chore(dependencies): Update dependencies and remove unUsed package #9247
Conversation
📝 WalkthroughWalkthrough更新 Changes
Sequence Diagram(s)sequenceDiagram
autonumber
participant Dev as 开发者
participant Bootstrap as scripts/bootstrap.mjs
participant Package as package.json
participant Build as 构建/安装流程
participant Breadcrumb as getBreadcrumbProps.tsx
Note over Bootstrap,Package: 模板调整:移除 "ie >= 11" browserslist
Bootstrap->>Package: 生成/写入 package.json(不含 ie >= 11)
Dev->>Build: 执行安装/构建(依赖减少/升级)
Build->>Package: 解析/应用新的依赖清单
Dev->>Breadcrumb: 提供 location(仍可使用 window.location)
Breadcrumb->>Breadcrumb: 使用全局 Location 类型进行类型检查
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~20 minutes Pre-merge checks (3 passed)✅ Passed checks (3 passed)
Poem
✨ Finishing Touches🧪 Generate unit tests
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
dosubot
bot
added
the
size:M
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Summary of Changes
Hello @zzjiaxiang, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!
本次拉取请求主要聚焦于项目依赖的优化和更新。通过移除对旧版 IE 浏览器的支持,并清理了大量未使用的第三方库,显著减少了项目的依赖体积。同时,对现有依赖进行了版本升级,确保了项目的健康和现代化。这些改动有助于提升项目的维护性、构建效率和整体性能。
Highlights
- 移除对 IE 11 的支持: 由于 antd5 不再支持 IE,项目也相应移除了对 IE 11 的兼容性支持,包括 package.json 和 scripts/bootstrap.mjs 中的 browserslist 配置。
- 清理未使用的依赖: 移除了大量在 package.json 中声明但实际代码中未引入或使用的包,例如 @emotion/cache、rc-footer、react-layout-kit 等,以精简项目依赖并减少构建体积。
- 优化 Babel 和 TypeScript 配置: 移除了重复的 Babel 插件 (@babel/plugin-proposal-object-rest-spread,因其已包含在 @babel/preset-env 中) 和不再需要的类型定义包 (@types/history, @types/lodash),提升了配置的简洁性。
- 依赖版本升级: 更新了多个核心和开发依赖到最新版本,包括 @babel/runtime、dayjs、antd、typescript 等,以获取性能改进、新特性和安全修复。
Using Gemini Code Assist
The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.
Invoking Gemini
You can request assistance from Gemini at any point in your pull request via creating an issue comment (i.e. comment on the pull request page) using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands.
| Feature | Command | Description |
|---|---|---|
| Code Review | /gemini review |
Performs a code review for the current pull request in its current state. |
| Pull Request Summary | /gemini summary |
Provides a summary of the current pull request in its current state. |
| Comment | @gemini-code-assist | Responds in comments when explicitly tagged, both in issue comments and review comments. |
| Help | /gemini help |
Displays a list of available commands. |
Customization
To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.
Limitations & Feedback
Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.
You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.
Footnotes
-
Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 2
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (3)
scripts/bootstrap.mjs (2)
1-1: 缺少 readFileSync 导入会在运行期抛出 ReferenceError下方第 56 行调用了
readFileSync,但此处未导入。应用如下补丁:
-import { existsSync, writeFileSync, readdirSync } from 'fs'; +import { existsSync, writeFileSync, readdirSync, readFileSync } from 'fs';
55-73: json 变量在 else 分支未初始化,后续写 README 时会崩溃当
pkgJSONExists && !args.force时,json为undefined,第 87 行会访问json.description导致异常。同时当前分支尝试把pkg的字段拷到json也会抛 “Cannot set properties of undefined”。建议确保
json在两个分支均被赋值。最小修复如下:- } else if (pkgJSONExists) { - const pkg = JSON.parse(readFileSync(pkgJSONPath, 'utf-8')); - [ - 'dependencies', - 'devDependencies', - 'peerDependencies', - 'bin', - 'version', - 'files', - 'authors', - 'types', - 'sideEffects', - 'main', - 'module', - 'description', - ].forEach((key) => { - if (pkg[key]) json[key] = pkg[key]; - }); - } + } else { + json = JSON.parse(readFileSync(pkgJSONPath, 'utf-8')); + }如需保留“生成默认模板并合并已有字段”的逻辑,请告知,我可以给出更健壮的合并与写回实现。
