Skip to content

chore: update maintenance dependencies#620

Open
afc163 wants to merge 17 commits into
masterfrom
codex/update-maintenance-deps
Open

chore: update maintenance dependencies#620
afc163 wants to merge 17 commits into
masterfrom
codex/update-maintenance-deps

Conversation

@afc163

@afc163 afc163 commented Jun 29, 2026

Copy link
Copy Markdown
Member

Summary

  • Link the Ant Design ecosystem logo in README files to https://ant.design
  • Update React, React DOM, TypeScript, ESLint, Testing Library, @types/, @typescript-eslint/, lint-staged, and related lint dependencies
  • Add ESLint flat config compatibility for ESLint 9 and TypeScript ESLint 8
  • Use grouped Dependabot updates for npm and GitHub Actions

Test Plan

  • npm run lint
  • npm run tsc

Summary by CodeRabbit

  • 新功能

    • 更新项目配置以支持更现代的构建、类型检查与代码规范流程,提升整体开发体验与稳定性。
    • 升级了 React 相关支持要求,确保与新版本生态保持一致。
  • 文档

    • 优化了 README 顶部徽标展示,新增可点击跳转链接。
    • 修正了部分中文/英文文档中的本地安装命令展示。

@vercel

vercel Bot commented Jun 29, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
drawer Ready Ready Preview, Comment Jul 3, 2026 3:01am

@coderabbitai

coderabbitai Bot commented Jun 29, 2026

Copy link
Copy Markdown

Review Change Stack

Warning

Review limit reached

@afc163, you've reached your PR review limit, so we couldn't start this review.

Next review available in: 59 minutes

Enable usage-based reviews in Billing to review now. Otherwise, wait until the next included review is available.
You're only billed for reviews past your plan's rate limits ($0.25/file).

How can I continue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based reviews.

How do review limits work?

CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan review availability.

For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, additional reviews become available more gradually as earlier reviews age out of the rolling window.

Please refer docs for additional details.

Review details
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 63551baa-249b-453c-bc8e-a855318cb777

📥 Commits

Reviewing files that changed from the base of the PR and between 9654511 and 8f953d5.

📒 Files selected for processing (7)
  • .eslintrc.js
  • README.md
  • README.zh-CN.md
  • eslint.config.mjs
  • global.d.ts
  • package.json
  • tsconfig.json

Walkthrough

本次变更为 dependabot.yml 新增分组配置,README 系列文档更新徽标链接并意外改动安装命令文本,新增 eslint.config.mjs(Flat Config)与 global.d.ts 全局类型声明,升级 package.json 中依赖版本(含 react/react-dom 至 ^19.2.7),并调整 tsconfig.json 的模块解析与严格性选项。

Changes

工具链与依赖升级

Layer / File(s) Summary
ESLint Flat Config 迁移
eslint.config.mjs
新增文件,使用 FlatCompat 转换 legacy .eslintrc.js,过滤/保留 @typescript-eslint/* 规则,注入 no-op 规则并关闭部分 TS 规则。
全局类型声明补充
global.d.ts
新增模块声明(css/less/jsonp/moment locale)、JSX 命名空间扩展、jest Matchers 扩展方法及全局 vi mock 类型声明。
依赖版本升级与 peerDependencies 调整
package.json
批量升级 ESLint/TypeScript/测试相关依赖,新增 @babel/eslint-parser,将 react/react-dom 的 devDependencies 与 peerDependencies 收紧至 ^19.2.7
TypeScript 编译配置调整
tsconfig.json
moduleResolution 改为 bundler,新增 module: "ESNext",关闭多项严格性选项,调整 paths 相对路径前缀,include 显式加入 global.d.ts

文档与 CI 配置更新

Layer / File(s) Summary
Dependabot 分组配置
.github/dependabot.yml
为 npm 与 github-actions 两个 ecosystem 新增 groups 配置,patterns 设为匹配所有依赖('*')。
README 徽标链接与安装命令文本更新
README.md, README.zh-CN.md
Ant Design 徽标改为指向 ant.design 的超链接图片;两处示例代码块中的 npm install 被替换为 ut install

