Skip to content

Update deps #522

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
ryanbas21 wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Update deps #522

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
dbaa265
chore: updates-dependencies
ryanbas21 Jan 14, 2026
5284f83
chore: another-dependency-upgrade
ryanbas21 Jan 14, 2026
2ae02ac
chore: express-5-fixes
ryanbas21 Jan 14, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions e2e/am-mock-api/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,10 +9,10 @@
"main": "./index.js",
"dependencies": {
"@types/express": "^4.17.17",
"body-parser": "^2.2.0",
"body-parser": "^2.2.2",
"cookie-parser": "^1.4.7",
"cors": "^2.8.5",
"express": "^4.21.2",
"express": "^5.2.1",
Comment on lines 11 to +15
Copy link

@coderabbitai coderabbitai bot Jan 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🌐 Web query:

Express 5.0 TypeScript types @types/express compatibility

💡 Result:

Short answer: Use the @types/express v5.x types (from DefinitelyTyped). They are published and intended to match Express 5; install express@5 (or express@next) and @types/express@^5 (and the related @types packages such as @types/express-serve-static-core, @types/body-parser) to get compatible TypeScript definitions. [1][2][4]

Notes / gotchas:

  • @types/express v5 is maintained on DefinitelyTyped and has multiple 5.x releases — pick a 5.x tag that matches your setup (npm shows current 5.x releases). [1][2][7]
  • Some handler signatures changed/are stricter (you may see TS errors for middleware/error-handler overloads); follow the Express v4→v5 migration discussion and update your handler types accordingly. [6][3]
  • Ensure all related @types packages (express-serve-static-core, body-parser, serve-static, qs) are compatible versions. The @types/express package depends on those. [1][5]

Example install:
npm install express@5 @types/express --save
(or npm install express@next && npm i -D @types/express)

Sources:
[1] @types/express (npm package info, 5.x).
[2] @types/express (npm v5.0.3 page).
[3] TypeScript + Express setup / guidance (tutorial).
[4] @types/express npm listing (overview).
[5] @types/express release details (versions).
[6] Express v4 -> v5 Migration discussion (expressjs/express issue).

🏁 Script executed:

# Check npm registry for `@types/express` version availability
npm search `@types/express` --json 2>/dev/null | jq '.[] | {name, version: .version}' | head -20

Repository: ForgeRock/ping-javascript-sdk

Length of output: 202

Update @types/express to v5.x for Express 5 compatibility.

@types/express at ^4.17.17 is incompatible with Express 5.x. Express 5 has significant API changes, and the v4 types will cause type errors and mask breaking changes.

Update to @types/express@^5.0.0. Additionally, ensure related @types packages (@types/express-serve-static-core, @types/body-parser, @types/serve-static) are also compatible v5.x versions. Note that some Express 5 handler signatures are stricter and may require code updates.

Proposed fix 
-    "@types/express": "^4.17.17",
+    "@types/express": "^5.0.0",
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
"@types/express": "^4.17.17",
"body-parser": "^2.2.0",
"body-parser": "^2.2.2",
"cookie-parser": "^1.4.7",
"cors": "^2.8.5",
"express": "^4.21.2",
"express": "^5.2.1",
"@types/express": "^5.0.0",
"body-parser": "^2.2.2",
"cookie-parser": "^1.4.7",
"cors": "^2.8.5",
"express": "^5.2.1",
🤖 Prompt for AI Agents 
In `@e2e/am-mock-api/package.json` around lines 11 - 15, Update the type packages
to be compatible with Express 5: replace the dependency version string for
"@types/express" from "^4.17.17" to "^5.0.0" and add or bump related type
packages "@types/express-serve-static-core", "@types/body-parser", and
"@types/serve-static" to their v5-compatible versions (e.g., "^5.0.0") in
package.json; after updating, run install and compile to surface stricter
handler signature errors and then update any Express handler types/usages in
your codebase to match the Express 5 handler signatures referenced by the new
"@types/*" packages.

"superagent": "^10.2.3",
"uuid": "^13.0.0"
}
Expand Down
4 changes: 2 additions & 2 deletions e2e/am-mock-api/src/app/routes.resource.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ async function authorization(req, res, next) {

export default function (app) {
// Passthrough route that enforces authentication
app.all('/resource/*', async (req, res, next) => {
app.all('/resource/{*splat}', async (req, res, next) => {
if (env.NODE_ENV === 'LIVE' && req.hostname === FORGEOPS) {
// Only enforce authentication if IG is not used
// In other words, the call comes directly from app
Expand Down Expand Up @@ -156,7 +156,7 @@ export default function (app) {
}
});

app.get('/resource/rest/*', wait, authorization, async (req, res) => {
app.get('/resource/rest/{*splat}', wait, authorization, async (req, res) => {
if (env.NODE_ENV === 'live') {
if (req.access.actions && req.access.actions.GET) {
res.json({ message: 'Successfully retrieved resource!' });
Expand Down
9 changes: 0 additions & 9 deletions e2e/davinci-app/tsconfig.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,15 +14,6 @@
"skipLibCheck": true
},
"references": [
{
"path": "../../packages/sdk-effects/logger"
},
{
"path": "../../packages/protect"
},
{
"path": "../../packages/davinci-client"
},
{
"path": "./tsconfig.app.json"
},
Expand Down
3 changes: 0 additions & 3 deletions e2e/device-client-app/tsconfig.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,9 +3,6 @@
"files": [],
"include": [],
"references": [
{
"path": "../../packages/device-client"
},
{
"path": "./tsconfig.app.json"
}
Expand Down
12 changes: 0 additions & 12 deletions e2e/journey-app/tsconfig.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,18 +14,6 @@
"skipLibCheck": true
},
"references": [
{
"path": "../../packages/sdk-effects/logger"
},
{
"path": "../../packages/oidc-client"
},
{
"path": "../../packages/protect"
},
{
"path": "../../packages/journey-client"
},
{
"path": "./tsconfig.app.json"
},
Expand Down
3 changes: 0 additions & 3 deletions e2e/oidc-app/tsconfig.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,9 +3,6 @@
"files": [],
"include": [],
"references": [
{
"path": "../../packages/oidc-client"
},
{
"path": "./tsconfig.app.json"
}
Expand Down
3 changes: 0 additions & 3 deletions e2e/protect-app/tsconfig.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,9 +16,6 @@
"skipLibCheck": true
},
"references": [
{
"path": "../../packages/protect"
},
{
"path": "./tsconfig.app.json"
},
Expand Down
8 changes: 7 additions & 1 deletion nx.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -126,7 +126,6 @@
"buildTargetName": "nxBuild",
"serveTargetName": "nxServe",
"previewTargetName": "nxPreview",
"testTargetName": "nxTest",
"serveStaticTargetName": "serve-static",
"typecheckTargetName": "typecheck",
"buildDepsTargetName": "vite:build-deps",
Expand All @@ -146,6 +145,13 @@
"configName": "tsconfig.lib.json"
}
}
},
{
"plugin": "@nx/vitest",
"options": {
"testTargetName": "nxTest"
},
"include": ["packages/**/**/*", "e2e/**/**/*", "tools/**/**/*"]
}
],
"parallel": 1,
Expand Down
36 changes: 19 additions & 17 deletions package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -58,17 +58,18 @@
"@effect/cli": "catalog:effect",
"@eslint/eslintrc": "^3.0.0",
"@eslint/js": "~9.39.0",
"@nx/devkit": "21.2.3",
"@nx/eslint": "21.2.3",
"@nx/eslint-plugin": "21.2.3",
"@nx/express": "21.2.3",
"@nx/jest": "21.2.3",
"@nx/js": "21.2.3",
"@nx/playwright": "21.2.3",
"@nx/plugin": "21.2.3",
"@nx/vite": "21.2.3",
"@nx/web": "21.2.3",
"@nx/workspace": "21.2.3",
"@nx/devkit": "22.3.3",
"@nx/eslint": "22.3.3",
"@nx/eslint-plugin": "22.3.3",
"@nx/express": "22.3.3",
"@nx/jest": "22.3.3",
"@nx/js": "22.3.3",
"@nx/playwright": "22.3.3",
"@nx/plugin": "22.3.3",
"@nx/vite": "22.3.3",
"@nx/vitest": "22.3.3",
"@nx/web": "22.3.3",
"@nx/workspace": "22.3.3",
"@playwright/test": "^1.47.2",
"@swc-node/register": "1.10.10",
"@swc/cli": "0.6.0",
Expand All @@ -82,8 +83,8 @@
"@typescript-eslint/parser": "^8.45.0",
"@typescript-eslint/typescript-estree": "8.23.0",
"@typescript-eslint/utils": "^8.13.0",
"@vitest/coverage-v8": "^3.0.5",
"@vitest/ui": "3.0.4",
"@vitest/coverage-v8": "4.0.9",
"@vitest/ui": "4.0.9",
"conventional-changelog-conventionalcommits": "^8.0.0",
"cz-conventional-changelog": "^3.3.0",
"cz-git": "^1.6.1",
Expand All @@ -100,7 +101,7 @@
"jsonc-eslint-parser": "^2.1.0",
"lint-staged": "^15.0.0",
"madge": "8.0.0",
"nx": "21.2.3",
"nx": "22.3.3",
"pkg-pr-new": "^0.0.60",
"playwright": "^1.47.2",
"prettier": "^3.2.5",
Expand All @@ -112,10 +113,10 @@
"typedoc": "^0.27.4",
"typedoc-github-theme": "0.2.1",
"typedoc-plugin-rename-defaults": "^0.7.2",
"typescript": "5.8.3",
"typescript": "5.9.3",
"typescript-eslint": "^8.19.0",
"verdaccio": "6.2.1",
"vite": "6.4.1",
"vite": "catalog:vite",
"vitest": "catalog:vitest",
"vitest-canvas-mock": "^0.3.3"
Copy link

