Change Summary
apps/browser-extension/package.json, apps/discord-bot/package.json, apps/website/package.json, packages/components/package.json, packages/hooks/package.json, packages/shapes/package.json, packages/styles/package.json, package.json Upgraded various dependencies and devDependencies, including Babel, Tailwind, Zod, React types, and others. No changes to scripts or exports.
apps/browser-extension/vite-plugins.ts, apps/browser-extension/vite.config.chrome.ts, apps/browser-extension/vite.config.firefox.ts Replaced the removeImportAttributes plugin with the new replaceJsonImports plugin, which now parses and replaces JSON imports with inline JSON content using AST transformations. Updated plugin usage in Vite configs.
apps/browser-extension/src/background/index.ts Added a comment about future refactoring for runtime file name handling. No logic changes.
apps/browser-extension/src/content-script/execution/index.tsx Simplified the Execution component's function signature to a single-line destructuring with inline type annotation.
apps/discord-bot/src/commands/evaluate.ts Removed unused class properties components and modals from EvaluateCommand. Cleaned up imports.
apps/discord-bot/src/components/edit-evaluation-button.ts, apps/discord-bot/src/components/evaluate-modal.ts, apps/discord-bot/src/handlers/evaluate.ts Updated all custom interaction IDs from colon (:) to comma (,), e.g., 'evaluate:new''evaluate,new'. Ensured ephemeral responses for errors and lookup failures.
apps/discord-bot/src/events/application-authorised.ts Changed base class to ApplicationAuthorizedListener, removed explicit type property, and simplified event handling logic.
apps/discord-bot/src/index.ts, apps/discord-bot/src/services/discord.ts Refactored to use the discord service instead of client, exporting the client instance or null. Registered additional UI components and modals.
apps/discord-bot/src/utilities/session-context.ts Expanded getUserContext to accept both APIUser and User types, extracting raw data when needed.
apps/website/next.config.js, apps/website/src/app/(products)/products/browser-extension/page.tsx, apps/website/src/app/(products)/products/discord-bot/page.tsx, apps/website/src/components/material-icon.tsx Added comments to disable or explain lint rules, especially for <img> usage and known Next.js bugs.
apps/website/src/app/(editor)/playgrounds/[playground]/wrapper/mobile.tsx, apps/website/src/components/header/index.tsx Removed stopPropagation() event handlers from certain wrapper divs, allowing event bubbling.
apps/website/src/app/(playgrounds)/playgrounds/playground-card.tsx Reformatted the function signature for multiline clarity; import order adjusted.
apps/website/src/components/editor/execute-bar/index.tsx Reorganized mutation logic to the top of the component and updated dependency arrays for hooks.
apps/website/src/components/editor/opened-files/button.tsx, apps/website/src/components/explorer/file/item.tsx, apps/website/src/components/explorer/folder/item.tsx, apps/website/src/components/explorer/name.tsx, apps/website/src/components/terminal/index.tsx Changed several namespaces to export namespace for broader access. Removed unnecessary role="button" attributes or wrappers.
apps/website/src/components/explorer/use.tsx, apps/website/src/hooks/local-storage.ts Clarified comments for lint disables and hook dependencies. No logic changes.
apps/website/src/components/providers.tsx Added a blank line for formatting.
packages/components/src/button.tsx, packages/components/src/select.tsx, packages/engine/src/execute/arguments.ts Reordered import statements for style or clarity.
packages/components/src/form.tsx Added explicit type annotation to exported Form constant.
packages/helpers/src/create-logger/hex-to-ansi.ts Removed a lint-disable comment. No logic changes.
packages/hooks/src/event-callback.ts Changed useCallback dependency array to [], making the callback stable. Removed lint-disable comment.
packages/styles/src/styles.css Simplified Tailwind CSS import statement.
biome.json Overhauled configuration: switched to includes with negations, added formatter options, restructured linter rules, and moved import organization settings. Removed CSS formatter/linter disablement.
pnpm-workspace.yaml Declared a patch for @tailwindcss/[email protected] and enabled unused patches.
patches/@[email protected] Introduced a custom patch for Tailwind CSS integration with Vite, adding caching, dependency tracking, and source map support via new plugin logic.

Sequence Diagram(s)

sequenceDiagram
    participant Vite as Vite Build
    participant Plugin as replaceJsonImports Plugin
    participant FS as File System

    Vite->>Plugin: Encounters import of JSON file
    Plugin->>FS: Reads JSON file content
    Plugin->>Plugin: Parses & replaces import with inline JSON AST node
    Plugin-->>Vite: Returns transformed code
Loading

Possibly related PRs

  • apteryxxyz/Evaluate#88: Previous dependency bump for apps/browser-extension/package.json, related through similar dependency updates.
  • apteryxxyz/Evaluate#87: Introduced the original removeImportAttributes plugin, which this PR now replaces and refactors.

Suggested labels

apps:browser-extension, apps:discord-bot, apps:website, dependencies, packages:components, packages:hooks

Poem

A rabbit hopped through code so neat,
Upgrading packages, a tidy feat.
Plugins swapped and patches made,
Linting rules now well displayed.
Namespaces exported, imports in line—
With every hop, the code grows fine!
🐇✨

✨ Finishing Touches
  • 📝 Generate Docstrings

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share
🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Explain this complex logic.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai explain this code block.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and explain its main purpose.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai generate docstrings to generate docstrings for this PR.
  • @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

coderabbitai[bot]
coderabbitai bot requested changes Jul 16, 2025
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 8

🔭 Outside diff range comments (1)
apps/website/src/hooks/local-storage.ts (1)

140-144: readValue is missing from the useEffect dependency list

Omitting readValue (or its internal deps) risks stale reads when options, initialValue, or deserializer change, because readValue is recreated via useCallback. The linter-ignore hides a real risk rather than a purely stylistic warning.

-// biome-ignore lint/correctness/useExhaustiveDependencies: _
-useEffect(() => {
-  setStoredValue(readValue());
-}, [key]);
+useEffect(() => {
+  setStoredValue(readValue());
+  // eslint-disable-next-line react-hooks/exhaustive-deps
+}, [key, readValue]);

Alternatively, memoise options upstream so readValue remains referentially stable, then keep [key] only.

♻️ Duplicate comments (4)
apps/website/src/app/(products)/products/browser-extension/page.tsx (4)

53-59: Reiteration of the previous comment for the Edge icon.

73-79: Reiteration of the previous comment for the Opera icon.

93-99: Reiteration of the previous comment for the Brave icon.

114-120: Reiteration of the previous comment for the Firefox icon.

🧹 Nitpick comments (8)
packages/helpers/src/create-logger/hex-to-ansi.ts (1)

24-36: Avoid rebuilding the 256-colour palette on every call

closestAnsiColour recreates the Xterm 256-colour table each invocation (16 base + 216 cube + 24 greyscale). When called frequently (e.g., per-line logging), this allocates ~256 tuples and performs ~216 + 24 pushes every time, which is unnecessary GC churn.

Consider computing the palette once at module load:

-  const colours = [
-    /* 16 base colours … */
-  ] as [number, number, number][];
-
-  // Add 6x6x6 cube colours
-  for (let r1 = 0; r1 < 6; r1++)
-    for (let g1 = 0; g1 < 6; g1++)
-      for (let b1 = 0; b1 < 6; b1++)
-        colours.push([ /* … */ ]);
-
-  // Add greyscale colours
-  for (let i = 0; i < 24; i++)
-    colours.push([ /* … */ ]);
+  const colours = buildPalette(); // memoised outside the function

+function buildPalette(): [number, number, number][] {
+  const out: [number, number, number][] = [
+    /* 16 base colours … */
+  ];
+  // build cube + greyscale …
+  return out;
+}

This reduces per-call overhead to O(256) arithmetic without repeated allocations.

apps/website/src/app/(products)/products/discord-bot/page.tsx (1)

25-30: Prefer next/image over plain <img> for better performance

Disabling the Biome rule works, but you lose automatic optimisation (lazy-loading, responsive sizing, src-set generation, etc.) provided by next/image. Unless next/image is infeasible (e.g. the remote domain isn’t in images.remotePatterns), consider switching:

-{/** biome-ignore lint/performance/noImgElement: Want to use img */}
-<img
-  src="https://assets-global.website-files.com/6257adef93867e50d84d30e2/636e0a6a49cf127bf92de1e2_icon_clyde_blurple_RGB.png"
-  className="w-6"
-  alt="Discord Logo"
-/>
+{/* eslint-disable-next-line @next/next/no-img-element */}
+<Image
+  src="https://assets-global.website-files.com/6257adef93867e50d84d30e2/636e0a6a49cf127bf92de1e2_icon_clyde_blurple_RGB.png"
+  width={24}
+  height={24}
+  alt="Discord Logo"
/>

If keeping <img>, at least add explicit width and height attributes to avoid layout shift.

apps/website/src/components/material-icon.tsx (1)

22-24: Explicit size attributes help CLS when opting out of next/image

Since you’re intentionally using <img>, add fixed width/height (or width={16} height={16} given .size-4) to prevent cumulative layout shift and appease Core Web Vitals.

apps/website/src/app/(products)/products/browser-extension/page.tsx (1)

30-36: Consider next/image (or at least fixed dimensions) for the Chrome icon

Same rationale as the Discord-bot page: next/image yields better perf, fallback is explicit width/height.

apps/website/src/components/explorer/folder/item.tsx (1)

87-88: Good structural cleanup with minor text improvement needed

The removal of wrapper divs and direct use of asChild improves the component structure. However, the screen reader text should reflect that this is a folder, not a file.

-                <span className="sr-only">Rename File</span>
+                <span className="sr-only">Rename Folder</span>
-                <span className="sr-only">Delete File</span>
+                <span className="sr-only">Delete Folder</span>

Also applies to: 99-100

apps/website/src/components/providers.tsx (1)

21-25: Style: constant should live above imports

The blank line forces the import block to start mid-file, which is atypical. Consider moving MAX_RETRIES/HTTP_STATUS_TO_NOT_RETRY below the import section to keep file structure conventional (imports → constants → components).

apps/browser-extension/src/background/index.ts (1)

72-72: Good documentation of future improvement.

The TODO comment clearly identifies a limitation where the filename is hardcoded instead of using a runtime-specific default. This helps track technical debt for future enhancement.

Would you like me to create an issue to track this TODO item for implementing the runtime default filename function?

apps/website/src/components/editor/execute-bar/index.tsx (1)

49-49: Minor typo in comment

The comment has a grammatical error.

-  // biome-ignore lint/correctness/useExhaustiveDependencies: Once trigger once
+  // biome-ignore lint/correctness/useExhaustiveDependencies: Only trigger once
📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 28c0b67 and f6d1b36.

⛔ Files ignored due to path filters (1)
  • pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml
📒 Files selected for processing (47)
  • apps/browser-extension/package.json (1 hunks)
  • apps/browser-extension/src/background/index.ts (1 hunks)
  • apps/browser-extension/src/content-script/execution/index.tsx (1 hunks)
  • apps/browser-extension/vite-plugins.ts (3 hunks)
  • apps/browser-extension/vite.config.chrome.ts (1 hunks)
  • apps/browser-extension/vite.config.firefox.ts (1 hunks)
  • apps/discord-bot/package.json (1 hunks)
  • apps/discord-bot/src/commands/evaluate.ts (1 hunks)
  • apps/discord-bot/src/components/edit-evaluation-button.ts (1 hunks)
  • apps/discord-bot/src/components/evaluate-modal.ts (2 hunks)
  • apps/discord-bot/src/events/application-authorised.ts (1 hunks)
  • apps/discord-bot/src/handlers/evaluate.ts (5 hunks)
  • apps/discord-bot/src/index.ts (4 hunks)
  • apps/discord-bot/src/services/discord.ts (3 hunks)
  • apps/discord-bot/src/utilities/session-context.ts (2 hunks)
  • apps/website/next.config.js (1 hunks)
  • apps/website/package.json (1 hunks)
  • apps/website/src/app/(editor)/playgrounds/[playground]/wrapper/mobile.tsx (2 hunks)
  • apps/website/src/app/(playgrounds)/playgrounds/playground-card.tsx (2 hunks)
  • apps/website/src/app/(products)/products/browser-extension/page.tsx (5 hunks)
  • apps/website/src/app/(products)/products/discord-bot/page.tsx (1 hunks)
  • apps/website/src/components/editor/execute-bar/index.tsx (2 hunks)
  • apps/website/src/components/editor/opened-files/button.tsx (1 hunks)
  • apps/website/src/components/explorer/file/item.tsx (3 hunks)
  • apps/website/src/components/explorer/folder/item.tsx (3 hunks)
  • apps/website/src/components/explorer/name.tsx (1 hunks)
  • apps/website/src/components/explorer/use.tsx (2 hunks)
  • apps/website/src/components/header/index.tsx (1 hunks)
  • apps/website/src/components/material-icon.tsx (1 hunks)
  • apps/website/src/components/providers.tsx (1 hunks)
  • apps/website/src/components/terminal/index.tsx (2 hunks)
  • apps/website/src/hooks/local-storage.ts (2 hunks)
  • biome.json (1 hunks)
  • package.json (1 hunks)
  • packages/components/package.json (1 hunks)
  • packages/components/src/button.tsx (1 hunks)
  • packages/components/src/form.tsx (1 hunks)
  • packages/components/src/select.tsx (1 hunks)
  • packages/engine/src/execute/arguments.ts (1 hunks)
  • packages/helpers/src/create-logger/hex-to-ansi.ts (1 hunks)
  • packages/hooks/package.json (1 hunks)
  • packages/hooks/src/event-callback.ts (1 hunks)
  • packages/shapes/package.json (1 hunks)
  • packages/styles/package.json (1 hunks)
  • packages/styles/src/styles.css (1 hunks)
  • patches/@[email protected] (1 hunks)
  • pnpm-workspace.yaml (1 hunks)
🧰 Additional context used
🧬 Code Graph Analysis (5)
apps/website/src/components/editor/opened-files/button.tsx (2)
apps/website/src/components/explorer/file/item.tsx (1)
  • Props (19-22)
apps/website/src/components/explorer/name.tsx (1)
  • Props (21-25)
apps/website/src/components/explorer/file/item.tsx (4)
apps/website/src/components/editor/opened-files/button.tsx (1)
  • Props (11-14)
apps/website/src/components/explorer/folder/item.tsx (1)
  • Props (27-29)
apps/website/src/components/explorer/name.tsx (1)
  • Props (21-25)
apps/website/src/components/terminal/index.tsx (1)
  • Props (24-26)
apps/browser-extension/vite.config.firefox.ts (1)
apps/browser-extension/vite-plugins.ts (1)
  • replaceJsonImports (50-86)
apps/website/src/components/editor/execute-bar/index.tsx (3)
apps/website/src/components/terminal/use.tsx (1)
  • useTerminal (22-26)
packages/engine/src/execute/fetch.ts (1)
  • executeCode (17-60)
packages/components/src/toast.tsx (1)
  • toast (31-31)
apps/discord-bot/src/events/application-authorised.ts (2)
apps/discord-bot/src/services/posthog.ts (1)
  • captureEvent (35-108)
apps/discord-bot/src/utilities/session-context.ts (1)
  • getUserContext (22-30)
🔇 Additional comments (61)
apps/website/src/hooks/local-storage.ts (1)

