chore: refresh dependencies within current majors#273
Merged
Conversation
Lockfile refresh (no package.json change, resolved via existing caret ranges): - @emotion/react 11.14.0, @emotion/styled 11.14.1 - @reduxjs/toolkit 2.2.7 → 2.11.2 - moment 2.30.1, react-hot-toast 2.4.1 → 2.6.0 - react-markdown 9.0.3 → 9.1.0, react-remove-scroll 2.7.2 - remark-gfm 4.0.1, @braintree/sanitize-url 6.0.4 - redux 4.2.1 Pin bumps (patch/minor, same major): - @emotion/serialize 1.3.0 → 1.3.3 - dompurify 3.3.2 → 3.4.0 (supersedes snyk PRs #272, #261, #259, #256, #241, #233) - react-redux 7.2.8 → 7.2.9 (supersedes snyk PRs #242, #234, #36) Socket-client pinned at 5.0.0-beta.26 (current beta; latest tag is 4.9.2). Major bumps deferred: @emotion/cache 10→11, react-redux →9, redux →5, react-responsive →10, react-markdown →10, uuid →13, stylis →4, @braintree/sanitize-url →7. Build passes (UMD + ESM). tsc:check error count unchanged (75, pre-existing).
✅ Snyk checks have passed. No issues have been found so far.
💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse. |
Contributor
There was a problem hiding this comment.
Pull request overview
This PR refreshes the project’s npm dependencies within existing major versions for Cognigy Webchat v3, primarily by updating resolved versions in package-lock.json and a few pinned dependencies in package.json.
Changes:
- Bumps pinned dependencies in
package.json(@emotion/serialize,dompurify,react-redux). - Refreshes
package-lock.jsonto newer resolved versions permitted by existing semver ranges (plus transitive updates).
Reviewed changes
Copilot reviewed 1 out of 2 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| package.json | Updates a small set of pinned dependency versions (patch/minor). |
| package-lock.json | Refreshes resolved dependency graph to newer versions allowed by current semver ranges (includes many transitive updates). |
sushmi21
approved these changes
Apr 23, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Low-risk dependency refresh — no source code changes, no major version bumps.
Lockfile-only refresh (caret ranges already allowed these)
@emotion/react→ 11.14.0@emotion/styled→ 11.14.1@reduxjs/toolkit2.2.7 → 2.11.2moment→ 2.30.1react-hot-toast2.4.1 → 2.6.0react-markdown9.0.3 → 9.1.0react-remove-scroll→ 2.7.2remark-gfm→ 4.0.1redux→ 4.2.1@braintree/sanitize-url→ 6.0.4Pin bumps (patch/minor only)
@emotion/serialize1.3.0 → 1.3.3dompurify3.3.2 → 3.4.0react-redux7.2.8 → 7.2.9Socket client
Confirmed pinned at
@cognigy/socket-client@5.0.0-beta.26(latest beta; npmlatesttag is still 4.9.2). No change needed.Obsoleted Snyk PRs
This supersedes the following autoupdate PRs — they can be closed after merge:
Deferred (require code review / major bump)
@emotion/cache10→11,react-redux→9,redux→5,react-responsive→10,react-markdown→10,uuid→13,stylis→4,@braintree/sanitize-url→7.Test plan
npm run buildpasses (UMD + ESM)npm run tsc:checkerror count unchanged vs main (75 pre-existing errors)