#6304 - Release 3.7: Upgrade packages#6312
Open
sh16011993 wants to merge 1 commit into
Open
Conversation
|
weskubo-cgi
requested changes
Jun 29, 2026
| </body-header> | ||
| </template> | ||
| <content-group> | ||
| <form-submission-items |
Collaborator
There was a problem hiding this comment.
While this change isn't wrong this appears to be an entirely unrelated commit.
dheepak-aot
approved these changes
Jul 3, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.





As a part of this PR, the following packages were upgraded:
Routine dependency upgrades for the web and backend packages. Applied via
npm-check-updates, holding back high-risk majors as noted below. Includes one source fix required by the@types/nodev26 bump.Web package — 8 upgraded
@types/node@vue/eslint-config-typescriptaxioseslintprettieruuidvitevueExcluded (web-formio group):
@formio/*,bootstrap*,@fortawesome/fontawesome-free.Backend package — 22 upgraded
@aws-sdk/client-s3@bull-board/api@bull-board/express@bull-board/nestjs@bull-board/ui@faker-js/faker@nestjs/typeorm@types/nodeaxioscron-parsereslintglobalsioredispapaparsepgprettierqsts-loadertypescript-eslintunzipperuuidwebpackExcluded (held back intentionally):
typeorm(0.3.30 → 1.0.0) andredis(5.12.1 → 6.0.1) majors.Source change required by
@types/nodev26@types/nodev26 widened theBinaryLiketype to includeArrayBuffer, whichcrypto'sHash.update()does not accept — breaking the build inlibs/utilities/src/hash-utils.ts. Fixed by narrowing thehashObjectToHexparameter tostring | NodeJS.ArrayBufferView(whatupdate()accepts, and whatBinaryLikeresolved to before v26). All callers passstringorBuffer, so no caller is affected. Also switched the import tonode:cryptoto match the codebase convention.Verification
npm run lint(0 errors),npm run build✅npm run build✅;npm run lintshows only pre-existing issues (verified identical error count on pre-upgrade deps)npm audit fix(non-breaking) — resolved 2 advisories via lockfile-only transitive bumps; nopackage.jsonchangesNotes
npm auditadvisories require--force(would churn the NestJS stack across majors) or have no upstream fix; left for a deliberate follow-up.typeorm1.0.0 andredis6.0.1 majors deferred to dedicated PRs given their breakage risk.