4-5: Import change looks good

Re-ordering to group all React imports together keeps things consistent with common style guides.

apps/website/src/components/header/index.tsx (1)

136-136: Good change to improve event propagation.

Removing the event handlers from this div allows events to properly bubble up to the SheetBody's onClick handler at line 134, which maintains the intended sheet closing behaviour whilst improving event flow consistency.

apps/website/src/app/(editor)/playgrounds/[playground]/wrapper/mobile.tsx (1)

23-23: Good improvement to event propagation.

Removing the event handlers from these divs allows events to properly bubble up to the SheetBody onClick handlers, maintaining the intended sheet closing behaviour whilst improving event flow consistency with the header component changes.

Also applies to: 35-35

apps/website/src/components/editor/opened-files/button.tsx (1)

10-16: LGTM: Namespace export enables external type access

Exporting the namespace makes the Props interface available for external consumption, which is consistent with the pattern applied across other components in this PR.

apps/website/src/components/terminal/index.tsx (1)

23-27: LGTM: Namespace export for external accessibility

Exporting the namespace follows the consistent pattern applied across components in this PR.

apps/website/src/components/explorer/name.tsx (1)

20-26: LGTM: Consistent namespace export pattern

The namespace export aligns with the coordinated changes across explorer components, enabling external access to type definitions.

apps/website/src/components/explorer/file/item.tsx (2)

18-24: LGTM: Namespace export for type accessibility

Consistent with the pattern across explorer components to enable external access to Props interfaces.

61-64: Good cleanup: Removed redundant role attributes

Removing role="button" from the div wrappers is correct since the Button component with asChild prop already provides the proper button semantics. This eliminates redundant ARIA declarations.

Also applies to: 75-78

apps/website/src/components/explorer/folder/item.tsx (1)

26-30: LGTM: Consistent namespace export

Follows the established pattern across explorer components for external type access.

packages/hooks/package.json (1)

18-20: Dependency bump looks good

The dev-dependency upgrade to @types/react@^19.1.8 is non-breaking and keeps versions in sync with the other packages. No further action needed.

packages/shapes/package.json (1)

18-20: Major-version upgrade of zod needs validation

Jumping from 3.x4.0.5 is a breaking change. Please run the full type-check/test suite (or at least grep for removed APIs such as ZodOptionalType._def) to confirm no runtime or typing regressions were introduced.

packages/components/src/select.tsx (1)

5-10: Minor import reorder only

Swapping ChevronsUpDownIcon and ChevronUpIcon has no functional impact. All usages still compile.

packages/engine/src/execute/arguments.ts (1)

1-1: Import re-ordering is harmless

Re-ordering longShortStrategy ahead of Parser is style-only and still aligns with usage below.

packages/components/src/button.tsx (1)

2-2: LGTM! Import reordering looks good.

This cosmetic change improves consistency by placing runtime imports before type-only imports.

package.json (2)

20-20: LGTM! Safe @types/node patch update.

The @types/node update from ^22.14.1 to ^22.16.4 is a safe patch version bump.

18-18: Safe upgrade: Biome v2.1.1 compatibility verified

The existing biome.json schema and CLI commands remain unchanged under v2.1.1, and your lint/format scripts continue to work as expected.

biome.json found and references the v2 schema
pnpm biome check --help lists the same flags and usage
lint & format scripts in package.json still invoke biome check . --write without errors

No further changes needed.

packages/styles/package.json (1)

11-12: LGTM! Safe dependency version bumps.

Both dependency updates follow semantic versioning:

  • tailwindcss patch update (^4.1.4 → ^4.1.11) should be backwards compatible
  • tw-animate-css minor update (^1.2.5 → ^1.3.5) maintains API compatibility

These align well with the coordinated Tailwind updates across the monorepo mentioned in the AI summary.

packages/hooks/src/event-callback.ts (1)

23-25: LGTM! Correct performance optimisation.

Changing the dependency array from [ref] to [] is a valid optimisation. The ref object returned by useRef is stable across renders, and since the callback accesses ref.current at call time (not creation time), there's no need to recreate the callback when the ref object changes.

This eliminates unnecessary callback recreations while maintaining the same functionality.

apps/discord-bot/package.json (4)

21-21: LGTM! Safe minor version bump for @buape/carbon.

The update from 0.7.0 to 0.9.0 is a minor version change that should maintain backwards compatibility.

25-25: LGTM! Safe minor version bump for @t3-oss/env-core.

The update from ^0.12.0 to ^0.13.8 follows semantic versioning and should be backwards compatible.

27-27: LGTM! Safe patch version bump for es-toolkit.

The update from ^1.34.1 to ^1.39.7 is a patch version change that should be safe.

28-29: Verify API compatibility for posthog-node v5 and Zod v4

apps/discord-bot/package.json:

    "posthog-node": "^5.5.1",
    "zod": "4.0.5"

Key areas to double-check:

  • services/posthog.ts
    • Instantiation: new PostHog(env.POSTHOG_KEY!, { host, flushAt, flushInterval, persistence })
    • Method calls: posthog.capture(...) and posthog.shutdown()
    Confirm these options and methods haven’t been renamed or removed in v5.

  • apps/discord-bot/src/env.ts (via createEnv)
    • Schema definitions: z.url().transform(...), z.string().optional(), .array(), etc.
    Ensure these Zod v4 APIs still behave as expected when parsing runtime and server env variables.

packages/components/src/form.tsx (1)

16-16: Excellent type safety improvement!

Adding the explicit type annotation ensures Form maintains the exact same type as FormProvider, preventing potential type drift and making the type relationship explicit. This is a solid defensive programming practice.

packages/components/package.json (1)

19-40: Run vulnerability audit with a lockfile in place

  • packages/components/package.json
    • @radix-ui/[email protected] and @radix-ui/[email protected] were last modified on 10 July 2025 (recent stable releases).
    [email protected] peer-dependency supports React ^16.8.0 – ^19, so React ^19.1.0 is compatible.
  • No lockfile detected, so npm audit could not run.

Action: Commit your lockfile (package-lock.json or yarn.lock) and re-run npm audit --audit-level moderate to ensure there are no known vulnerabilities before merging.

apps/website/src/app/(playgrounds)/playgrounds/playground-card.tsx (2)

16-16: Good import organisation improvement.

Reordering the import to place the type import after the function import improves readability and follows common TypeScript conventions.

29-32: Nice readability improvement with multiline props type.

Converting the inline props type to a multiline object type annotation significantly improves readability, especially for components with multiple props. This is a great formatting choice.

apps/website/package.json (1)

14-65: All dependency updates are compatible.