Estimated code review effort: 3 (Moderate) | ~25 minutes

Sequence Diagram(s)

无(本次变更主要为配置、依赖版本升级及文档文本调整,不涉及多组件交互流程)。

Poem

兔窝里新增了几行规则,
依赖升级像胡萝卜换了新鲜的,
可惜 README 里 npm 变成了 ut,
望有心的兔子帮忙修一修~ 🥕
配置文件多又长,
但愿审查顺畅又欢畅!🐰✨

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
✅ Passed checks (4 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed 标题准确概括了本次以维护性依赖升级和相关配置更新为主的变更。
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch codex/update-maintenance-deps

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@socket-security

socket-security Bot commented Jun 29, 2026

Copy link
Copy Markdown

All alerts resolved. Learn more about Socket for GitHub.

This PR previously contained dependency changes with security issues that have been resolved, removed, or ignored.

View full report

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request updates project dependencies (including React 19, TypeScript 6, and ESLint 9), configures Dependabot grouping, adds an ESLint flat configuration, and introduces global type definitions. Feedback on these changes highlights several type safety and configuration issues: disabling strict type-checking in 'tsconfig.json' increases runtime risks; declaring testing globals as 'any' in 'global.d.ts' overrides strongly-typed Jest definitions; dynamically filtering ESLint rules in 'eslint.config.mjs' is fragile compared to a full flat config migration; and globally overriding standard 'react' module types in 'react-compat.d.ts' can cause type conflicts for package consumers.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.

Comment thread tsconfig.json Outdated
Comment thread global.d.ts Outdated
Comment thread eslint.config.mjs Outdated
Comment thread react-compat.d.ts Outdated
@github-actions

github-actions Bot commented Jun 29, 2026

Copy link
Copy Markdown

✅ Preview is ready!

PR preview ✅ Ready ✅ Ready
🔗 Preview https://react-component-drawer-preview-pr-620.surge.sh
📝 Commit8f953d5
⏱️ Build time26.944s
📦 Size4.5 MB (+1.1 KB ⬆️) · 67 files
🪵 LogsView logs
📱 MobileScan to open preview on mobile

↩️ Previous: ⚡️ 8f953d5 · react-component-drawer-preview-pr-620.surge.sh (open ↗) · 2026-07-03 03:02:28 UTC

🤖 Powered by surge-preview

@codecov

codecov Bot commented Jun 30, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 100.00%. Comparing base (bf76c6a) to head (8f953d5).

Additional details and impacted files
@@            Coverage Diff            @@
##            master      #620   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files            7         7           
  Lines          209       209           
  Branches        75        75           
=========================================
  Hits           209       209           

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@github-actions

github-actions Bot commented Jun 30, 2026

Copy link
Copy Markdown

React Doctor skipped this pull request — it changed no React files.

Reviewed by React Doctor for commit 8f953d5.

@vercel

vercel Bot commented Jun 30, 2026

Copy link
Copy Markdown

Deployment failed with the following error:

Resource is limited - try again in 24 hours (more than 100, code: "api-deployments-free-per-day").

Learn More: https://vercel.com/react-component?upgradeToPro=build-rate-limit

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 4

🧹 Nitpick comments (3)
eslint.config.mjs (3)

97-103: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick win

末尾整体关闭三条规则,尤其 no-unused-vars 被完全禁用

@typescript-eslint/no-unused-vars 被设为 'off',而不是收窄到更宽松的选项(如 argsIgnorePattern: '^_'),这会导致未使用变量/参数完全不受 lint 检查,属于代码质量把关的整体放宽。若是临时规避升级期间的报错噪音,建议加 TODO 注释并关联后续跟踪 issue,避免长期遗忘。

💡 建议的收窄方式
   {
     rules: {
       '`@typescript-eslint/no-empty-object-type`': 'off',
       '`@typescript-eslint/no-unsafe-function-type`': 'off',
-      '`@typescript-eslint/no-unused-vars`': 'off',
+      '`@typescript-eslint/no-unused-vars`': [
+        'warn',
+        { argsIgnorePattern: '^_', varsIgnorePattern: '^_' },
+      ],
     },
   },
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@eslint.config.mjs` around lines 97 - 103, The ESLint config is disabling
`@typescript-eslint/no-unused-vars` entirely in the rules block, which overly
weakens linting. Update the configuration near the `rules` object to keep
`no-unused-vars` enabled with narrower ignore settings such as an
underscore-based pattern for intentional unused args/vars, and avoid turning the
rule fully off. If this disablement is only temporary, add a TODO with a
follow-up reference so it can be restored later.

39-42: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick win

noopRule 变通方案缺少说明性注释

用一个空实现替换 @typescript-eslint/consistent-type-exports 是一种合理但不常见的手段(用于避免规则缺失/不兼容导致 flat config 报错),但没有任何注释解释为什么需要这么做。建议补充一句注释,方便后续升级依赖时判断该 workaround 是否仍然必要。

Also applies to: 85-95

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@eslint.config.mjs` around lines 39 - 42, The noopRule workaround in the
eslint config is missing an explanatory comment, so add a brief note near the
noopRule definition and its use in the flat config explaining that it
intentionally replaces `@typescript-eslint/consistent-type-exports` to avoid
missing/incompatible rule errors. Keep the comment tied to noopRule and the
ESLint config setup so future dependency upgrades can quickly determine whether
the workaround is still needed.

44-67: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick win

normalizeConfig 会静默丢弃大量非 recommended 的 @typescript-eslint 规则

该函数仅保留 recommendedTsRules(v8 插件的 recommended 预设)与 localTsRules.eslintrc.js 顶层 rules 中显式覆盖且仍存在于当前插件的规则)。但 legacyConfig 通过 extends: [require.resolve('@umijs/fabric/dist/eslint')] 引入的其余 @typescript-eslint 规则(很可能包含许多非 recommended 但被 fabric 显式启用的规则)会被整体过滤掉,且没有任何注释说明这一取舍的原因和范围。这会导致实际生效的 TS 相关 lint 规则集与历史配置意图产生隐性偏差,且难以被后续维护者察觉。

建议:

  • 在此处添加注释说明为什么要做这层过滤(例如:规避 v8 中已重命名/移除规则导致 compat.config 报错)。
  • 或者显式列出需要保留/排除的规则名单,而不是用"是否存在于当前插件"这一宽松标准隐式判断。
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@eslint.config.mjs` around lines 44 - 67, normalizeConfig 里对
`@typescript-eslint` 规则的过滤会静默丢掉来自 legacyConfig / fabric 预设的非 recommended 规则。请在
normalizeConfig 中明确说明这层过滤的目的与范围,或改为显式维护需要保留/排除的规则名单,避免仅依赖 recommendedTsRules 和
localTsRules 造成隐性配置偏差;重点定位 normalizeConfig、recommendedTsRules、localTsRules 以及
next.rules 的过滤逻辑。
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@package.json`:
- Around line 91-93: The peerDependencies for react and react-dom are too
narrowly pinned to ^19.2.7 and should be widened to keep downstream
compatibility. Update the package.json peerDependencies to accept the React 18+
range used by consumers (for example a React 18/19 compatible interval), while
keeping the newer React version in devDependencies for local development and
testing.

In `@README.md`:
- Line 51: The install command was accidentally changed to ut install in the
user-facing docs, but the project does not define any ut command and the
deployment config still uses npm install. Update the affected README install
instructions back to npm install in the referenced install-command text, and
make sure any other visible installation command in the same docs section is
restored consistently.

In `@README.zh-CN.md`:
- Line 51: The install command in the README was changed to ut install, which
does not match the project setup. Restore the installation instructions in
README.zh-CN.md to use npm install, and make the same correction in the
corresponding install command in README.md so both documents stay consistent
with vercel.json and the actual tooling.

In `@tsconfig.json`:
- Around line 14-20: The tsconfig strictness block is globally disabling type
safety, which degrades emitted declaration quality and hides real typing issues.
Update the TypeScript configuration by removing the blanket strict false setup
in tsconfig.json and re-enable strict mode (including the listed flags) so the
project stays in strict mode; if specific files fail, fix those targeted errors
in the affected symbols rather than relaxing the whole compiler config.

---

Nitpick comments:
In `@eslint.config.mjs`:
- Around line 97-103: The ESLint config is disabling
`@typescript-eslint/no-unused-vars` entirely in the rules block, which overly
weakens linting. Update the configuration near the `rules` object to keep
`no-unused-vars` enabled with narrower ignore settings such as an
underscore-based pattern for intentional unused args/vars, and avoid turning the
rule fully off. If this disablement is only temporary, add a TODO with a
follow-up reference so it can be restored later.
- Around line 39-42: The noopRule workaround in the eslint config is missing an
explanatory comment, so add a brief note near the noopRule definition and its
use in the flat config explaining that it intentionally replaces
`@typescript-eslint/consistent-type-exports` to avoid missing/incompatible rule
errors. Keep the comment tied to noopRule and the ESLint config setup so future
dependency upgrades can quickly determine whether the workaround is still
needed.
- Around line 44-67: normalizeConfig 里对 `@typescript-eslint` 规则的过滤会静默丢掉来自
legacyConfig / fabric 预设的非 recommended 规则。请在 normalizeConfig
中明确说明这层过滤的目的与范围,或改为显式维护需要保留/排除的规则名单,避免仅依赖 recommendedTsRules 和 localTsRules
造成隐性配置偏差;重点定位 normalizeConfig、recommendedTsRules、localTsRules 以及 next.rules
的过滤逻辑。
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 16430b63-6422-4bb6-b22a-9896945075e8

📥 Commits

Reviewing files that changed from the base of the PR and between bf76c6a and 9654511.

📒 Files selected for processing (7)
  • .github/dependabot.yml
  • README.md
  • README.zh-CN.md
  • eslint.config.mjs
  • global.d.ts
  • package.json
  • tsconfig.json

Comment thread package.json Outdated
Comment thread README.md Outdated
Comment thread README.zh-CN.md Outdated
Comment thread tsconfig.json Outdated
@afc163

afc163 commented Jul 1, 2026

Copy link
Copy Markdown
Member Author

Related to ant-design/ant-design#58514.

Copilot AI review requested due to automatic review settings July 2, 2026 03:54

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Updates the repo’s maintenance tooling and docs to align with newer React/TypeScript/ESLint ecosystems, including migrating to ESLint’s flat config and improving Dependabot automation.

Changes:

  • Updated dev dependencies (React/React DOM, TypeScript, ESLint + related plugins, Testing Library, etc.).
  • Migrated from legacy .eslintrc.js to eslint.config.mjs (flat config) and added global.d.ts to centralize ambient type/module declarations.
  • Updated README Ant Design ecosystem logo to link to https://ant.design and grouped Dependabot updates for npm and GitHub Actions.

Reviewed changes

Copilot reviewed 6 out of 8 changed files in this pull request and generated 1 comment.

Show a summary per file
File Description
tsconfig.json Switches module resolution mode and adjusts TS options/includes for the updated toolchain.
README.md Wraps the Ant Design ecosystem logo with a link to ant.design.
README.zh-CN.md Same as README.md for the Chinese README.
package.json Updates dev dependency versions to newer React/TS/ESLint/testing tooling.
global.d.ts Adds ambient references and module declarations used by TS builds/tests/docs.
eslint.config.mjs Introduces ESLint flat config compatible with ESLint 9 / typescript-eslint 8.
.github/dependabot.yml Adds grouped Dependabot updates for npm dependencies and GitHub Actions.
.eslintrc.js Removes legacy ESLint config in favor of the new flat config.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread package.json
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants