[Snyk] Upgrade @swc/core from 1.3.68 to 1.15.10#12153
Conversation
Snyk has created this PR to upgrade @swc/core from 1.3.68 to 1.15.10. See this package in yarn: @swc/core See this project in Snyk: https://app.snyk.io/org/q1bluequantumblockchainlabs.onmicrosoft.com/project/78e89a11-7570-4c90-8650-785847255aa5?utm_source=github&utm_medium=referral&page=upgrade-pr
Review or Edit in CodeSandboxOpen the branch in Web Editor • VS Code • Insiders |
Summary of ChangesHello @q1blue, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request automates the upgrade of the Highlights
Changelog
Activity
Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here. You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension. Footnotes
|
✅ Snyk checks have passed. No issues have been found so far.
💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse. |
|
Warning Review the following alerts detected in dependencies. According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.
|
WalkthroughThis PR upgrades the SWC compiler toolchain in the Storybook package from version 1.3.x to 1.15.x, representing a significant minor version jump. The update affects both the package.json dependency declaration and the yarn.lock file, which reflects the actual resolved versions and their platform-specific binaries. The upgrade introduces two new dependencies (@swc/counter and @swc/types) and relaxes the peer dependency constraint for @swc/helpers. All platform-specific binaries (darwin, linux, win32) across different architectures (arm64, x64, ia32, arm) are updated with new checksums. This modernization brings potential performance improvements, bug fixes, and new features from multiple intermediate SWC releases. Changes
Sequence DiagramThis diagram shows the interactions between components: sequenceDiagram
participant App as Storybook Application
participant SWC as @swc/core (v1.15.11)
participant Counter as @swc/counter
participant Types as @swc/types
participant Binary as Platform Binary
participant Helpers as @swc/helpers (peer)
Note over App,Helpers: Dependency Update: @swc/core 1.3.46 → 1.15.10
App->>SWC: Install/Update dependency
activate SWC
SWC->>Counter: Require @swc/counter (^0.1.3)
activate Counter
Counter-->>SWC: Provide counter utilities
deactivate Counter
SWC->>Types: Require @swc/types (^0.1.25)
activate Types
Types->>Counter: Require @swc/counter
activate Counter
Counter-->>Types: Provide counter utilities
deactivate Counter
Types-->>SWC: Provide type definitions
deactivate Types
SWC->>Binary: Load platform-specific binary<br/>(darwin-arm64, linux-x64, win32-x64, etc.)
activate Binary
Binary-->>SWC: Native compilation capabilities
deactivate Binary
opt Peer Dependency Available
App->>Helpers: Optionally provide @swc/helpers (>=0.5.17)
Helpers-->>SWC: Runtime helper functions
end
SWC-->>App: Ready for transpilation
deactivate SWC
Note over App,Helpers: New dependencies: @swc/counter, @swc/types<br/>Updated peer dependency constraint
Note for WindsurfPlease change the default marketplace provider to the following in the windsurf settings:Marketplace Extension Gallery Service URL: https://marketplace.visualstudio.com/_apis/public/gallery Marketplace Gallery Item URL: https://marketplace.visualstudio.com/items Entelligence.ai can learn from your feedback. Simply add 👍 / 👎 emojis to teach it your preferences. More shortcuts belowEmoji Descriptions:
Interact with the Bot:
Also you can trigger various commands with the bot by doing The current supported commands are
More commands to be added soon. |
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This PR upgrades @swc/core in the storybook package. I've raised a high-severity concern regarding the significant version jump, which increases the risk of breaking changes. I also pointed out that this change introduces a version inconsistency for @swc/core across packages in the monorepo, which is a maintainability concern. Please see the detailed comment in storybook/package.json.
| }, | ||
| "dependencies": { | ||
| "@swc/core": "^1.3.46", | ||
| "@swc/core": "^1.15.10", |
There was a problem hiding this comment.
This is a very large version jump for @swc/core (from 1.3.x to 1.15.x), which carries a high risk of breaking changes that could affect the Storybook build, despite Snyk's metadata indicating otherwise.
Additionally, this update creates a version inconsistency for @swc/core within the monorepo, as the packages/cli package remains on an older version (^1.3.46). For better maintainability, it's recommended to align dependency versions across the monorepo. Consider upgrading @swc/core and its related packages (like @swc/helpers) in packages/cli as well, either in this PR or a follow-up.
|
This PR has been automatically marked as stale because it has not had recent activity from the author. It will be closed if no further activity occurs. If the PR was closed and you want it re-opened, let us know and we'll re-open the PR so that you can continue the contribution! |
2 participants
Snyk has created this PR to upgrade @swc/core from 1.3.68 to 1.15.10.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version is 484 versions ahead of your current version.
The recommended version was released 25 days ago.
Important
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
EntelligenceAI PR Summary
This PR upgrades the SWC compiler toolchain in the Storybook package from version 1.3.x to 1.15.x.