Bump the npm_and_yarn group across 1 directory with 3 updates#6
Open
dependabot[bot] wants to merge 1 commit into
Open
Bump the npm_and_yarn group across 1 directory with 3 updates#6dependabot[bot] wants to merge 1 commit into
dependabot[bot] wants to merge 1 commit into
Conversation
Bumps the npm_and_yarn group with 3 updates in the / directory: [next](https://github.com/vercel/next.js), [hono](https://github.com/honojs/hono) and [ip-address](https://github.com/beaugunderson/ip-address). Updates `next` from 16.2.1 to 16.2.3 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](vercel/next.js@v16.2.1...v16.2.3) Updates `hono` from 4.12.12 to 4.12.18 - [Release notes](https://github.com/honojs/hono/releases) - [Commits](honojs/hono@v4.12.12...v4.12.18) Updates `ip-address` from 10.1.0 to 10.2.0 - [Commits](https://github.com/beaugunderson/ip-address/commits) --- updated-dependencies: - dependency-name: next dependency-version: 16.2.3 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: hono dependency-version: 4.12.18 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ip-address dependency-version: 10.2.0 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
added
dependencies
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
Deploying with
|
| Status | Name | Latest Commit | Updated (UTC) |
|---|---|---|---|
| ❌ Deployment failed View logs |
racs | aa5cf68 | May 07 2026, 03:22 AM |
Dependency Review✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.OpenSSF ScorecardScorecard details
Scanned Files
|
Up to standards ✅🟢 Issues
|
| Metric | Results |
|---|---|
| Complexity | 0 |
| Duplication | 0 |
NEW Get contextual insights on your PRs based on Codacy's metrics, along with PR and Jira context, without leaving GitHub. Enable AI reviewer
TIP This summary will be updated as you push new changes.
 |
|
Overall Grade |
Security Reliability Complexity Hygiene |
Code Review Summary
| Analyzer | Status | Updated (UTC) | Details |
|---|---|---|---|
| JavaScript |  |
May 7, 2026 3:22a.m. | Review ↗ |
| Secrets | |
May 7, 2026 3:22a.m. | Review ↗ |
Important
AI Review is run only on demand for your team. We're only showing results of static analysis review right now. To trigger AI Review, comment @deepsourcebot review on this thread.
![codethreat-appsec[bot]](https://avatars.githubusercontent.com/in/1631929?s=60&v=4){kind=small}
There was a problem hiding this comment.
Summary
This PR upgrades the Next.js runtime from 16.2.1 to 16.2.3 and introduces a new RACS dashboard UI that integrates with Supabase to display and create cheat reports.
Features
- Dashboard page (
src/app/page.js) that:- Fetches reports from the
reportsSupabase table and displays them as cards with search and basic analytics (today/week/month/year counts and deltas). - Shows a detailed incident view in a modal-like overlay using Framer Motion when a report is selected.
- Provides a fullscreen “Analytics” placeholder view for future charting.
- Allows authenticated users (via Supabase GitHub OAuth) to add new reports through a dialog form.
- Fetches reports from the
- UI component library additions:
Card,Button,Badge,Input,Textarea, andDialogcomponents with Tailwind-based styling and Radix UI primitives.
- Root layout (
src/app/layout.js) that wires up global fonts (Geist) and base HTML/body structure.
Bug Fixes
- None explicitly targeted; changes are additive and structural.
Breaking Changes
- None identified in the provided code. The Next.js upgrade is a patch-level bump (16.2.1 → 16.2.3) and the new components/pages are additive.
Architecture Diagram
sequenceDiagram
participant Browser as Browser (User)
participant NextApp as Next.js App Router
participant Dashboard as Dashboard Page (app/page.js)
participant Supabase as Supabase Backend
Browser->>NextApp: Request /
NextApp-->>Browser: Serve layout (layout.js) + dashboard shell
Browser->>Dashboard: Mount Dashboard component
Dashboard->>Supabase: auth.getUser()
Supabase-->>Dashboard: User (or null)
Dashboard->>Supabase: from("reports").select().order(...)
Supabase-->>Dashboard: Reports list
Dashboard-->>Browser: Render metrics, search, report cards
Browser->>Dashboard: Click "Add report" (authenticated)
Dashboard-->>Browser: Open Dialog (form)
Browser->>Dashboard: Submit form
Dashboard->>Supabase: from("reports").insert(payload)
Supabase-->>Dashboard: Insert result
Dashboard->>Supabase: Re-fetch reports
Supabase-->>Dashboard: Updated reports
Dashboard-->>Browser: Updated list and metrics
There was a problem hiding this comment.
Summary
Updates the dashboard to a styled, interactive Next.js 16.2.3 app with a Supabase-backed “cheater reports” dashboard UI, including reusable UI primitives (buttons, cards, dialogs, inputs) and a main dashboard page for viewing and adding reports.
Features
-
Dashboard layout and theming
src/app/layout.jssets up the root HTML structure, global fonts (Geist, Geist_Mono), and base body layout.src/app/page.jsimplements a client-side dashboard using the App Router, with a sticky header, metrics, search, and responsive layout.
-
Supabase-backed reports dashboard
- Fetches
reportsfrom Supabase (supabase.from("reports")) ordered byreported_dateandcreated_at. - Displays key metrics (today/week/month/year counts and deltas) computed from
reported_date. - Provides search across
username,game,status, andnotes. - Shows a list of report cards with status badges, notes preview, and “video attached” indicator.
- Fetches
-
Report detail and analytics views
- Clicking a report opens a modal-style detail view with full notes, status, and video URL.
- “Analytics” button opens a full-screen analytics placeholder view for future charting.
-
Add-report flow with authentication
- Uses Supabase auth (
supabase.auth.getUser,signInWithOAuth,signOut) to gate report creation. - “Add report” opens a dialog with a form for username, game, date/time, status, video URL, and notes.
- Submits a new row to the
reportstable withcreated_byset to the authenticated user’s id.
- Uses Supabase auth (
-
Reusable UI components
Button,Badge,Card,Input,Textarea, andDialogcomponents built with Tailwind,class-variance-authority, and Radix primitives.- Shared
cnutility (src/lib/utils.js) for class merging viaclsxandtailwind-merge.
-
Tooling and analysis
- Adds
sonar-project.propertiesfor SonarCloud configuration. - Bumps
nextdependency from16.2.1to16.2.3and aligns lockfile and SWC binaries.
- Adds
Bug Fixes
- None explicitly targeted; this PR is primarily new implementation and dependency alignment.
Breaking Changes
- None identified in the provided code. Existing behavior is replaced by the new dashboard implementation, but there are no public API or route renames within the shown files.
Architecture Diagram
sequenceDiagram
participant Browser as Browser (Dashboard UI)
participant Next as Next.js App (App Router)
participant Supabase as Supabase Backend
Browser->>Next: Request / (Dashboard)
Next-->>Browser: Render Dashboard (layout.js + page.js)
Note over Browser,Next: Initial load
Browser->>Supabase: auth.getUser()
Supabase-->>Browser: { user | null }
Browser->>Supabase: from("reports").select().order(...)
Supabase-->>Browser: [reports]
Note over Browser: useEffect: getUser() + fetchReports()
Browser->>Browser: useMemo(stats) from reports
Browser->>Browser: Filter reports by search query
Note over Browser: User interactions
Browser->>Supabase: auth.signInWithOAuth("github") (Login)
Supabase-->>Browser: Redirect / session
Browser->>Supabase: from("reports").insert(payload) (Add report)
Supabase-->>Browser: Insert result
Browser->>Supabase: from("reports").select() (Refresh list)
Supabase-->>Browser: [updated reports]
Browser->>Browser: Open/close detail modal & analytics overlay
Browser->>Browser: Open/close add-report dialog (Radix Dialog + Button/Input/Textarea)
There was a problem hiding this comment.
Summary
This PR upgrades the Next.js runtime to 16.2.3 and introduces a new RACS dashboard UI built with the App Router, Supabase, and a small design system of reusable UI components.
Features
- Dashboard page (
src/app/page.js) that:- Authenticates users via Supabase GitHub OAuth.
- Fetches
reportsfrom Supabase, computes daily/weekly/monthly/yearly stats, and displays them as metric cards. - Provides search over username, game, status, and notes.
- Shows a detailed incident view in a modal for a selected report.
- Includes a fullscreen “Analytics” placeholder view.
- Allows authenticated users to add new reports via a dialog form, persisting to the
reportstable.
- Layout setup (
src/app/layout.js) with Geist fonts and global structure for the App Router. - UI component library under
src/components/ui:Button,Badge,Card,Input,Textarea, andDialogabstractions with consistent Tailwind-based styling and variants.
- Utility function
cn(src/lib/utils.js) to merge class names usingclsxandtailwind-merge. - SonarCloud project configuration (
sonar-project.properties) for static analysis.
Bug Fixes
- None explicitly targeted; changes are additive and structural.
Breaking Changes
- None identified in the provided code. The Next.js bump from 16.2.1 to 16.2.3 is a patch-level upgrade and the app uses only public, compatible APIs (
appdirectory,next/font/google, standard React hooks).
Architecture Diagram
sequenceDiagram
participant Browser as Browser (User)
participant NextApp as Next.js App (App Router)
participant Supabase as Supabase Backend
participant UI as UI Components (Button/Card/Dialog/etc.)
Browser->>NextApp: Request / (Dashboard)
NextApp->>Supabase: supabase.auth.getUser()
Supabase-->>NextApp: User (or null)
NextApp->>Supabase: SELECT * FROM reports ORDER BY reported_date, created_at
Supabase-->>NextApp: Reports[]
NextApp->>UI: Render metrics, list, dialogs with props
UI-->>Browser: Interactive dashboard (cards, modals, forms)
Browser->>NextApp: Click "Login"
NextApp->>Supabase: auth.signInWithOAuth(provider="github")
Browser->>NextApp: Submit "Add report" form
NextApp->>Supabase: INSERT INTO reports (payload)
Supabase-->>NextApp: Insert result
NextApp->>Supabase: Re-fetch reports
Supabase-->>NextApp: Updated Reports[]
NextApp->>UI: Re-render dashboard with new data
There was a problem hiding this comment.
Summary
Updates the dashboard to use a richer UI component set (buttons, badges, cards, dialogs, inputs, textareas) and implements a client-side RACS dashboard page backed by Supabase, while bumping Next.js to 16.2.3.
Features
- Adds reusable UI primitives:
Button,Badge,Card,Dialog,Input, andTextareacomponents built on Tailwind,class-variance-authority, and Radix primitives.
- Implements the main RACS dashboard page (
src/app/page.js):- Fetches
reportsfrom Supabase and displays them as cards with search and summary metrics (today/week/month/year). - Shows detailed report information in an animated overlay when a report is selected.
- Provides a fullscreen “Analytics” placeholder view for future charting.
- Adds an “Add report” dialog with a form to create new reports, including username, game, status, date/time, video URL, and notes.
- Integrates GitHub OAuth login/logout via Supabase and associates new reports with the authenticated user.
- Fetches
- Configures global layout (
src/app/layout.js) with Geist fonts and base page structure.
Bug Fixes
- None explicitly targeted; changes are additive and structural.
Breaking Changes
- None identified in the provided code. Existing routes and components remain compatible, and the Next.js version bump is a patch-level update (16.2.1 → 16.2.3) with no incompatible usage in the current code.
Architecture Diagram
sequenceDiagram
participant Browser as Browser (Dashboard UI)
participant NextApp as Next.js App Router
participant Supabase as Supabase Client
participant DB as Supabase DB (reports)
Browser->>NextApp: Load / (Dashboard)
NextApp-->>Browser: Render Dashboard (React, UI components)
Browser->>Supabase: supabase.auth.getUser()
Supabase-->>Browser: Authenticated user (or null)
Browser->>Supabase: from("reports").select().order(...)
Supabase->>DB: Query reports
DB-->>Supabase: Report rows
Supabase-->>Browser: Reports data
Browser-->>Browser: Compute stats & render cards
Browser->>Supabase: auth.signInWithOAuth({ provider: "github" })
Supabase-->>Browser: Redirect to GitHub OAuth (handled externally)
Browser->>Supabase: from("reports").insert(payload)
Supabase->>DB: Insert new report
DB-->>Supabase: Insert result
Supabase-->>Browser: Success
Browser->>Supabase: Re-fetch reports
Supabase->>DB: Query updated reports
DB-->>Supabase: Updated rows
Supabase-->>Browser: Updated reports
There was a problem hiding this comment.
Summary
Updates the dashboard UI to use a new shadcn-style component set (buttons, cards, badges, inputs, dialogs, textareas) and implements a Supabase-backed “RACS” anti-cheat dashboard with reporting, search, and basic analytics. Also bumps Next.js from 16.2.1 to 16.2.3 and aligns lockfile dependencies.
Features
- RACS Dashboard page (
src/app/page.js)- Implements a client-side dashboard (
Dashboard) that:- Authenticates via Supabase GitHub OAuth (
supabase.auth.signInWithOAuth,signOut,getUser). - Fetches reports from the
reportstable, ordered byreported_dateandcreated_at. - Displays key metrics (today/week/month/year counts and diffs) computed from
reported_date. - Provides a searchable list of reports (search across username, game, status, notes).
- Shows a detailed modal for a selected report (status, video URL, notes).
- Includes a fullscreen “Analytics” placeholder view.
- Allows authenticated users to add new reports via a dialog form (username, game, status, date/time, video URL, notes).
- Authenticates via Supabase GitHub OAuth (
- Implements a client-side dashboard (
- UI Component Library
- Button (
src/components/ui/button.jsx)- Adds a variant/size-based button using
class-variance-authorityandcn, with support forasChildviaradix-uiSlot.
- Adds a variant/size-based button using
- Badge (
src/components/ui/badge.jsx)- Adds a variant-based badge component with
asChildsupport and consistent styling.
- Adds a variant-based badge component with
- Card (
src/components/ui/card.jsx)- Adds a composable card API (
Card,CardHeader,CardTitle,CardDescription,CardAction,CardContent,CardFooter) used throughout the dashboard.
- Adds a composable card API (
- Input (
src/components/ui/input.jsx)- Adds a styled input component with consistent focus/invalid/disabled states.
- Textarea (
src/components/ui/textarea.jsx)- Adds a styled textarea component with consistent behavior and sizing.
- Dialog (
src/components/ui/dialog.jsx)- Wraps
radix-uidialog primitives into a higher-level API (Dialog,DialogTrigger,DialogContent,DialogHeader,DialogFooter,DialogTitle,DialogDescription, etc.) with overlay, content animations, and optional close buttons.
- Wraps
- Button (
- Layout and Fonts
- Root layout (
src/app/layout.js)- Configures global fonts (
Geist,Geist_Mono), HTML structure, and metadata for “RACS Dashboard”.
- Configures global fonts (
- Utility (
src/lib/utils.js)- Adds a
cnhelper combiningclsxandtailwind-mergefor class name composition.
- Adds a
- Root layout (
Bug Fixes
- None explicitly addressed; this PR is primarily new functionality and dependency alignment.
Breaking Changes
- None identified in the provided code. Existing app router structure is preserved, and the Next.js change is a patch-level bump from 16.2.1 to 16.2.3.
Architecture Diagram
sequenceDiagram
participant Browser as Browser (User)
participant NextApp as Next.js App Router
participant Dashboard as Dashboard Page (src/app/page.js)
participant Supabase as Supabase Backend
participant UI as UI Components (Button/Card/Dialog/etc.)
Browser->>NextApp: Request /
NextApp-->>Browser: Render Dashboard (client component)
Browser->>Dashboard: Load / Hydrate
Dashboard->>Supabase: auth.getUser()
Supabase-->>Dashboard: User (or null)
Dashboard->>Supabase: from("reports").select().order(...)
Supabase-->>Dashboard: Reports[]
Dashboard->>UI: Render metrics, search input, report cards
Browser->>Dashboard: Click "Add report"
Dashboard->>UI: Open Dialog (DialogContent with form)
Browser->>Dashboard: Submit form
Dashboard->>Supabase: from("reports").insert(payload)
Supabase-->>Dashboard: Insert result
Dashboard->>Supabase: Re-fetch reports
Supabase-->>Dashboard: Updated Reports[]
Dashboard->>UI: Re-render list and metrics
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the npm_and_yarn group with 3 updates in the / directory: next, hono and ip-address.
Updates
nextfrom 16.2.1 to 16.2.3Release notes
Sourced from next's releases.
Commits
d5f649bv16.2.32873928[16.x] Avoid consuming cyclic models multiple times (#75)d7c7765[backport]: Ensure app-page reports stale ISR revalidation errors via onReque...c573e8cfix(server-hmr): metadata routes overwrite page runtime HMR handler (#92273)57b8f65next-core: deduplicate output assets and detect content conflicts on emit (#9...f158df1Fix styled-jsx race condition: styles lost due to concurrent rendering (#92459)356d605turbo-tasks-backend: stability fixes for task cancellation and error handling...3b77a6eFix DashMap read-write self-deadlock in task_cache causing hangs (#92210)b2f208aBackport: new view-transitions guide, update and fixes (#92264)52faae3v16.2.2Updates
honofrom 4.12.12 to 4.12.18Release notes
Sourced from hono's releases.
... (truncated)
Commits
f10dee84.12.18a5bd9ebMerge commit from fork58d3d3aMerge commit from fork568c2ecMerge commit from forkff2b3d34.12.1752aaaf9fix(types): propagate middleware response types to app.on overloads (#4906)76d5589fix(cors): make origin optional in CORSOptions (#4905)8f027e5fix(ssg): addatom+xmlandrss+xmltodefaultExtensionMap(#4899)bfba97cfix(jsx): normalize SVG attributes on the <svg> root element (#4893)90d41824.12.16Updates
ip-addressfrom 10.1.0 to 10.2.0Commits
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditionsYou can disable automated security fix PRs for this repo from the Security Alerts page.