Skip to content

Dedupe dependencies #6085

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
Murderlon merged 7 commits into from
Dec 5, 2025
Merged

Dedupe dependencies #6085

Murderlon merged 7 commits into from
Dec 5, 2025
+237 −3,530

Conversation

@Murderlon
Copy link
Member

@Murderlon Murderlon commented Dec 3, 2025
edited by cursor bot
Loading

With yarn dedupe. New type error surfaced due to new types getting loaded.

Note

Dedupes dependencies and updates code: aligns S3 presign tests with checksum behavior, narrows HMAC key type, tweaks AudioOscilloscope buffer typing, and simplifies Tus success logging.

  • AWS S3:
    • Tests: add requestChecksumCalculation (from @aws-sdk/middleware-flexible-checksums) to S3Client options to match presign behavior.
    • Impl: change generateHmacKey signature to accept string | ArrayBuffer (remove Uint8Array).
  • Audio:
    • AudioOscilloscope: change dataArray type to Uint8Array<ArrayBuffer>.
  • Tus:
    • Simplify success log to Download <url> (remove file name extraction).
  • Dependencies:
    • Deduplicate/upgrade various packages in lockfile.

Written by Cursor Bugbot for commit 5b95865. This will update automatically on new commits. Configure here.

@Murderlon Murderlon self-assigned this Dec 3, 2025
@changeset-bot
Copy link

changeset-bot bot commented Dec 3, 2025
edited
Loading

⚠️ No Changeset found

Latest commit: 5b95865

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@Murderlon Murderlon mentioned this pull request Dec 3, 2025
Merged
Murderlon
Murderlon commented Dec 3, 2025
View reviewed changes
packages/@uppy/tus/src/index.ts

if (upload.url) {
// @ts-expect-error not typed in tus-js-client
const { name } = upload.file
Copy link
Member Author

@Murderlon Murderlon Dec 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This doesn't exist and caused type errors again 🤔

@Murderlon Murderlon requested review from mifi and qxprakash December 3, 2025 10:33
@Murderlon
Merge branch 'main' into dedupe-yarn
0fc571d 
* main:
  [ci] release (#6087)
  build(deps): bump next from 15.5.2 to 15.5.7 (#6088)
  Introduce @uppy/image-generator (#6056)
@Murderlon
dedupe again
5b95865
@socket-security
Copy link

socket-security bot commented Dec 5, 2025

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Added@​changesets/​changelog-github@​0.5.11001006789100
Added@​angular/​platform-browser-dynamic@​19.2.171001007098100
Added@​sveltejs/​adapter-auto@​4.0.0991007091100
Added@​angular/​platform-browser@​19.2.17991007598100
Addednpm-run-all@​4.1.5991009875100
Added@​typescript-eslint/​types@​7.18.01001007698100
Added@​typescript-eslint/​utils@​7.18.01001007798100
Added@​angular/​forms@​19.2.17971007798100
Added@​angular/​router@​19.2.17951007898100
Added@​angular/​common@​19.2.1798100799860
Added@​angular/​compiler@​19.2.171001007998100
Added@​types/​react@​19.1.121001008096100
Added@​angular/​core@​19.2.171001008098100
Added@​angular-devkit/​build-angular@​19.2.15961008197100
Addedrxjs@​7.8.19910010084100
Addedturbo@​2.5.41001008698100
Addedzone.js@​0.15.010010010087100
Addedformidable@​3.5.11009310089100
Addedtypescript@​5.5.41001009010090
Addedtypescript@​5.7.31001009010090
Added@​changesets/​cli@​2.29.59710010095100
Added@​biomejs/​biome@​2.0.510010010099100

View full report

@Murderlon Murderlon merged commit 3c3034b into main Dec 5, 2025
13 checks passed
@Murderlon Murderlon deleted the dedupe-yarn branch December 5, 2025 09:22
Murderlon added a commit that referenced this pull request Dec 5, 2025
@Murderlon
Merge branch 'main' into playwright-upgrade
fa35f7b 
* main:
  Dedupe dependencies (#6085)
  [ci] release (#6087)
  build(deps): bump next from 15.5.2 to 15.5.7 (#6088)
  Introduce @uppy/image-generator (#6056)
Murderlon added a commit that referenced this pull request Dec 5, 2025
@Murderlon
Upgrade playwright in all packages (#6086)
943ed7a 
To resolve security advisories. Should be merged after #6085 

<!-- CURSOR_SUMMARY -->
---

> [!NOTE]
> Upgrades Playwright to 1.57.0 across examples and packages, updating
corresponding yarn.lock entries.
> 
> - **Dependencies**:
> - Bump `playwright` to `1.57.0` in `examples/react/package.json`,
`examples/sveltekit/package.json`, `examples/vue/package.json`,
`packages/@uppy/dashboard/package.json`, and
`packages/@uppy/url/package.json`.
> - Update `yarn.lock` to `[email protected]` and
`[email protected]`.
> 
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
fa35f7b. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mifi mifi mifi approved these changes

@qxprakash qxprakash Awaiting requested review from qxprakash

Assignees

@Murderlon Murderlon

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@Murderlon @mifi