Skip to content

chore: update production dependencies #1225

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 7 commits into from
Jun 12, 2025
Merged

chore: update production dependencies #1225

merged 7 commits into from
Jun 12, 2025

Conversation

cimigree
Copy link
Contributor

@cimigree cimigree commented Jun 10, 2025
edited
Loading

close #1218

Monthly Production Dependency Upgrade

This PR updates production dependencies as part of our regular maintenance process using npm run upgrade-deps:production, depcheck, and expo-doctor.

Updated Packages

Package From To
@expo-google-fonts/rubik 0.2.3 0.4.1
@gorhom/bottom-sheet 5.1.2 5.1.6
@react-navigation/bottom-tabs 7.3.10 7.3.14
@react-navigation/native 7.1.6 7.1.10
@react-navigation/stack 7.2.10 7.3.3
@tanstack/react-query 5.74.4 5.80.6
expo-build-properties 0.13.2 0.13.3
react-hook-form 7.56.0 7.57.0
react-native-confirmation-code-field 7.4.0 8.0.1
react-native-safe-area-context 5.4.0 5.4.1
react-native-screens 4.10.0 4.11.1
react-native-share 12.0.9 12.0.11
react-native-svg 15.11.2 15.12.0
valibot 1.0.0 1.1.0
zustand 5.0.3 5.0.5

Skipped Packages

Package Reason for Skipping
@rnmapbox/maps Known crash issue on Android when New Architecture is disabled that Andrew reported (rnmapbox/maps#3796)
react-native-mmkv v3 is a breaking change; staying on v2.12.2 for now
expo-* & react-native Managed by Expo SDK; intentionally pinned to SDK 52 compatibility
@sentry/react-native Skipped upgrading beyond 6.10.0 to avoid introducing potential breaking changes until fully validated by expo

Removed Packages

These were identified as unused by depcheck and confirmed via manual review:

Package Reason
expo-status-bar Not used anywhere in the codebase
react-native-android-open-settings Not imported or referenced
react-native-linear-gradient Not used in components or styles
assert Not used anywhere
debug Took it out of direct usage but it is a subdependency

Compatibility Checks (expo-doctor)

  • Ran npx expo-doctor and reviewed 2 warnings:

Validate Packages Metadata

Package Warning Action Taken
react-native-restart Untested on New Architecture App does not use New Architecture; safe to ignore
react-native-indicators Marked as unmaintained Retained; still works reliably
Multiple internal deps (@comapeo/*, valibot, etc.) No metadata in RN Directory Safe to ignore — internal or utility packages

Version Mismatches with SDK, all downgrades

Package Installed Expected Action
@react-native-picker/picker 2.11.0 2.9.0 Kept newer version — no regressions observed
react-native-gesture-handler 2.25.0 ~2.20.2 No issues observed — skipped
react-native-safe-area-context 5.4.1 4.12.0 Works fine — skipped
react-native-screens 4.11.1 ~4.4.0 Retained newer version
react-native-svg 15.12.0 15.8.0 Newer version working fine

Some fixes needed based on package changes

  • Updated InputPasscode to fix type errors.
  • Adjusted usage of isLastFilledCell in PasscodeInput to match the updated function signature.
  • Had to add a patch to react-native-confirmation-code-field so that the masking of the passcode would work.
  • Updated @expo-google-fonts/rubik to 0.4.1 and fixed font paths in app.json to reflect new file structure requirements.

Manual QA

  • Creating and editing Tracks and Observations (used 100 test data plus manually done)
  • Recording audio and updated permissions
  • Using the passcode
  • Updating config file
  • Exchanging data between devices via sharing and sync
  • Switching languages
  • Connecting and syncing with a remote server
  • General navigation and edge case testing across the app

@cimigree cimigree requested a review from achou11 June 11, 2025 16:44
achou11
achou11 previously approved these changes Jun 11, 2025
View reviewed changes
Copy link
Member

@achou11 achou11 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Super helpful summary! Really appreciate having it as a reference. Good to see the removal of a couple unused deps.

Provided a couple of non-blocking suggestions, but otherwise liking how this looks 👍

@achou11 achou11 self-requested a review June 11, 2025 21:11
@achou11 achou11 dismissed their stale review June 11, 2025 21:11

found out about a removed dep that shouldn't be removed

achou11
achou11 requested changes Jun 11, 2025
View reviewed changes
Copy link
Member

@achou11 achou11 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

sorry, I think the buffer module needs to be restored unfortunately. other than that, my previous review still stands 😄

cimigree added 2 commits June 11, 2025 18:18
@cimigree
Removes unused dependency debug. Adds back dependency buffer. Fixes p…
8dc9666 
…asscode input typing. Patches the passcode masking because it was not working.
@cimigree
Tries to add back assert.
0060852
@cimigree
Copy link
Contributor Author

@achou11, So it looks like assert was also required as a dependency, here in particular: babel.config.js
Also, adding that back fixed the issue with the lockfile test failing.
Also, FYI, debug is a subdependency of many, many, many other dependencies, so it is not truly removed, just removed as one of our prod dependencies.

@cimigree cimigree requested a review from achou11 June 12, 2025 13:42
@achou11
Copy link
Member

achou11 commented Jun 12, 2025

@achou11, So it looks like assert was also required as a dependency, here in particular: babel.config.js Also, adding that back fixed the issue with the lockfile test failing.

I'm surprised about the assert being needed. the one used in babel.config.js can and ideally should reference the built-in Node assert module. maybe update that file to import from node:assert explicitly to avoid that confusion, and see if removing the assert module is okay?

Also, FYI, debug is a subdependency of many, many, many other dependencies, so it is not truly removed, just removed as one of our prod dependencies.

Yes I'm aware - this is fine + intended

achou11
achou11 approved these changes Jun 12, 2025
View reviewed changes
Copy link
Member

@achou11 achou11 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

My note on the assert question is not blocking - just me being particular about shaving deps if possible 😄 doesn't have any runtime consequences from what I can tell.

patches/README.md Outdated

Fixes a bug in the `MaskSymbol` component where the mask (`*`) briefly un-hides when typing quickly. This patch sets the `visibleFlag` to `false` immediately, preventing the undesired flicker.

See: [Reviewer context](https://github.com/recruiters/github/blob/master/README.md).
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

wrong URL?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ugh. I meant to put in this PR as the link. Fixing.

@awana-lockfile-bot
Copy link

package-lock.json changes

Summary

Status Count
ADDED 1
UPDATED 22
REMOVED 18
Click to toggle table visibility
Name Status Previous Current
@expo-google-fonts/rubik UPDATED 0.2.3 0.4.1
@gorhom/bottom-sheet UPDATED 5.1.2 5.1.6
@react-navigation/bottom-tabs UPDATED 7.3.10 7.3.14
@react-navigation/core UPDATED 7.8.5 7.10.0
@react-navigation/elements UPDATED 2.3.8 2.4.3
@react-navigation/native UPDATED 7.1.6 7.1.10
@react-navigation/routers UPDATED 7.3.5 7.4.0
@react-navigation/stack UPDATED 7.2.10 7.3.3
@tanstack/query-core UPDATED 5.74.4 5.80.6
@tanstack/react-query UPDATED 5.74.4 5.80.6
assert REMOVED 2.1.0 -
available-typed-arrays REMOVED 1.0.7 -
debug UPDATED 4.4.0 4.4.1
expo-build-properties UPDATED 0.13.2 0.13.3
expo-status-bar REMOVED 2.0.1 -
for-each REMOVED 0.3.5 -
glob UPDATED 10.3.15 10.4.5
is-arguments REMOVED 1.2.0 -
is-callable REMOVED 1.2.7 -
is-generator-function REMOVED 1.1.0 -
is-nan REMOVED 1.3.2 -
is-regex REMOVED 1.2.1 -
is-typed-array REMOVED 1.1.15 -
jackspeak UPDATED 2.3.6 3.4.3
object-is REMOVED 1.1.6 -
object.assign REMOVED 4.1.7 -
possible-typed-array-names REMOVED 1.1.0 -
react-hook-form UPDATED 7.56.0 7.57.0
react-native-android-open-settings REMOVED 1.3.0 -
react-native-confirmation-code-field UPDATED 7.4.0 8.0.1
react-native-is-edge-to-edge ADDED - 1.1.7
react-native-linear-gradient REMOVED 2.8.3 -
react-native-safe-area-context UPDATED 5.4.0 5.4.1
react-native-screens UPDATED 4.10.0 4.11.1
react-native-share UPDATED 12.0.9 12.0.11
react-native-svg UPDATED 15.11.2 15.12.0
safe-regex-test REMOVED 1.1.0 -
util REMOVED 0.12.5 -
valibot UPDATED 1.0.0 1.1.0
which-typed-array REMOVED 1.1.19 -
zustand UPDATED 5.0.3 5.0.5

@cimigree
Copy link
Contributor Author

@achou11 Ok I removed assert and changes the Readme and import in the babel file. Any idea why the lockfile test failed that time?

@achou11
Copy link
Member

achou11 commented Jun 12, 2025

@achou11 Ok I removed assert and changes the Readme and import in the babel file. Any idea why the lockfile test failed that time?

have no idea. the Not Found error that's there is a bit vague 🤷

@cimigree cimigree merged commit 8410692 into develop Jun 12, 2025
9 checks passed
@cimigree cimigree deleted the chore/update-prod-deps branch June 12, 2025 15:38
ErikSin pushed a commit that referenced this pull request Jun 24, 2025
@cimigree @ErikSin
chore: update production dependencies (#1225)
cad5e5e 
* Upgrades to production dependencies. Fixes some things related to passcode input.

* Removes assert.

* Updates google font.

* Removes unused dependency debug. Patches the passcode masking because it was not working.
ErikSin added a commit that referenced this pull request Jun 24, 2025
@ErikSin @cimigree @achou11
chore: cherry pick audio/remove leave project/obsevation metadata cut…
fff1e44 
… off (#1252)

* chore: update production dependencies (#1225)

* Upgrades to production dependencies. Fixes some things related to passcode input.

* Removes assert.

* Updates google font.

* Removes unused dependency debug. Patches the passcode masking because it was not working.

* feat: update @comapeo/core to 4.0.0 (#1231)

* chore: audio improvements (#1212)

* Audio refactor.
* Changes screen name. Adds navigation from observation before it is saved.
* Deletes unused audio files.
* Makes thumbnails. Makes saved attachment player.
* Consolidates styles, adjusts date on thumbnail. 
* Updates the audio tests.
* Updates to new button component
* Adds changes based on PR comments.
* Moves audio permission into the audio component. Consolidates to one loading state not related to audio file logic.
* Uses the new audio created at field for the UI for thumbnails and playback screen.
* Removes unused reset method.

* fix: remove leave project (#1239)

* Removes the leave project screen and button.

* fix: observation metadata no longer cut off (#1240)

* Adjusts the observation metadata screen so that it is in a scrollview.
* Tweaks to styling so it fits on small screens better.

---------

Co-authored-by: cimigree <[email protected]>
Co-authored-by: Andrew Chou <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@achou11 achou11 achou11 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Update Production Dependencies
2 participants
@cimigree @achou11