Update deps 2025-02

[nygrenh]

Summary by CodeRabbit

• Chores
  • Upgraded various dependency and toolchain versions across projects to improve performance, security, and compatibility.
• Refactor
  • Streamlined randomization processes and enhanced OAuth client configuration for improved code clarity and reliability.
• Revert
  • Removed endpoints for retrieving page details, feedback, and editing proposals, adjusting related API interactions.

[coderabbitai]

Important

Review skipped

More than 25% of the files skipped due to max files limit. The review is being skipped to prevent a low-quality review.

150 files out of 257 files are above the max files limit of 100. Please upgrade to Pro plan to get higher limits.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Walkthrough

This pull request introduces a new dependency update call in the update script and upgrades multiple dependency versions across various package.json and Cargo.toml files. It refactors several Rust modules by replacing deprecated random generator methods with new API calls, streamlines OAuth client instantiation with method chaining, simplifies control flows, and removes obsolete endpoints from API controllers. Additionally, the Rust toolchain version is updated, and minor improvements in error handling and macro implementations are introduced.

Changes

File(s)	Change Summary
bin/update-dependencies-part-1	Added call to update_node_deps "$RELATIVE_PATH/shared-module/packages/common" "shared-module/common" to update Node.js dependencies in the common package.
package.json, rust-toolchain.toml (root)	Upgraded various dependency and devDependency versions; updated Rust toolchain channel from "1.82" to "1.84".
services/{cms,course-material,example-exercise,main-frontend,quizzes,tmc}/package.json, shared-module/package.json, system-tests/package.json	Bumped dependency versions (e.g., React, ESLint, Next), updated overrides to use $react, and applied minor modifications in dependency management.
services/headless-lms/{certificates,chatbot,doc-macro,langs-api,models,server,utils}/Cargo.toml	Updated Cargo dependencies (e.g., uuid, serde_json, oauth2, rand, etc.) with version increments.
services/headless-lms/models/src/{exercise_slide_submissions.rs,library/peer_or_self_reviewing.rs,offered_answers_to_peer_review_temporary.rs}, services/headless-lms/utils/src/{file_store/mod.rs,strings.rs}, services/headless-lms/server/src/controllers/main_frontend/courses.rs, services/headless-lms/server/src/controllers/helpers/file_uploading.rs, and test helper macros in relevant files	Replaced rand::thread_rng() with rand::rng() and updated random string/number generation methods and corresponding import paths.
services/headless-lms/server/src/{config.rs,domain/authorization.rs,lib.rs,domain/models_requests.rs}	Refactored OAuth client instantiation to use method chaining; introduced static OAuth HTTP client; simplified lifetime annotations and updated the OAuthClient type alias.
services/headless-lms/server/src/controllers/{cms/pages.rs,course_material/courses.rs,main_frontend/pages.rs}	Removed obsolete endpoints and functions (get_page_info, feedback, propose_edit) and modified function visibility.
services/headless-lms/models/src/library/user_exercise_state_updater/state_deriver.rs, services/headless-lms/server/src/domain/csv_export/mod.rs	Streamlined control flow by simplifying mapping and return statements.
services/headless-lms/server/src/programs/doc_file_generator/mod.rs	Added new function controllers() to generate documentation for StudyRegistryCompletion.

Sequence Diagram(s)

sequenceDiagram
    participant C as Client
    participant B as ServerConfigBuilder
    participant OAuth as OAuthClient (BasicClient)
    
    C->>B: Call build()
    B->>OAuth: BasicClient::new(client_id)
    OAuth-->>B: Returns partially initialized client
    B->>OAuth: set_client_secret(secret)
    B->>OAuth: set_auth_uri(auth_url)
    B->>OAuth: set_token_uri(token_url)
    OAuth-->>B: Fully configured OAuthClient
    B-->>C: Return OAuthClient wrapped in Data

Loading

Possibly related PRs

• Update deps 2025-01 #1363: Involves updates to dependency versions (e.g., @types/node) similar to the added call for updating Node.js dependencies.

Suggested labels

dependencies, shared-module, main-frontend, course-material, quizzes, system-tests, headless-lms, cms, example-exercise, tmc, root

Poem

I’m a rabbit with code in my heart, 🐇
Hopping through updates, a joyful art.
Dependencies grow like carrots in sun, 🥕
New functions and fixes—our work is fun!
With every change, bugs scurry away,
In this tech garden, we leap and play.

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR. (Beta)
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[socket-security]

New, updated, and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@kubernetes/[email protected]	environment, network Transitive: filesystem, shell, unsafe	+70	47.7 MB	brendandburns
npm/@tanstack/[email protected] 🔁 npm/@tanstack/[email protected]	None	+1	2.68 MB	nksaraf, tannerlinsley
npm/@types/[email protected] 🔁 npm/@types/[email protected]	None	0	868 kB	types
npm/@types/[email protected] 🔁 npm/@types/[email protected]	None	0	20.6 kB	types
npm/@types/[email protected] 🔁 npm/@types/[email protected]	None	+1	2.05 MB	types
npm/@types/[email protected]	None	+2	2.35 MB	types
npm/@types/[email protected]	None	+2	2.38 MB	types
npm/[email protected] 🔁 npm/[email protected]	None	+5	302 kB	ljharb
npm/[email protected] 🔁 npm/[email protected]	None	+2	850 kB	adrai, jamuhl
npm/[email protected] 🔁 npm/[email protected]	None	+27	471 MB	rauchg, timneutkens, vercel-release-bot
npm/[email protected]	Transitive: environment, eval, filesystem, network, shell, unsafe	+77	17.6 MB	evilebottnawi
npm/[email protected] 🔁 npm/[email protected]	Transitive: environment, filesystem	+4	444 kB	hudochenkov
npm/[email protected] 🔁 npm/[email protected]	None	+1	84.2 kB
npm/[email protected] 🔁 npm/[email protected]	None	0	0 B
npm/[email protected]	None	+6	380 kB	sindresorhus
npm/[email protected]	shell	0	7.82 kB	wmhilton
npm/[email protected]	eval, shell	0	547 kB	josdejong

🚮 Removed packages: npm/@citation-js/[email protected], npm/@next/[email protected], npm/@tanstack/[email protected], npm/@types/[email protected], npm/@types/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected]

View full report↗︎

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (2)

services/headless-lms/server/src/domain/authorization.rs (1)

954-990: Enhanced custom OAuth HTTP client.

The function properly sets custom headers and re-wraps responses into OAuth2-friendly data structures. One minor suggestion: you might capture and log the original parse errors and request-execution errors more verbosely to facilitate debugging.

services/headless-lms/server/src/programs/doc_file_generator/mod.rs (1)

307-307: Consider documenting the reason for using #[allow(non_local_definitions)].

The attribute suggests that the function contains definitions that could be moved to a more appropriate scope. Please add a comment explaining why this attribute is necessary.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 468d3e2 and 0c2a433.

⛔ Files ignored due to path filters (13)

• package-lock.json is excluded by !**/package-lock.json
• services/cms/package-lock.json is excluded by !**/package-lock.json
• services/course-material/package-lock.json is excluded by !**/package-lock.json
• services/example-exercise/package-lock.json is excluded by !**/package-lock.json
• services/headless-lms/Cargo.lock is excluded by !**/*.lock
• services/main-frontend/package-lock.json is excluded by !**/package-lock.json
• services/quizzes/package-lock.json is excluded by !**/package-lock.json
• services/tmc/package-lock.json is excluded by !**/package-lock.json
• shared-module/package-lock.json is excluded by !**/package-lock.json
• shared-module/packages/common/package-lock.json is excluded by !**/package-lock.json
• shared-module/packages/create-exercise-service/package-lock.json is excluded by !**/package-lock.json
• storybook/package-lock.json is excluded by !**/package-lock.json
• system-tests/package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (38)

• bin/update-dependencies-part-1 (1 hunks)
• package.json (1 hunks)
• rust-toolchain.toml (1 hunks)
• services/cms/package.json (3 hunks)
• services/course-material/package.json (2 hunks)
• services/example-exercise/package.json (2 hunks)
• services/headless-lms/certificates/Cargo.toml (1 hunks)
• services/headless-lms/chatbot/Cargo.toml (2 hunks)
• services/headless-lms/doc-macro/Cargo.toml (1 hunks)
• services/headless-lms/langs-api/Cargo.toml (1 hunks)
• services/headless-lms/models/Cargo.toml (2 hunks)
• services/headless-lms/models/src/exercise_slide_submissions.rs (1 hunks)
• services/headless-lms/models/src/library/peer_or_self_reviewing.rs (2 hunks)
• services/headless-lms/models/src/library/user_exercise_state_updater/state_deriver.rs (1 hunks)
• services/headless-lms/models/src/offered_answers_to_peer_review_temporary.rs (1 hunks)
• services/headless-lms/models/src/test_helper.rs (3 hunks)
• services/headless-lms/server/Cargo.toml (5 hunks)
• services/headless-lms/server/src/config.rs (1 hunks)
• services/headless-lms/server/src/controllers/cms/pages.rs (0 hunks)
• services/headless-lms/server/src/controllers/course_material/courses.rs (0 hunks)
• services/headless-lms/server/src/controllers/helpers/file_uploading.rs (2 hunks)
• services/headless-lms/server/src/controllers/main_frontend/courses.rs (1 hunks)
• services/headless-lms/server/src/controllers/main_frontend/pages.rs (0 hunks)
• services/headless-lms/server/src/domain/authorization.rs (4 hunks)
• services/headless-lms/server/src/domain/csv_export/mod.rs (1 hunks)
• services/headless-lms/server/src/domain/models_requests.rs (1 hunks)
• services/headless-lms/server/src/lib.rs (1 hunks)
• services/headless-lms/server/src/programs/doc_file_generator/mod.rs (1 hunks)
• services/headless-lms/server/src/test_helper.rs (3 hunks)
• services/headless-lms/utils/Cargo.toml (2 hunks)
• services/headless-lms/utils/src/file_store/mod.rs (2 hunks)
• services/headless-lms/utils/src/strings.rs (2 hunks)
• services/main-frontend/package.json (3 hunks)
• services/quizzes/package.json (2 hunks)
• services/tmc/package.json (2 hunks)
• shared-module/package.json (1 hunks)
• shared-module/packages/common/package.json (1 hunks)
• system-tests/package.json (1 hunks)