@coderabbitai coderabbitai bot Jan 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

Fix vitest-canvas-mock version mismatch blocking CI.

The pipeline failure indicates: "Dependency specifiers do not match the lockfile: vitest-canvas-mock (^0.3.3) vs lockfile (^1.1.3)."

Update the version to match the lockfile or regenerate the lockfile to resolve the CI failure.

Proposed fix (if lockfile version is correct) 
-    "vitest-canvas-mock": "^0.3.3"
+    "vitest-canvas-mock": "^1.1.3"
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
"vitest-canvas-mock": "^0.3.3"
"vitest-canvas-mock": "^1.1.3"
🤖 Prompt for AI Agents 
In `@package.json` at line 121, The package.json dependency for vitest-canvas-mock
currently (^0.3.3) conflicts with the lockfile (^1.1.3), blocking CI; fix by
either updating the package.json entry for "vitest-canvas-mock" to the lockfile
version (^1.1.3) so they match, or regenerate the lockfile by running your
package manager install (npm/yarn/pnpm) and committing the updated lockfile so
package.json and the lockfile are consistent.

},
Expand All @@ -126,5 +127,6 @@
},
"nx": {
"includedScripts": []
}
},
"dependencies": {}
}
9 changes: 5 additions & 4 deletions packages/journey-client/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,13 +29,14 @@
"@forgerock/storage": "workspace:*",
"@reduxjs/toolkit": "catalog:",
"tslib": "^2.3.0",
"vite": "6.4.1",
"vite": "catalog:vite",
"vitest-canvas-mock": "^0.3.3"
Comment on lines +32 to 33
Copy link

@coderabbitai coderabbitai bot Jan 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

Remove dev/test tools from production dependencies – this is causing the pipeline failure.

vite and vitest-canvas-mock are build/test utilities that belong exclusively in devDependencies. Currently:

  • vitest-canvas-mock appears in both dependencies (^0.3.3) and devDependencies (^1.1.3), causing the lockfile mismatch error.
  • vite is duplicated in both sections.

The pipeline failure vitest-canvas-mock (^0.3.3) vs lockfile (^1.1.3) is due to line 33 not being updated/removed.

🔧 Proposed fix 
   "dependencies": {
     "@forgerock/sdk-logger": "workspace:*",
     "@forgerock/sdk-request-middleware": "workspace:*",
     "@forgerock/sdk-types": "workspace:*",
     "@forgerock/sdk-utilities": "workspace:*",
     "@forgerock/storage": "workspace:*",
     "@reduxjs/toolkit": "catalog:",
-    "tslib": "^2.3.0",
-    "vite": "catalog:vite",
-    "vitest-canvas-mock": "^0.3.3"
+    "tslib": "^2.3.0"
   },
🤖 Prompt for AI Agents 
In `@packages/journey-client/package.json` around lines 32 - 33, Remove build/test
tools from production dependencies: delete the "vite" and the
"vitest-canvas-mock" entries from the top-level "dependencies" block in
package.json so they only live in "devDependencies" (ensuring
"vitest-canvas-mock" is kept at the ^1.1.3 version under devDependencies). After
removing those keys, run your package manager to update the lockfile so the
dependency versions match the lockfile (resolving the ^0.3.3 vs ^1.1.3
mismatch).

},
"devDependencies": {
"@vitest/coverage-v8": "^1.2.0",
"vite": "6.4.1",
"vitest": "^1.2.0"
"@vitest/coverage-v8": "^4.0.9",
"vite": "catalog:vite",
"vitest": "catalog:vitest",
"vitest-canvas-mock": "^1.1.3"
},
"nx": {
"tags": ["scope:package"],
Expand Down
7 changes: 5 additions & 2 deletions packages/journey-client/src/lib/device/device-profile.test.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
import { vi, expect, describe, it, afterEach, beforeEach, SpyInstance } from 'vitest';
import { vi, expect, describe, it, afterEach, beforeEach, Mock } from 'vitest';

import { Device } from './device-profile.js';

Expand Down Expand Up @@ -86,7 +86,10 @@ describe('Test DeviceProfile', () => {
});

describe('logLevel tests', () => {
let warnSpy: SpyInstance;
let warnSpy: Mock<{
(...data: unknown[]): void;
(message?: string, ...optionalParams: unknown[]): void;
}>;
const originalNavigator = global.navigator;

beforeEach(() => {
Expand Down
15 changes: 0 additions & 15 deletions packages/journey-client/tsconfig.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,21 +3,6 @@
"files": [],
"include": [],
"references": [
{
"path": "../sdk-effects/storage"
},
{
"path": "../sdk-utilities"
},
{
"path": "../sdk-types"
},
{
"path": "../sdk-effects/sdk-request-middleware"
},
{
"path": "../sdk-effects/logger"
},
{
"path": "./tsconfig.lib.json"
},
Expand Down
18 changes: 0 additions & 18 deletions packages/oidc-client/tsconfig.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,24 +3,6 @@
"files": [],
"include": [],
"references": [
{
"path": "../sdk-effects/storage"
},
{
"path": "../sdk-types"
},
{
"path": "../sdk-effects/sdk-request-middleware"
},
{
"path": "../sdk-effects/oidc"
},
{
"path": "../sdk-effects/logger"
},
{
"path": "../sdk-effects/iframe-manager"
},
{
"path": "./tsconfig.lib.json"
},
Expand Down
6 changes: 0 additions & 6 deletions packages/sdk-effects/oidc/tsconfig.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,12 +3,6 @@
"files": [],
"include": [],
"references": [
{
"path": "../../sdk-utilities"
},
{
"path": "../../sdk-types"
},
{
"path": "./tsconfig.lib.json"
},
Expand Down
3 changes: 0 additions & 3 deletions packages/sdk-effects/storage/tsconfig.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,9 +3,6 @@
"files": [],
"include": [],
"references": [
{
"path": "../../sdk-types"
},
{
"path": "./tsconfig.lib.json"
},
Expand Down
Loading
Loading