src/layout/utils/getBreadcrumbProps.tsx (1)
47-50: 替换<span onClick>为语义化<a>并在末级项添加aria-current="page"提升可访问性与 SSR 安全
<span>无点击语义、不可键盘操作且 SSR 渲染时location未定义;- 使用
<a href>可保留 SPA 导航能力、支持中键/右键新标签打开,并天然具备可访问性。- return last ? ( - <span>{title || breadcrumbName}</span> - ) : ( - <span onClick={path ? () => (location.href = path) : undefined}> - {title || breadcrumbName} - </span> - ); + return last ? ( + <span aria-current="page">{title || breadcrumbName}</span> + ) : path ? ( + <a href={path}>{title || breadcrumbName}</a> + ) : ( + <span>{title || breadcrumbName}</span> + );
🧹 Nitpick comments (3)
src/layout/utils/getBreadcrumbProps.tsx (2)
73-81: 匹配路由时仅移除首个问号,建议更稳妥地去除查询串
path.replace('?', '')只会替换首个?。考虑到健壮性,建议按?分割或使用正则去除查询部分。- return match(path.replace('?', ''))(url); + const cleaned = path.split('?')[0]; + return match(cleaned)(url);
124-124: filter 返回值应明确为布尔值
filter((item) => item && item.linkPath)依赖字符串真值。为可读性与类型工具友好,建议显式布尔化。- .filter((item) => item && item.linkPath); + .filter((item) => Boolean(item?.linkPath));package.json (1)
63-67: 使用 pnpm 时,优先考虑 overrides 而非 resolutions当前仍保留
resolutions字段。pnpm 官方推荐在pnpm.overrides(或根级overrides)中声明覆盖,以确保生效范围与可维护性。- "resolutions": { - "@types/react": "^18.0.38", - "@types/react-dom": "^18.0.11", - "@types/responselike": "^1.0.0" - }, + "pnpm": { + "overrides": { + "@types/react": "^18.0.38", + "@types/react-dom": "^18.0.11", + "@types/responselike": "^1.0.0" + } + },
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
💡 Knowledge Base configuration:
- MCP integration is disabled by default for public repositories
- Jira integration is disabled by default for public repositories
- Linear integration is disabled by default for public repositories
You can enable these sources in your CodeRabbit configuration.
📒 Files selected for processing (3)
package.json(3 hunks)scripts/bootstrap.mjs(1 hunks)src/layout/utils/getBreadcrumbProps.tsx(1 hunks)
🧰 Additional context used
📓 Path-based instructions (1)
**/*.{tsx,jsx}
📄 CodeRabbit inference engine (.cursor/rules/react.mdc)
**/*.{tsx,jsx}: Use early returns whenever possible to make the code more readable.
Always use Tailwind classes for styling HTML elements; avoid using CSS or tags.
Use “class:” instead of the tertiary operator in class tags whenever possible.
Use descriptive variable and function/const names. Also, event functions should be named with a “handle” prefix, like “handleClick” for onClick and “handleKeyDown” for onKeyDown.
Implement accessibility features on elements. For example, a tag should have a tabindex=“0”, aria-label, on:click, and on:keydown, and similar attributes.
Use consts instead of functions, for example, “const toggle = () =>”. Also, define a type if possible.
Files:
src/layout/utils/getBreadcrumbProps.tsx
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)
- GitHub Check: Socket Security: Pull Request Alerts
🔇 Additional comments (2)
src/layout/utils/getBreadcrumbProps.tsx (1)
16-17: 确认:已移除history类型引用,TS 默认包含lib.dom
rg 搜索未发现import type H from 'history'或H.Location引用;tsconfig.json未声明lib时会默认包含dom,无需额外提示或修改类型。package.json (1)
71-93: 关注依赖升级的破坏性变更与 peerDependencies 对齐
- Babel、TypeScript、ESLint、antd、swr、rc-table 等版本跃迁较大,需验证 CI、类型检查和按需构建流程是否正常;antd 在 peerDependencies 定义为 ^5.11.2,但 devDependencies 已升至 ^5.27.1,需在文档中注明已在 5.27.x 环境下验证兼容性。
- 本地执行以下命令以降低回归风险:
pnpm tsc --noEmit pnpm dedupe pnpm test && pnpm build
|
Review the following changes in direct dependencies. Learn more about Socket for GitHub.
|
There was a problem hiding this comment.
Actionable comments posted: 0
♻️ Duplicate comments (1)
package.json (1)
58-62: 移除 IE 支持已到位,请同步检查工具链与文档一致性browserslist 已去掉 IE 条目,方向正确;请确认构建配置(vite/dumi/father/CI)无遗留的 legacy 配置,并在 README/CHANGELOG 明确最低浏览器支持范围。
可执行脚本(只读核验残留引用):
#!/usr/bin/env bash set -euo pipefail # 1) 搜索 IE/legacy 相关残留 rg -n -C2 -I -g '!node_modules/**' -e '\bie\s*>=\s*11\b|@vitejs/plugin-legacy|legacy\s*\(|browserslist|targets\s*:\s*[{[].*ie\b' . # 2) 同步检查是否存在额外 .browserslistrc / browserslist 配置 fd -H -a -I -t f -g '.browserslistrc' . rg -n -I -g '!node_modules/**' -e '"browserslist"\s*:' package.json **/package.json
🧹 Nitpick comments (1)
package.json (1)
95-98: 对齐所有 @babel 补丁版本
通过脚本查看可知,@babel/core、@babel/parser、@babel/preset-env都在7.28.3,但@babel/traverse为7.28.4,可能导致 pnpm 安装重复命名空间或插件解析差异。建议将三者统一升级到7.28.4:- "@babel/core": "^7.28.3", - "@babel/parser": "^7.28.3", - "@babel/preset-env": "^7.28.3", + "@babel/core": "^7.28.4", + "@babel/parser": "^7.28.4", + "@babel/preset-env": "^7.28.4",
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
⛔ Files ignored due to path filters (1)
pnpm-lock.yamlis excluded by!**/pnpm-lock.yaml
📒 Files selected for processing (1)
package.json(3 hunks)
🔇 Additional comments (3)
package.json (3)
176-176: yorkie 版本与 gitHooks 配置匹配,LGTMyorkie@^2 已可满足当前 gitHooks(pre-commit/commit-msg)使用场景,无需额外调整。
68-93: 请在仓库范围内验证已移除依赖的残留引用
- 本次 PR 已大规模移除多项依赖(如
@emotion/cache、rc-footer、react-syntax-highlighter、query-string等),需确认代码中无遗留的import或require,以避免运行时/打包错误- 上次运行的扫描脚本因过滤规则问题未实际扫描任何文件,请在项目根目录重新执行或调整命令(如去掉不必要的
-g过滤、添加--debug观察被忽略的文件),或手动全局搜索上述包名进行确认
133-173: 升级或移除顶层 esbuild 以满足 Vite 6 的兼容要求
devDependencies 中的 esbuild@^0.15.18 低于 Vite 6.x 系列对 esbuild 的最低兼容版本 (^0.24.0),可能导致构建失败或二进制下载不匹配。建议将顶层 esbuild 升级至兼容范围,或直接移除顶层依赖,让 Vite 自带版本接管。若确认需要升级,可考虑:
- "esbuild": "^0.15.18", + "esbuild": "^0.24.0"
There was a problem hiding this comment.
Actionable comments posted: 1
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
⛔ Files ignored due to path filters (1)
pnpm-lock.yamlis excluded by!**/pnpm-lock.yaml
📒 Files selected for processing (1)
package.json(3 hunks)
🔇 Additional comments (2)
package.json (2)
58-62: 移除 IE 支持与 browserslist 同步:LGTM与 antd5 的支持范围一致,配置精简合理。建议在 CHANGELOG/README 补充“最低浏览器支持范围已移除 IE”的说明,避免使用方产生预期偏差。
88-88: 更新验证脚本并手动检查 rc-table 7.53.0 升级影响#!/usr/bin/env bash set -euo pipefail echo "== 确认依赖树中 rc-table 版本 ==" pnpm why rc-table echo "== 运行所有单元测试 ==" pnpm recursive test echo "== 与易变 API 相关的用法速检 ==" rg -n -C2 \ -e '\bexpandable\b|\bexpandIconColumnIndex\b|\bonHeaderRow\b|\bonRow\b|\bsummary\b|\bcomponents\s*:' \ -g '*.ts' -g '*.tsx' -g '!node_modules/**' .请在项目根目录执行以上脚本并确认:
- 仅存在 ^7.53.0 一种版本;
- 所有单测通过且无用例失败;
- 固定列、可展开行、虚拟滚动、summary 行和自定义 components 行为未发生异常。
| "xhr-mock": "^2.5.1", | ||
| "yorkie": "^2.0.0", | ||
| "zustand": "^4.5.7" | ||
| "yorkie": "^2.0.0" |
There was a problem hiding this comment.
💡 Verification agent
🧩 Analysis chain
yorkie 升级到 ^2.0.0:确认 git hooks 安装流程仍然有效
请确认团队环境中 hooks 会被自动安装;若无额外安装步骤,建议在 scripts 增加一次性的安装钩子,或在贡献指南注明首次安装命令。
- 方案 A(推荐):在 package.json 的 scripts 中新增
{
"scripts": {
"prepare": "yorkie install"
}
}- 自检脚本(本地执行,确认钩子已落盘):
🏁 Script executed:
#!/usr/bin/env bash
set -euo pipefail
test -f .git/hooks/pre-commit && sed -n '1,5p' .git/hooks/pre-commit || echo "pre-commit hook 未安装"Length of output: 19
确保 Git Hooks 自动安装
验证升级至 ^2.0.0 后,执行验证脚本发现 .git/hooks/pre-commit 未安装;请在 package.json 的 scripts 中新增:
// package.json
{
"scripts": {
"prepare": "yorkie install"
}
}🤖 Prompt for AI Agents
package.json lines 176–176: 验证发现升级 yorkie 到 ^2.0.0 后没有自动安装 Git hooks;请在
package.json 的 scripts 节点中新增 prepare 脚本来调用 yorkie install,确保如果已有 prepare
脚本则将其合并或串联(例如用 &&),保存后执行 npm/yarn install 或 npm run prepare 来验证
.git/hooks/pre-commit 已被正确安装。
…ecated entries from pnpm-lock.yaml
There was a problem hiding this comment.
Actionable comments posted: 0
♻️ Duplicate comments (2)
package.json (2)
58-62: 移除 IE 支持已对齐,但建议完善 browserslist 与文档同步
- browserslist 去掉 IE 符合 antd v5 的方向;为避免打到“已停止维护”的目标,建议追加一条排除规则,如:
"not dead"(可选)。- 请在 README/CHANGELOG 明确最低浏览器支持矩阵,保持仓库与 npm 包说明一致。
- 同步确认构建链(dumi/vite/Autoprefixer/Babel preset-env)均只读取这一处 browserslist,避免多处配置不一致。
可以本地跑以下只读脚本排查是否存在其它 browserslist 声明或对 IE 的残留引用:
#!/usr/bin/env bash rg -nCI3 -g '!node_modules/**' -e '"browserslist"\s*:|\bie\s*>=\s*11\b|IE\s*11|Internet\s*Explorer' .
176-176: yorkie 升级到 ^2:补充 prepare 脚本以确保 Git hooks 自动安装yorkie v2 不再在安装时自动写入 .git/hooks;当前已存在 "gitHooks" 配置,但缺少 prepare。否则新克隆仓库的同学可能拿不到 pre-commit/commit-msg。
建议在 scripts 增加:
"scripts": { + "prepare": "yorkie install", "bootstrap": "node ./scripts/bootstrap.mjs",可本地用下述只读脚本确认是否已正确安装:
#!/usr/bin/env bash test -f .git/hooks/pre-commit && sed -n '1,5p' .git/hooks/pre-commit || echo "pre-commit hook 未安装"
🧹 Nitpick comments (1)
package.json (1)
133-133: 添加 engines 并验证构建链兼容性
- package.json 中新增 engines,声明 Node.js ≥18.0.0
- father@4 与 dumi@2 未对 esbuild 0.25.9 提供显式兼容声明,建议检查 lockfile 中的实际 esbuild 版本并在 CI/本地运行构建测试
"packageManager": "[email protected]", + "engines": { + "node": ">=18.0.0" + },
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
⛔ Files ignored due to path filters (1)
pnpm-lock.yamlis excluded by!**/pnpm-lock.yaml
📒 Files selected for processing (1)
package.json(4 hunks)
🔇 Additional comments (1)
package.json (1)
88-88: 移除未使用的 rc-table 依赖
项目中未检测到对rc-table的任何直接引用,也未在锁文件中发现多版本条目;若确无实际使用,请删除该依赖;如通过其他方式使用,请确认引用并补充相关用例。Likely an incorrect or invalid review comment.
1 participant
antd5不再支持 IE, 所以这里也移除了对 IE 的支持发现以下包安装了但是没有引入使用所以进行了移除
@emotion/cache,@emotion/serialize,rc-footer,react-layout-kit,react-lazy-load,react-syntax-highlighter,shiki-es,@ant-design/antd-theme-variable,@octokit/rest,@testing-library/react-hooks,animated-scroll-to,chalk,copy-to-clipboard,fast-deep-equal,identity-obj-proxy,nprogress,polished,query-string,slash2,zustand,@vitejs/plugin-legacy@babel/plugin-proposal-object-rest-spread已经被包含在@babel/preset-env中,所以移除.@types/history,这个包不用安装了.@types/lodash,使用的是lodash-es所以移除.升级部分依赖
Summary by CodeRabbit