Skip to content

SK-2868 dependency upgrades#325

Merged
skyflow-bharti merged 1 commit into
release/26.6.2from
SK-2868-dependency-upgrades-skyflow-node
Jun 24, 2026
Merged

SK-2868 dependency upgrades#325
skyflow-bharti merged 1 commit into
release/26.6.2from
SK-2868-dependency-upgrades-skyflow-node

Conversation

@skyflow-bharti

@skyflow-bharti skyflow-bharti commented Jun 23, 2026

Copy link
Copy Markdown
Collaborator

SK-2868 Dependency Cleanup & Upgrades — skyflow-node

Summary

  • Removed 5 unused dev dependencies
  • Moved @babel/runtime from production to dev dependencies
  • Upgraded jwt-decode to v4 with source + test changes
  • Bumped @babel/preset-typescript, ts-jest, and @types/node to latest stable versions
  • All upgraded packages are verified ≥ 14 days old at time of merge

Production Dependencies

Package Before After Change Package Age
@babel/runtime prod 7.29.2 devDep 7.29.2 Moved — build uses tsc; Babel only runs at test time via babel-jest
jwt-decode 3.1.2 4.0.0 Upgraded — v3 is EOL; v4 switched from default export to named export { jwtDecode } 64 days

Dev Dependencies — Upgraded

Package Before After Package Age
@babel/preset-typescript 7.28.5 7.29.7 29 days
ts-jest 29.4.9 29.4.11 33 days
@types/node 18.19.130 22.19.20 18 days

Dev Dependencies — Removed (unused)

Package Reason
webpack No webpack.config.* exists; build uses tsc only
ts-loader Webpack loader, no webpack config
jest-environment-jsdom testEnvironment is "node"; jsdom is a browser env, unused in this server-side SDK
@eslint/js Not imported in eslint.config.mjs
globals Not imported in eslint.config.mjs

Source Changes

  • src/utils/jwt-utils/index.ts — updated import to jwt-decode v4 named export:
    import { jwtDecode, JwtPayload } from 'jwt-decode'
  • test/vault/utils/jwt-utils/jwt.test.js — updated mock to use jwtDecode named export
  • test/vault/utils/utils.test.js — updated import to v4 named export

Intentionally Not Changed

Package Reason
typescript (stays 5.7.3) TS 5.8+ tightened ArrayBufferLike types; src/_generated_/ (Fern-generated) fails to compile on 5.8+
node-fetch (stays 2.7.0) v3 is ESM-only; SDK builds to CommonJS — requires Fern regeneration to adopt native fetch
@babel/plugin-transform-object-assign (kept) Audit marked it removable but @babel/preset-env with IE 11 targets pulls it in at test time; removing it breaks the test suite

Test Plan

  • npm run build — passes with no TypeScript errors
  • npm test — all 1110 tests pass across 14 suites
  • All upgraded packages verified ≥ 14 days old at merge date (2026-06-23)

@github-actions

github-actions Bot commented Jun 23, 2026

Copy link
Copy Markdown

Gitleaks Findings: No secrets detected. Safe to proceed!

@github-actions

github-actions Bot commented Jun 23, 2026

Copy link
Copy Markdown

Semgrep Findings: Issues with Error level severity are found (Error is Highest severity in Semgrep), Please resolve the issues before merging.

@skyflow-bharti skyflow-bharti changed the base branch from main to release/26.6.2 June 24, 2026 06:53
@skyflow-bharti skyflow-bharti merged commit 09ed991 into release/26.6.2 Jun 24, 2026
16 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@saketh-skyflow saketh-skyflow saketh-skyflow approved these changes
@saileshwar-skyflow saileshwar-skyflow saileshwar-skyflow approved these changes
@Devesh-Skyflow Devesh-Skyflow Devesh-Skyflow approved these changes
@aadarsh-st aadarsh-st aadarsh-st approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@skyflow-bharti @saketh-skyflow @saileshwar-skyflow @Devesh-Skyflow @aadarsh-st