Skip to content

Update dependencies#687

Merged
curquiza merged 12 commits into
mainfrom
chore/bump-dependencies
Jul 1, 2026
Merged

Update dependencies#687
curquiza merged 12 commits into
mainfrom
chore/bump-dependencies

Conversation

@Strift

@Strift Strift commented Apr 20, 2026

Copy link
Copy Markdown
Contributor

Pull Request

What does this PR do?

  • Bump meilisearch to v0.57.0
  • Bump @meilisearch/instant-meilisearch to v0.31.2 (latest compatible with meilisearch@^0.57)

Dev dependencies updates to align with JS SDK tooling:

  • Migrate from eslint to oxlint (internal)
  • Migrate from prettier to oxfmt (internal)

PR checklist

Please check if your PR fulfills the following requirements:

  • Did you use any AI tool while implementing this PR (code, tests, docs, etc.)? If yes, disclose it in the PR description and describe what it was used for. AI usage is allowed when it is disclosed.
    Used Cursor AI assistance for rebase conflict resolution, dependency version checks, and running verification commands.
  • Does this PR fix an existing issue, or have you listed the changes applied in the PR description (and why they are needed)?
  • Have you read the contributing guidelines?
  • Have you made sure that the title is accurate and descriptive of the changes?

Thank you so much for contributing to Meilisearch!

Summary by CodeRabbit

  • Bug Fixes

    • Updated Meilisearch client dependencies to maintain compatibility with the latest library behavior.
  • Chores

    • Switched linting/formatting tooling and CI checks to the newer oxlint/oxfmt setup.
    • Updated editor formatter/lint integration and repo formatting/lint configuration.
  • Tests

    • Added end-to-end coverage for the “API key required” flow, including wrong vs. valid key entry and API key changes via the settings modal.

@coderabbitai

coderabbitai Bot commented Apr 20, 2026

Copy link
Copy Markdown

Review Change Stack

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: d32eb6fa-8aa2-4031-9efb-0c99d8439ff4

📥 Commits

Reviewing files that changed from the base of the PR and between d7dce62 and 3d5ce17.

📒 Files selected for processing (2)
  • .vscode/settings.json
  • cypress/support/commands.js
🚧 Files skipped from review as they are similar to previous changes (2)
  • .vscode/settings.json
  • cypress/support/commands.js

📝 Walkthrough

Walkthrough

This PR replaces ESLint/Prettier tooling with oxlint/oxfmt, updates Meilisearch import and Cypress task-wait patterns, adds an API key end-to-end test, and makes minor documentation and markup edits.

Changes

Lint and format tooling migration

Layer / File(s) Summary
Tooling configs and package wiring
.eslintrc.json, .oxfmtrc.json, .oxlintrc.json, .github/workflows/tests.yml, .vscode/extensions.json, .vscode/settings.json, package.json, .yarnrc.yml
Removes ESLint config, adds oxlint/oxfmt configs, updates CI/editor wiring, changes package scripts and dependencies, and reformats Yarn package extensions.
Oxlint directive updates
cypress.config.js, src/components/Results/index.jsx, src/hooks/useLocalStorage.js, validate-env.js, src/components/Header/index.jsx, src/components/Results/Hit.jsx
Replaces ESLint suppression comments with oxlint equivalents in source and Cypress config files.

Meilisearch client and Cypress flow updates

Layer / File(s) Summary
Meilisearch import updates
src/App.jsx, src/components/ApiKeyModalContent.jsx, src/context/MeilisearchClientContext.jsx, src/utils/hasAnApiKeySet.js
Switches Meilisearch imports to the direct named export across the app and utility code.
Cypress task waiting helpers
cypress/support/commands.js
Updates Cypress support commands to use chained .waitTask() and waits for all index deletions to complete.
API key end-to-end test
cypress/e2e/test-api-key-required.cy.js
Adds an end-to-end suite covering API key prompts, valid and invalid submissions, and key persistence in settings.

Documentation and markup edits

Layer / File(s) Summary
Docs and markup formatting
CONTRIBUTING.md, README.md, index.html
Adds blank lines in contributing guidance, changes README emphasis markers, and updates the HTML doctype casing.

Estimated code review effort: 3 (Moderate) | ~25 minutes

Sequence Diagram(s)

sequenceDiagram
    participant CypressTest
    participant DashboardUI
    participant ApiKeyModal
    participant MeilisearchClient

    CypressTest->>DashboardUI: visit("/")
    DashboardUI->>ApiKeyModal: show API key prompt
    CypressTest->>ApiKeyModal: enter wrong API key
    ApiKeyModal->>MeilisearchClient: updateClient(wrong key)
    MeilisearchClient-->>ApiKeyModal: error
    ApiKeyModal-->>CypressTest: show invalid key message
    CypressTest->>ApiKeyModal: enter valid API key
    ApiKeyModal->>MeilisearchClient: updateClient(valid key)
    MeilisearchClient-->>ApiKeyModal: success
    ApiKeyModal-->>DashboardUI: close modal
Loading

Poem

A rabbit hopped by lantern glow,
From ESLint trails to oxlint snow.
It clicked the key, both right and wrong,
Then waited tasks all snug and long.
With docs tidied, the burrow sings 🐇

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
✅ Passed checks (4 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title is related to the main change: dependency and tooling updates across the project.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch chore/bump-dependencies

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@Strift Strift self-assigned this Apr 20, 2026
@Strift Strift added the maintenance Issue about maintenance (CI, tests, refacto...) label Apr 20, 2026
@Strift
Strift requested a review from curquiza April 22, 2026 04:35
@curquiza

Copy link
Copy Markdown
Member

@Strift should I review since it's in draft?

@Strift
Strift removed the request for review from curquiza May 4, 2026 06:46
@Strift
Strift force-pushed the chore/bump-dependencies branch from 8144648 to d7dce62 Compare June 30, 2026 06:28
@Strift Strift changed the title Update meilisearch dependencies Update dependencies Jun 30, 2026
@Strift
Strift marked this pull request as ready for review July 1, 2026 04:27

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

🧹 Nitpick comments (1)
.github/workflows/tests.yml (1)

11-26: 🔒 Security & Privacy | 🔵 Trivial | ⚡ Quick win

Missing explicit permissions block on linter_check job.

Static analysis flags the job for relying on default (overly broad) GITHUB_TOKEN permissions. Since this job only checks out code and runs lint/format, it doesn't need write access.

🔒 Suggested fix
   linter_check:
     runs-on: ubuntu-latest
     name: linter-check
+    permissions:
+      contents: read
     steps:
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/tests.yml around lines 11 - 26, Add an explicit
permissions block to the linter_check job in the tests workflow so it does not
inherit broad default GITHUB_TOKEN access. Since this job only uses
actions/checkout and runs yarn lint and yarn format:check, set the job-level
permissions to read-only for repository contents using the linter_check job
definition.

Source: Linters/SAST tools

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.vscode/settings.json:
- Around line 2-7: The VS Code settings are inconsistent because oxfmt is
disabled while editor.defaultFormatter and editor.formatOnSave still rely on
oxc.oxc-vscode. Update the settings in this block so formatting on save works
again by either re-enabling oxc.enable.oxfmt or switching the default formatter
away from oxc.oxc-vscode, and keep the formatter-related keys aligned.

In `@cypress/support/commands.js`:
- Around line 12-15: The deleteAllIndexes flow is still not awaiting the async
deletions because indexes.forEach ignores the promises from
client.deleteIndex(index.uid).waitTask(). Update the logic in deleteAllIndexes
to collect the per-index delete promises with map and await them with
Promise.all so the function only resolves after all index deletions complete.

---

Nitpick comments:
In @.github/workflows/tests.yml:
- Around line 11-26: Add an explicit permissions block to the linter_check job
in the tests workflow so it does not inherit broad default GITHUB_TOKEN access.
Since this job only uses actions/checkout and runs yarn lint and yarn
format:check, set the job-level permissions to read-only for repository contents
using the linter_check job definition.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 3775516c-c2e8-465d-8f35-57dd2a2bae9a

📥 Commits

Reviewing files that changed from the base of the PR and between 8aff50d and d7dce62.

⛔ Files ignored due to path filters (1)
  • yarn.lock is excluded by !**/yarn.lock, !**/*.lock
📒 Files selected for processing (26)
  • .eslintignore
  • .eslintrc.json
  • .github/workflows/tests.yml
  • .oxfmtrc.json
  • .oxlintrc.json
  • .prettierrc
  • .vscode/extensions.json
  • .vscode/settings.json
  • .yarnrc.yml
  • CONTRIBUTING.md
  • README.md
  • cypress.config.js
  • cypress/e2e/test-api-key-query-param.cy.js
  • cypress/e2e/test-api-key-required.cy.js
  • cypress/support/commands.js
  • index.html
  • package.json
  • src/App.jsx
  • src/components/ApiKeyModalContent.jsx
  • src/components/Header/index.jsx
  • src/components/Results/Hit.jsx
  • src/components/Results/index.jsx
  • src/context/MeilisearchClientContext.jsx
  • src/hooks/useLocalStorage.js
  • src/utils/hasAnApiKeySet.js
  • validate-env.js
💤 Files with no reviewable changes (6)
  • .prettierrc
  • .eslintrc.json
  • cypress/e2e/test-api-key-query-param.cy.js
  • .eslintignore
  • cypress.config.js
  • cypress/e2e/test-api-key-required.cy.js

Comment thread .vscode/settings.json Outdated
Comment thread cypress/support/commands.js Outdated
@Strift

Strift commented Jul 1, 2026

Copy link
Copy Markdown
Contributor Author

@curquiza we're now ready for a review 🙏

@curquiza
curquiza added this pull request to the merge queue Jul 1, 2026
Merged via the queue into main with commit de108d9 Jul 1, 2026
5 checks passed
@curquiza
curquiza deleted the chore/bump-dependencies branch July 1, 2026 06:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

maintenance Issue about maintenance (CI, tests, refacto...)

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants