#478: dependencies updated to 2026-03-30

[basmasking]

Fixes #478

Changes proposed in this pull request:

• updated dependencies
• bumped version 0.1.4

@MaskingTechnology/comify

[coderabbitai]

Summary by CodeRabbit

• Chores
  • Bumped app version to 0.1.4
  • Updated dependencies: react-router-dom, @eslint/js, and @jitar/plugin-vite to latest compatible versions
  • Added build configuration override for improved build stability

Walkthrough

The package manifest version was incremented from 0.1.2 to 0.1.4, accompanied by a new npm version script. Dependency versions were updated for react-router-dom, @eslint/js, and @jitar/plugin-vite. An npm overrides block was added to pin @rollup/plugin-terser to version 1.0.0.

Changes

Cohort / File(s)	Summary
Package Configuration package.json	Version bumped to 0.1.4; added npm version script; updated dependencies (react-router-dom 7.13.1→7.13.2, @eslint/js 9.39.2→9.39.4, @jitar/plugin-vite 0.10.6→0.10.7); added @rollup/plugin-terser override to 1.0.0.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Possibly related PRs

• #450: Updates multiple overlapping dependencies including react-router-dom, @eslint/js, and @jitar/plugin-vite with version increments.
• #473: Continues dependency bump progression and versioning changes to package.json.
• #425: Updates the same @eslint/js dependency version in package.json.

Suggested reviewers

• petermasking

Poem

🐰 Hop, hop! The versions dance with glee,
Dependencies updated, fresh as can be,
From 0.1.2 to 0.1.4 we climb,
With terser pinned and scripts so fine,
A rabbit's delight, this manifest of rhyme! 🚀

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly references the issue (#478) and summarizes the main change (dependencies updated with a specific date).
Description check	✅ Passed	The description follows the template structure with issue reference, bullet points for changes, and team mention, though change details are minimal.
Linked Issues check	✅ Passed	The PR addresses issue #478 by updating dependencies and bumping the version as indicated, meeting the linked issue objective.
Out of Scope Changes check	✅ Passed	All changes are in-scope: dependency updates, version bump, and addition of a version script align with the dependency update objective.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@package.json`:
- Line 20: The "version" npm script currently runs "npm version $VERSION
--no-git-tag-version", which triggers npm's version lifecycle recursively;
rename the script key (e.g., from "version" to "set-version" or
"update-version") and update any callers to use the new script name so you no
longer collide with npm's built-in version lifecycle hook; ensure the script
value remains "npm version $VERSION --no-git-tag-version" (or call the
underlying versioning command directly) and update CI/README references that
invoke the old "version" script.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 3f4d1f63-a914-48e5-8859-73143a71f1fb

📥 Commits

Reviewing files that changed from the base of the PR and between bdcba0e and 83c1df5.

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (1)

• package.json

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "scripts.version:"
jq -r '.scripts.version // "<missing>"' package.json

echo
if jq -r '.scripts.version // ""' package.json | grep -Eq '\bnpm[[:space:]]+version\b'; then
  echo "Potential recursion risk: scripts.version invokes 'npm version'."
else
  echo "No self-invocation pattern detected."
fi

Repository: MaskingTechnology/comify

Length of output: 192

---

Avoid recursive npm version invocation in the version lifecycle script.

The version script at line 20 invokes npm version, creating a recursion risk. When npm version runs, it triggers the version lifecycle script, which re-invokes npm version recursively. Rename the script to avoid the npm lifecycle hook collision.

Proposed fix

-    "version": "npm version $VERSION --no-git-tag-version",
+    "set-version": "npm version $VERSION --no-git-tag-version",

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	"version": "npm version $VERSION --no-git-tag-version",
	"set-version": "npm version $VERSION --no-git-tag-version",

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@package.json` at line 20, The "version" npm script currently runs "npm
version $VERSION --no-git-tag-version", which triggers npm's version lifecycle
recursively; rename the script key (e.g., from "version" to "set-version" or
"update-version") and update any callers to use the new script name so you no
longer collide with npm's built-in version lifecycle hook; ensure the script
value remains "npm version $VERSION --no-git-tag-version" (or call the
underlying versioning command directly) and update CI/README references that
invoke the old "version" script.