  • No peer dependency warnings were reported.
  • React (^19.1.0) satisfies @tanstack/react-query’s ^18 || ^19 requirement.
  • @uiw/react-codemirror’s peer deps (React ≥16.8.0, React-DOM ≥16.8.0) are met.
  • Next.js is correctly pinned at 15.3.5 per the config’s “15.4.x bug” note.

No further action required.

apps/website/next.config.js (1)

1-2: Next.js issue #81628 is still open
The referenced GitHub issue remains open, so retaining the TODO comment and locking the version is appropriate. We can revisit and remove this TODO once the issue is resolved.

apps/website/src/components/explorer/use.tsx (1)

33-33: Good improvement to code documentation.

The updated biome-ignore comments provide clearer context for why exhaustive dependencies are intentionally omitted in these hooks, improving code readability and maintainability.

Also applies to: 103-103

biome.json (4)

3-11: Improved file inclusion pattern.

The change from ignore patterns to explicit includes with negations provides clearer control over which files are processed by biome.

24-41: Well-organised linter rule structure.

The categorisation of linter rules into specific groups (a11y, complexity, correctness, etc.) improves maintainability and makes it easier to understand which rules are configured.

43-49: Correct placement for organizeImports setting.

Moving organizeImports to assist.actions.source with the value "on" aligns with the proper biome configuration schema.

17-18: Verify “expand”: “auto” support in your Biome version

I wasn’t able to find the "expand" option in any of the local Biome JSON schemas under node_modules. Before merging, please:

  • Confirm your installed Biome version (npx biome --version) and check its official docs or changelog for the "expand" formatter setting
  • If it isn’t supported, remove the "expand": "auto" entry or upgrade Biome to a version that introduces it
packages/styles/src/styles.css (1)

1-1: Simplified Tailwind CSS import aligns with build updates.

Removing the source(none) directive is consistent with the build tooling improvements mentioned in the PR. The updated Vite plugins should handle Tailwind imports properly without this directive.

apps/browser-extension/vite.config.chrome.ts (1)

10-10: Appropriate plugin replacement for improved JSON import handling.

The replacement of removeImportAttributes with replaceJsonImports aligns with the build tooling improvements in this PR. The new plugin should provide better handling of JSON imports by inlining content rather than just removing attributes.

Also applies to: 16-16

apps/discord-bot/src/components/edit-evaluation-button.ts (1)

9-9: LGTM: Custom ID separator updated consistently.

The change from colon to comma separator in the custom ID aligns with the broader standardisation effort across the Discord bot components.

apps/browser-extension/vite.config.firefox.ts (1)

10-10: LGTM: Plugin upgrade improves JSON import handling.

The replacement of removeImportAttributes with replaceJsonImports is a good improvement. The new plugin uses proper AST parsing instead of regex manipulation, making it more robust and maintainable.

Also applies to: 16-16

apps/discord-bot/src/components/evaluate-modal.ts (1)

14-14: LGTM: Custom ID separators updated consistently.

Both modal classes have been updated to use comma separators instead of colons, maintaining consistency with the broader Discord bot component standardisation effort.

Also applies to: 47-47

apps/discord-bot/src/commands/evaluate.ts (1)

9-9: LGTM: Component registration centralised properly.

Removing the unused imports simplifies the command class and aligns with the refactoring that centralises component registration in the Discord service layer.

apps/discord-bot/src/services/discord.ts (4)

3-7: LGTM - Clean component imports

The addition of UI component imports aligns well with the service restructuring to centralise component registration.

32-32: LGTM - Proper component registration

Adding EditEvaluationButton to the components array follows the correct Carbon framework pattern for UI component registration.

39-39: LGTM - Service export refactoring

Exporting the client instance directly instead of a boolean flag provides better encapsulation and simplifies usage in the main handler.

36-37: Verify null safety for modal registration

The modal registration loop doesn't check if client is null before calling modalHandler.registerModal(), which could cause runtime errors when Discord environment variables are missing.

Apply this diff to add proper null safety:

-for (const modal of [new EvaluateModal(), new EvaluateModalEdit()])
-  client?.modalHandler.registerModal(modal);
+if (client) {
+  for (const modal of [new EvaluateModal(), new EvaluateModalEdit()])
+    client.modalHandler.registerModal(modal);
+}

Likely an incorrect or invalid review comment.

apps/browser-extension/package.json (2)

30-30: No further zod v4 changes required

All zod usage in apps/browser-extension/src/env.ts has been updated to v4 (importing from ‘zod/v4’ and using z.url(), z.string().min(1).optional(), etc.). No other zod imports or parsing calls were found in the extension. No breaking‐change fixes are needed.

21-21: @t3-oss/env-core 0.13.8 compatibility verified

The only breaking change in the 0.13.x line is that validators must now implement the Standard Schema interface (instead of Zod-only). Since your code still uses Zod v4 schemas with createEnv exactly as before, it continues to work without modification.

• apps/browser-extension/src/env.ts: continues to import Zod and call createEnv({ … })—no update needed.

apps/browser-extension/src/content-script/execution/index.tsx (1)

8-8: LGTM - Clean parameter declaration

The consolidation of the function parameter destructuring and type annotation to a single line improves readability whilst maintaining the same functionality and type safety.

apps/discord-bot/src/utilities/session-context.ts (1)

22-22: LGTM - Flexible parameter typing

Expanding the parameter type to support both raw API data and wrapped User instances provides good flexibility for the updated @buape/carbon integration.

apps/discord-bot/src/index.ts (3)

2-4: LGTM - Explicit .js extensions

Adding explicit .js extensions to imports improves ES module compatibility and aligns with modern JavaScript standards.

7-7: LGTM - Consistent service reference

The update to use the discord service reference aligns well with the service restructuring in discord.ts.

52-52: Verify external eventHandler.handleEvent signature
I couldn’t find a local definition of handleEvent—it’s provided by the @buape/carbon Client. Please confirm that in the version you’re using, eventHandler.handleEvent accepts two arguments (event, event.type).
• Ensure the Client (from @buape/carbon) eventHandler.handleEvent method signature matches this call
• If it only accepts one parameter, update the call or upgrade the library accordingly

apps/discord-bot/src/handlers/evaluate.ts (3)

27-27: Consistent interaction ID format update

The change from colon (:) to comma (,) separators in custom IDs aligns with the broader refactoring across the Discord bot components.

Also applies to: 30-30, 37-37, 41-41

74-74: Verify the reflection pattern usage

The use of Reflect.set to modify the interaction's custom_id is unconventional. This modifies the raw data object directly, which could have unintended side effects.

Consider using a more explicit approach or documenting why this reflection pattern is necessary here.

83-92: Good addition of ephemeral flags for error messages

Adding MessageFlags.Ephemeral to error responses ensures that error messages are only visible to the user who triggered the interaction, preventing unnecessary clutter in the channel.

apps/website/src/components/editor/execute-bar/index.tsx (2)

57-87: Good code organisation improvement

Moving the mutation setup closer to the component top improves readability by grouping related state management logic together.

123-123: Correct dependency array update

Adding mutate to the dependency array ensures the callback is updated when the mutation function changes, preventing potential stale closures.

apps/discord-bot/src/events/application-authorised.ts (3)

2-3: Improved type safety with specific listener class

Using the specific ApplicationAuthorizedListener base class instead of generic Listener provides better type safety and removes the need for explicit type declaration.

Also applies to: 9-9

11-11: Correct TypeScript syntax for indexed types

The change from angle brackets to square brackets is the correct TypeScript syntax for accessing indexed types.

13-22: Verify ApplicationAuthorisedListener conditions

Please double-check that the new data.guild and data.user properties exactly correspond to the previous integration_type values for the ApplicationAuthorized webhook payload. Confirm in the ListenerEventData[ApplicationWebhookEventType.ApplicationAuthorized] definition (from @buape/carbon) that:

  • data.guild is present only when the install is a guild integration
  • data.user is present only when the install is a user integration

If those mappings hold true, the refactored condition is safe to approve.

apps/browser-extension/vite-plugins.ts (2)

1-2: Required imports for file operations

The addition of Node.js fs and path modules is necessary for the new JSON file reading functionality.

Also applies to: 6-6

23-25: AST parsing configuration update

Good addition of required Babel plugins for parsing modern JavaScript/TypeScript syntax.

patches/@[email protected] (1)

6-7: Defensive optional chaining for css.devSourcemap

The devSourcemap flag in @tailwindcss/vite controls whether CSS source maps are generated in development builds. Because users may not define a css block in their Vite config (leaving config.css undefined), adding ?. ensures we don’t throw if css isn’t present.

• File: patches/@[email protected]
• Lines: 6–7 (changed e?.css.devSourcemap to e?.css?.devSourcemap)

This change is appropriate and can be merged.

k0d13
k0d13 commented Jul 16, 2025
View reviewed changes
@k0d13 @coderabbitai
Apply suggestions from code review
9c80648 
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
coderabbitai[bot]
coderabbitai bot requested changes Jul 16, 2025
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

♻️ Duplicate comments (1)
apps/browser-extension/vite-plugins.ts (1)

69-70: Path validation implementation looks good.

The security validation follows the user's preferred formatting style without braces and provides appropriate protection against path traversal attacks.

🧹 Nitpick comments (1)
apps/browser-extension/vite-plugins.ts (1)

47-49: Update the JSDoc comment to match the implementation.

The comment mentions "JSON imports with attributes" but the implementation handles any JSON imports, not specifically those with import attributes.

-/**
- * Vite plugin to inline JSON imports with attributes as const declarations.
- */
+/**
+ * Vite plugin to inline JSON imports as const declarations.
+ */
📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between f6d1b36 and 9c80648.

📒 Files selected for processing (3)
  • apps/browser-extension/vite-plugins.ts (3 hunks)
  • apps/website/src/app/(editor)/playgrounds/[playground]/wrapper/mobile.tsx (2 hunks)
  • apps/website/src/components/terminal/index.tsx (1 hunks)
🚧 Files skipped from review as they are similar to previous changes (2)
  • apps/website/src/components/terminal/index.tsx
  • apps/website/src/app/(editor)/playgrounds/[playground]/wrapper/mobile.tsx
🧰 Additional context used
🧠 Learnings (2)
📓 Common learnings 
Learnt from: apteryxxyz
PR: apteryxxyz/Evaluate#95
File: apps/browser-extension/vite-plugins.ts:69-69
Timestamp: 2025-07-16T23:10:33.941Z
Learning: In the Evaluate codebase, apteryxxyz prefers to let errors throw naturally in internal Vite plugins rather than adding explicit error handling, as it's acceptable for development tooling to fail fast and surface errors clearly.

Learnt from: apteryxxyz
PR: apteryxxyz/Evaluate#95
File: apps/browser-extension/vite-plugins.ts:50-86
Timestamp: 2025-07-16T23:10:36.498Z
Learning: User apteryxxyz prefers if statements without braces when there's a single statement, formatting them as:
if (condition)
  statement;
instead of using curly braces around the statement.
apps/browser-extension/vite-plugins.ts (3) 
Learnt from: apteryxxyz
PR: apteryxxyz/Evaluate#95
File: apps/browser-extension/vite-plugins.ts:69-69
Timestamp: 2025-07-16T23:10:33.941Z
Learning: In the Evaluate codebase, apteryxxyz prefers to let errors throw naturally in internal Vite plugins rather than adding explicit error handling, as it's acceptable for development tooling to fail fast and surface errors clearly.

Learnt from: apteryxxyz
PR: apteryxxyz/Evaluate#95
File: packages/helpers/src/create-logger/hex-to-ansi.ts:40-45
Timestamp: 2025-07-16T23:10:34.848Z
Learning: The maintainer apteryxxyz is okay with using the comma operator in conditional statements like `if (condition) (assignment1), (assignment2);` in the Evaluate codebase, as seen in packages/helpers/src/create-logger/hex-to-ansi.ts.

Learnt from: apteryxxyz
PR: apteryxxyz/Evaluate#95
File: apps/browser-extension/vite-plugins.ts:50-86
Timestamp: 2025-07-16T23:10:36.498Z
Learning: User apteryxxyz prefers if statements without braces when there's a single statement, formatting them as:
if (condition)
  statement;
instead of using curly braces around the statement.
🔇 Additional comments (3)
apps/browser-extension/vite-plugins.ts (3)

1-2: LGTM: Clean import additions for new functionality.

The addition of Node.js filesystem imports and namespace import for Babel types properly supports the new JSON inlining functionality.

Also applies to: 6-6, 8-8

23-36: LGTM: Consistent usage of namespace imports.

The updates to use t.isArrowFunctionExpression, t.isBlockStatement, t.isIfStatement, and t.isReturnStatement align well with the new namespace import pattern for Babel types.

77-77: Ignore suggestion: t.valueToNode handles JSON.parse values

JSON.parse only produces primitives, arrays, nested objects and null—all of which @babel/types’ valueToNode supports. No additional tests are required.

Likely an incorrect or invalid review comment.

@k0d13 k0d13 merged commit 8320101 into main Jul 16, 2025
4 checks passed
@k0d13 k0d13 deleted the chores branch July 17, 2025 19:10
This was referenced Oct 18, 2025
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] approved these changes

Assignees

No one assigned

Labels

apps:browser-extension apps:discord-bot apps:website dependencies Dependency updates!! packages:components packages:hooks

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@k0d13