Skip to content

chore: refresh lockfile — in-range dependency updates (zod, vitest, wrangler, workers-types)#28

Open
klappy wants to merge 2 commits into
mainfrom
chore/in-range-dep-updates-2026-07-07
Open

chore: refresh lockfile — in-range dependency updates (zod, vitest, wrangler, workers-types)#28
klappy wants to merge 2 commits into
mainfrom
chore/in-range-dep-updates-2026-07-07

Conversation

@klappy

@klappy klappy commented Jul 7, 2026

Copy link
Copy Markdown
Owner

One thought

Routine maintenance-mode hygiene: pull every dependency to the newest version its declared semver range already allows. package.json is untouched — this is a lockfile-only refresh, so nothing here changes what ranges the repo commits to.

What moved

Package From To
zod 4.3.6 4.4.3
vitest 3.2.4 3.2.7
wrangler 4.74.0 4.107.0
@cloudflare/workers-types 4.20260316.1 4.20260702.1

Deliberately not moved: @modelcontextprotocol/sdk stays at its exact pin 1.26.0 (1.29.0 exists; protocol-surface bumps are a captain call per the stewardship charter draft), and agents 0.7.9 is already at its range ceiling (0.17.x is out-of-range). npm audit: 0 vulnerabilities before and after.

Verified locally: npm run build clean; test suite 183/184 — the one failure is the pre-existing text-align org-categorization failure on main, fixed by #27. CI here will go green once #27 merges and this branch re-runs (or rebase this on main after #27).

One next step

Merge after #27. ⚠️ Merge auto-deploys prod (Cloudflare Git integration) — lockfile-only change; wrangler/vitest/workers-types are dev-side, zod is the only runtime dep moved and it's a patch-range bump.

Session: local_8e124453-f3d9-4276-bcb6-dceedf4b605d

🤖 Generated with Claude Code


Note

Low Risk
Lockfile and CI runtime changes only; runtime impact is mainly a patch-range zod bump within existing semver ranges.

Overview
Refreshes package-lock.json so in-range dependencies resolve to newer versions (notably zod 4.4.x, vitest 3.2.7, wrangler 4.107.x, @cloudflare/workers-types), with a large set of transitive updates (esbuild 0.28, miniflare/workerd, AI SDK peers, etc.). The lockfile also records package version 1.6.2.

CI now runs on Node 22 instead of 20, matching updated Cloudflare tooling that requires Node ≥22 for wrangler/miniflare-related packages.

No application source changes; package.json dependency ranges are unchanged (MCP SDK remains pinned at 1.26.0).

Reviewed by Cursor Bugbot for commit 2ce7323. Bugbot is set up for automated code reviews on this repo. Configure here.

….7, wrangler 4.107.0, workers-types 4.20260702.1)

Session: local_8e124453-f3d9-4276-bcb6-dceedf4b605d

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
@klappy klappy self-assigned this Jul 7, 2026
@cloudflare-workers-and-pages

cloudflare-workers-and-pages Bot commented Jul 7, 2026

Copy link
Copy Markdown

Deploying with  Cloudflare Workers  Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status Name Latest Commit Preview URL Updated (UTC)
✅ Deployment successful!
View logs
aquifer-mcp 2ce7323 Commit Preview URL

Branch Preview URL
Jul 07 2026, 03:15 AM

@cursor cursor Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cursor Bugbot has reviewed your changes using default effort and found 1 potential issue.

Fix All in Cursor

Bugbot Autofix prepared a fix for the issue found in the latest run.

  • ✅ Fixed: Wrangler twenty-two breaks CI
    • Bumped the CI workflow's Node version from 20 to 22 to satisfy wrangler 4.107's engines.node: >=22.0.0 requirement so npm run build no longer hard-fails.

You can send follow-ups to the cloud agent here.

Reviewed by Cursor Bugbot for commit c26b87a. Configure here.

Comment thread package-lock.json
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants