chore: refresh lockfile — in-range dependency updates (zod, vitest, wrangler, workers-types)#28
Open
klappy wants to merge 2 commits into
Open
chore: refresh lockfile — in-range dependency updates (zod, vitest, wrangler, workers-types)#28klappy wants to merge 2 commits into
klappy wants to merge 2 commits into
Conversation
….7, wrangler 4.107.0, workers-types 4.20260702.1) Session: local_8e124453-f3d9-4276-bcb6-dceedf4b605d Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Deploying with
|
| Status | Name | Latest Commit | Preview URL | Updated (UTC) |
|---|---|---|---|---|
| ✅ Deployment successful! View logs |
aquifer-mcp | 2ce7323 | Commit Preview URL Branch Preview URL |
Jul 07 2026, 03:15 AM |
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes using default effort and found 1 potential issue.
Bugbot Autofix prepared a fix for the issue found in the latest run.
- ✅ Fixed: Wrangler twenty-two breaks CI
- Bumped the CI workflow's Node version from 20 to 22 to satisfy wrangler 4.107's
engines.node: >=22.0.0requirement sonpm run buildno longer hard-fails.
- Bumped the CI workflow's Node version from 20 to 22 to satisfy wrangler 4.107's
You can send follow-ups to the cloud agent here.
Reviewed by Cursor Bugbot for commit c26b87a. Configure here.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.

One thought
Routine maintenance-mode hygiene: pull every dependency to the newest version its declared semver range already allows.
package.jsonis untouched — this is a lockfile-only refresh, so nothing here changes what ranges the repo commits to.What moved
Deliberately not moved:
@modelcontextprotocol/sdkstays at its exact pin 1.26.0 (1.29.0 exists; protocol-surface bumps are a captain call per the stewardship charter draft), andagents0.7.9 is already at its range ceiling (0.17.x is out-of-range).npm audit: 0 vulnerabilities before and after.Verified locally:
npm run buildclean; test suite 183/184 — the one failure is the pre-existingtext-alignorg-categorization failure onmain, fixed by #27. CI here will go green once #27 merges and this branch re-runs (or rebase this on main after #27).One next step
Merge after #27.⚠️ Merge auto-deploys prod (Cloudflare Git integration) — lockfile-only change; wrangler/vitest/workers-types are dev-side, zod is the only runtime dep moved and it's a patch-range bump.
Session:
local_8e124453-f3d9-4276-bcb6-dceedf4b605d🤖 Generated with Claude Code
Note
Low Risk
Lockfile and CI runtime changes only; runtime impact is mainly a patch-range zod bump within existing semver ranges.
Overview
Refreshes
package-lock.jsonso in-range dependencies resolve to newer versions (notably zod 4.4.x, vitest 3.2.7, wrangler 4.107.x, @cloudflare/workers-types), with a large set of transitive updates (esbuild 0.28, miniflare/workerd, AI SDK peers, etc.). The lockfile also records package version 1.6.2.CI now runs on Node 22 instead of 20, matching updated Cloudflare tooling that requires Node ≥22 for wrangler/miniflare-related packages.
No application source changes;
package.jsondependency ranges are unchanged (MCP SDK remains pinned at 1.26.0).Reviewed by Cursor Bugbot for commit 2ce7323. Bugbot is set up for automated code reviews on this repo. Configure here.