Skip to content

build(deps): 10 safe root bumps; defer + ignore swizzled openapi-docs#127

Merged
jab3z merged 1 commit into
mainfrom
chore/dependabot-root-safe-bumps
Jun 26, 2026
Merged

build(deps): 10 safe root bumps; defer + ignore swizzled openapi-docs#127
jab3z merged 1 commit into
mainfrom
chore/dependabot-root-safe-bumps

Conversation

@jab3z

@jab3z jab3z commented Jun 26, 2026

Copy link
Copy Markdown
Contributor

What

Ships the 10 safe bumps from Dependabot group PR #126, and holds back the one breaking update in that group.

Why #126 wasn't mergeable as-is

#126 ("npm-root group, 11 updates") bundled one poison pill: docusaurus-theme-openapi-docs 5.0.0 → 5.1.0. 5.1.0 emptied its translationIds module (export {};), and our swizzled RequestSchema/ResponseSchema components import OPENAPI_REQUEST / OPENAPI_SCHEMA / OPENAPI_SCHEMA_ITEM from it → 4 TypeScript errors → the deploy's npm run typecheck step would fail. GitHub marked #126 "mergeable" only because there's no PR-level CI.

Verified locally: pinning just the theme back to 5.0.0 (keeping the other 10) → tsc exits 0. So the theme is the sole culprit.

Bumps in this PR (theme excluded, held at ^5.0.0)

Package Version
@docusaurus/faster · tsconfig · types 3.10.1
@easyops-cn/docusaurus-search-local 0.55.2
docusaurus-markdown-source-plugin 2.2.5
react · react-dom 19.2.7
sass 1.101.0
@apidevtools/json-schema-ref-parser 15.4.0
typescript 6.0.3

Dependabot config

Adds docusaurus-theme-openapi-docs and its sibling docusaurus-plugin-openapi-docs to the root-ecosystem ignore list. Both are swizzled (src/theme/Schema, SchemaItem, RequestSchema, ResponseSchema, ApiExplorer/*) — minor bumps break our coupled components, so they must be upgraded manually with swizzle reconciliation. Same treatment as docusaurus-plugin-mcp-server.

Verification

  • npm ci clean (lockfile in sync) ✅
  • npm run typecheck0 errors
  • npm run build[SUCCESS]
  • search-index.json 2.8MB (cap 50MB; mcp plugin untouched at 0.13.0) ✅
  • 29 API reference pages render (theme 5.0.0 intact) ✅

Follow-up

Supersedes the safe portion of #126 (closed in favor of this). The real 5.1.0 theme upgrade is deferred — it needs reconciling 5.1.0's API against 8 swizzled files (most critically the deep-link Schema/SchemaItem components). Its own scoped task.

🤖 Generated with Claude Code

…kages

Ships the 10 routine bumps from Dependabot group PR #126, holding back the
one breaking update in that group: docusaurus-theme-openapi-docs 5.0.0 ->
5.1.0. 5.1.0 emptied its translationIds module, which our swizzled
RequestSchema/ResponseSchema components import — 4 TS errors that would
fail the deploy's typecheck. GitHub marked #126 mergeable because there is
no PR-level CI; only a local typecheck caught it.

Bumped (verified typecheck + build clean):
- @docusaurus/faster / tsconfig / types -> 3.10.1
- @easyops-cn/docusaurus-search-local -> 0.55.2
- docusaurus-markdown-source-plugin -> 2.2.5
- react / react-dom -> 19.2.7
- sass -> 1.101.0
- @apidevtools/json-schema-ref-parser -> 15.4.0
- typescript -> 6.0.3

Also ignores docusaurus-theme-openapi-docs and its sibling
docusaurus-plugin-openapi-docs in dependabot.yml (root ecosystem): both are
swizzled (src/theme/Schema, SchemaItem, RequestSchema, ResponseSchema,
ApiExplorer/*) and must be upgraded manually with swizzle reconciliation,
never auto-merged.

Verified: npm ci clean, npm run typecheck 0 errors, npm run build SUCCESS,
search-index.json 2.8MB (cap 50MB), 29 API reference pages render.

Supersedes the safe portion of #126; the 5.1.0 theme upgrade is deferred to
a dedicated task.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
@jab3z jab3z merged commit 895cd6d into main Jun 26, 2026
@jab3z jab3z deleted the chore/dependabot-root-safe-bumps branch June 26, 2026 17:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant