Dependency package updates

[kentcdodds]

Summary

Updates various dependencies as requested, including @sly-cli/sly, @types/eslint, @types/node, @types/react, @types/react-dom, @paralleldrive/cuid2, cross-env, bcryptjs, close-with-grace, cookie, cron-parser, date-fns, dotenv, filenamify, glob, helmet, litefs-js, node-html-parser, react, react-dom, remix-utils, set-cookie-parser, and sonner.

This PR addresses breaking changes and type updates from these new versions, such as:

• Adjusting JSX.Element to ReactElement and JSX.IntrinsicElements['label'] to React.LabelHTMLAttributes<HTMLLabelElement> due to @types/react updates.
• Making honeypot.check and honeypot.getInputProps asynchronous.
• Updating cron-parser usage from cronParser.parseExpression to CronExpressionParser.parse.
• Correcting litefs-js import path.
• Updating e2e test assertions to match new UI text and adjusting timing in use-double-check.test.tsx.

Test Plan

• Ran DATABASE_URL="file:./tests/prisma/base.db" CACHE_DATABASE_PATH="./tests/prisma/cache.db" npm run validate (full gate) to cover lint, typecheck, unit, and e2e tests.
• Updated Playwright expectation in tests/e2e/send.test.ts and misc.use-double-check.test.tsx to align with new dependency behavior/types.

Checklist

• Tests updated
• Docs updated

Screenshots

N/A

---

 

---

Note

Medium Risk
Broad dependency upgrades (including React 19) plus behavior changes in spam protection and cron parsing can cause runtime regressions that are hard to predict despite small code diffs.

Overview
Updates a large set of dependencies, including React/React DOM to v19, remix-utils, cron-parser, litefs-js, and various tooling/libs, with corresponding lockfile changes.

Adapts the app to upstream breaking changes: honeypot.check/honeypot.getInputProps are now awaited (including auth actions and root loader), cron-parser usage switches to CronExpressionParser.parse, and the LiteFS Remix import is updated.

Adjusts TypeScript/React typings by replacing JSX.Element/JSX.IntrinsicElements[...] annotations with ReactElement/React DOM attribute types, and updates unit/e2e tests to be less timing-sensitive and to match updated UI copy.

^{Written by Cursor Bugbot for commit 32d1207. This will update automatically on new commits. Configure here.}

[cursor]

Cursor Agent can help with this pull request. Just @cursor in comments and I'll start working on changes in this branch.
_{Learn more about Cursor Agents}

[kentcdodds]

@cursor rebase on main

[cursor]

Taking a look!

 

[kentcdodds]

@cursor, CI install is failing due to issues with package-lock. Please fix

[cursor]

Summary

• Regenerated package-lock.json so optional platform binaries (for example @sentry/cli-darwin) are present for npm ci on CI.【F:package-lock.json†L6548-L6576】

Testing

• ✅ npx npm@latest ci (validate the lockfile with the npm version used in CI’s install step).【58a53f†L1-L16】
• Manual testing not run since this is a lockfile-only change.