💤 Files with no reviewable changes (3)

• services/headless-lms/server/src/controllers/cms/pages.rs
• services/headless-lms/server/src/controllers/main_frontend/pages.rs
• services/headless-lms/server/src/controllers/course_material/courses.rs

✅ Files skipped from review due to trivial changes (6)

• services/headless-lms/server/src/domain/csv_export/mod.rs
• rust-toolchain.toml
• services/headless-lms/chatbot/Cargo.toml
• services/headless-lms/certificates/Cargo.toml
• services/headless-lms/server/src/controllers/main_frontend/courses.rs
• shared-module/package.json

⏰ Context from checks skipped due to timeout of 90000ms (2)

• GitHub Check: build-and-deploy
• GitHub Check: headless_lms

🔇 Additional comments (113)

services/headless-lms/server/src/domain/authorization.rs (4)

16-16: Import for custom HTTP client error looks good.

The introduction of HttpClientError aligns with the updated error handling strategy.

---

21-21: Use of Lazy for static initialization is acceptable.

Using Lazy ensures thread-safe, on-demand initialization for the static client.

---

35-42: Static HTTP client initialization is clear and consistent.

Defining a static OAUTH_HTTP_CLIENT offers a single, reusable instance of the client. Just confirm you’re okay with panicking on failure with .expect(...) rather than gracefully handling the error at runtime.

---

739-739: Correct usage of the async request function.

Passing the custom HTTP client function is properly updated to match the new signature.

services/headless-lms/utils/src/strings.rs (3)

2-2: Confirm the usage of rng() from the rand crate.

Ensure that rng() is stable and properly version-pinned in Cargo.toml.

---

11-11: Random string generator logic is consistent.

Using rng().sample_iter(Alphanumeric) is functionally equivalent to previous thread-based RNG calls for generating random alphanumeric strings.

---

19-19: Filtering characters is correct and user friendly.

Excluding visually similar characters should reduce confusion. Implementation looks solid.

bin/update-dependencies-part-1 (1)

58-58: Extending dependency updates to a new shared-module directory.

Adding a call to update_node_deps for shared-module/packages/common is consistent with the existing pattern in this script.

services/headless-lms/server/src/lib.rs (1)

31-31: LGTM! Enhanced type safety for OAuth client.

The updated type definition with explicit endpoint states (EndpointSet, EndpointNotSet) improves type safety by making the OAuth client configuration requirements more explicit at compile time.

Also applies to: 37-43

services/headless-lms/models/src/offered_answers_to_peer_review_temporary.rs (1)

14-14: Verify random number generation behavior.

The change from thread_rng().gen_range() to rng().random_range() might affect the cleanup trigger probability. Ensure that the new API maintains the same distribution characteristics.

Run this script to check the distribution of random numbers:

services/headless-lms/utils/src/file_store/mod.rs (1)

15-15: Verify random string generation behavior.

The change from distributions::DistString to distr::SampleString and the updated string generation API might affect the randomness characteristics of generated filenames.

Run this script to verify the random string generation:

Also applies to: 77-77

services/headless-lms/server/src/config.rs (1)

76-80: LGTM! Improved OAuth client configuration.

The changes enhance the code in two ways:

1. Method chaining improves readability by clearly separating each configuration step
2. Explicit type annotation adds clarity and type safety

services/headless-lms/models/src/test_helper.rs (1)

138-138: LGTM! Verify rand crate version compatibility.

The updates to use rand::rng() and rand::distr::Alphanumeric align with the latest rand crate API.

Run this script to verify the rand crate version:

Also applies to: 148-148, 158-158

✅ Verification successful

Rand Crate Version Compatibility Verified

• The rand dependency is set to "0.9.0" in all relevant Cargo.toml files.
• The usage of ::rand::rng() and ::rand::distr::Alphanumeric is compatible with the rand crate version 0.9.0.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check rand crate version in Cargo.toml files
# Expect: Version should be compatible with the new API (>= 0.9.0)

rg -l 'rand = "' | xargs cat

Length of output: 11837

services/headless-lms/server/src/test_helper.rs (1)

151-151: LGTM! Changes are consistent.

The random number generation updates match the changes in the models test helper, maintaining consistency across the codebase.

Also applies to: 161-161, 171-171

services/headless-lms/server/src/domain/models_requests.rs (1)

99-99: LGTM! Lifetime specification simplified.

The change to use an anonymous lifetime ('_) instead of an explicit lifetime parameter simplifies the code without affecting functionality.

services/headless-lms/server/src/controllers/helpers/file_uploading.rs (2)

18-19: LGTM! Import changes align with the updated rand crate module structure.

The imports have been updated to use the new distr module instead of distributions, which is the correct module path for the latest rand crate.

---

277-277: Verify the random string generation change.

The change from thread_rng() to rng() could affect the randomness source. While both methods are valid, let's verify that this change is consistent with other similar changes in the codebase.

✅ Verification successful

Random string generator usage is now consistent across the codebase.
The change from thread_rng() to rng() is uniformly applied, as verified by the absence of thread_rng() and the prevalent usage of rng() in multiple files.

• The file services/headless-lms/server/src/controllers/helpers/file_uploading.rs now uses rand::rng() correctly.
• Similar patterns using rng() were found across test helpers and other modules.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check for any remaining uses of thread_rng() that might need updating
# and verify the consistency of random number generation across the codebase

echo "Checking for remaining thread_rng() usage..."
rg "thread_rng\(\)" 

echo "Checking for new rng() usage pattern..."
rg "rng\(\)"

Length of output: 1976

services/headless-lms/models/src/exercise_slide_submissions.rs (1)

294-294: LGTM! Random number generation update is consistent.

The change from thread_rng() to rng() aligns with similar updates across the codebase.

services/headless-lms/models/src/library/peer_or_self_reviewing.rs (2)

5-5: LGTM! Import update aligns with the new random number generation approach.

The import has been updated to use rng instead of thread_rng, maintaining consistency with other files.

---

581-581: LGTM! Random number generation update is consistent.

The change from thread_rng() to rng() follows the same pattern seen in other files.

services/headless-lms/models/src/library/user_exercise_state_updater/state_deriver.rs (1)

167-170: LGTM! Code flow has been simplified while maintaining functionality.

The control flow has been streamlined by removing the explicit return statement and using unwrap_or_else for cleaner fallback logic.

services/headless-lms/doc-macro/Cargo.toml (1)

12-13: Updated "syn" Dependency Version
The version for the syn dependency has been bumped to "2.0.98" with the existing feature set intact. This update is consistent with the other dependency updates across the project.

services/headless-lms/langs-api/Cargo.toml (3)

12-13: Updated "oauth2" Dependency Version
The oauth2 dependency is now set to "5.0.0". Please ensure that any breaking changes or migration notes from the upstream library have been reviewed and accommodated in the codebase.

---

16-17: Updated "serde_json" Dependency Version
The serde_json dependency has been updated to "1.0.138", aligning it with the version upgrades elsewhere in the project.

---

20-21: Updated "uuid" Dependency Version
The version for the uuid dependency is now "1.12.1" with the serde feature enabled. This change helps maintain consistency across the services.

services/example-exercise/package.json (6)

23-23: Updated "@tanstack/react-query" Version
The dependency @tanstack/react-query has been updated to "^5.66.0", which is in line with the overall dependency standardization across services.

---

29-29: Updated "i18next" Version
The i18next package version update to "^24.2.2" ensures consistency with dependency updates in other modules.

---

33-35: Updated "next", "react", and "react-dom" Versions
The updates to "next": "^15.1.6", "react": "^19.0.0", and "react-dom": "^19.0.0" support the latest features and performance improvements. Please verify that UI components and server-side functionality remain fully compatible.

---

49-52: Updated Type Definitions in DevDependencies
The upgrades for @types/lodash, @types/node, @types/react, and @types/react-dom improve TypeScript compatibility with the updated libraries.

---

55-56: Updated "postcss-styled-syntax" and "stylelint" Versions in DevDependencies
Minor version bumps for these tools ensure better integration and consistency with styling and linting processes across the project.

---

61-64: Updated Overrides for React Packages
Switching override values for react, react-dom, @types/react, and @types/react-dom to "$react" promotes flexible version resolution.

services/tmc/package.json (6)

24-25: Updated Dependencies: "@tanstack/react-query" and "@types/ws"
The dependency @tanstack/react-query is now "^5.66.0", and @types/ws has been updated to "^8.5.14". Make sure that any API or type changes introduced are accommodated accordingly.

---

33-33: Updated "i18next" Dependency Version
The upgrade to "^24.2.2" for i18next maintains consistency with other services and should streamline internationalization workflows.

---

37-39: Updated "next", "react", and "react-dom" Versions
Upgrading "next" to "^15.1.6" and both "react" and "react-dom" to "^19.0.0" enables the use of the latest features and optimizations. Ensure that the front-end renders and behaves as expected after these updates.

---

54-56: Updated DevDependency Type Definitions
The updates for @types/lodash, @types/react, and @types/react-dom improve type safety in development and should work harmoniously with the updated libraries.

---

60-60: Updated "postcss-styled-syntax" Version in DevDependencies
The upgrade to "^0.7.1" ensures that style preprocessing remains consistent with other parts of the project.

---

64-67: Updated Overrides for React Dependencies
Setting the overrides for react, react-dom, @types/react, and @types/react-dom to "$react" provides a more flexible dependency resolution mechanism.

package.json (5)

26-29: Updated ESLint and TypeScript Plugin Dependencies
The updates for @tanstack/eslint-plugin-query, @types/node, @typescript-eslint/eslint-plugin, and @typescript-eslint/parser to their newer versions bring enhanced linting and type-checking improvements.

---

31-33: Updated ESLint Core and Configurations
Upgrading eslint, eslint-config-next, and eslint-config-prettier to "^9.19.0", "^15.1.6", and "^10.0.1" respectively strengthens code quality enforcement and compatibility with the latest Next.js features.

---

35-41: Updated ESLint Plugins for i18next, Import, JSX-A11y, Playwright, and React
These updates enhance the linting rules for internationalization, module imports, accessibility, and React best practices, ensuring more robust code quality across the project.

---

43-45: Updated Linting and PostCSS Dependencies
The version bumps for lint-staged, postcss, and postcss-styled-syntax support improved development workflows and maintain consistency in style processing.

---

48-48: Updated "stylelint" Dependency
Upgrading stylelint to "^16.14.1" brings enhancements in CSS linting, aligning it with the updates in other similar services.

system-tests/package.json (2)

32-37: Updated DevDependency Versions for Playwright and Node Types.
The version bumps for @playwright/browser-chromium, @playwright/test, @types/node, and playwright align with the overall dependency upgrade objective. Please ensure that these new versions do not introduce breaking changes in your system tests.

---

44-44: Tar-fs Version Update in Dependencies.
The upgrade of tar-fs to ^3.0.8 is consistent with coordinated dependency updates and should be verified within integration tests.

services/quizzes/package.json (15)

24-24: Updated @next/bundle-analyzer Version.
The change to ^15.1.6 is in line with similar updates across the codebase for improved tool consistency.

---

26-26: Updated @tanstack/react-query Version.
The version bump to ^5.66.0 ensures consistency with updates in other services.

---

33-33: Updated dompurify Version.
The update to ^3.2.4 meets the goals of uniform dependency versions across modules.

---

36-36: Updated i18next Version.
Changing the version to ^24.2.2 standardizes the dependency upgrade across services.

---

38-38: Updated katex Version.
The upgrade to ^0.16.21 reflects the coordinated effort to keep dependencies current.

---

41-41: Updated Next.js Version.
Changing to ^15.1.6 is consistent with updates elsewhere. Verify that all Next.js–related logic is compatible with this version.

---

42-42: Updated PostCSS Version.
The bump to ^8.5.1 aligns with the broader dependency update strategy.

---

43-43: Updated React Version.
Upgrading React to ^19.0.0 is a substantial change; please verify the compatibility of all React components and the testing suite.

---

44-44: Updated React-DOM Version.
The upgrade to ^19.0.0 should be coordinated with the React update to ensure consistency in rendering behavior.

---

58-58: Updated @types/lodash in DevDependencies.
The upgrade to ^4.17.15 is consistent with other services and should improve type checking accuracy.

---

60-60: Updated @types/react in DevDependencies.
The change to ^19.0.0 supports the upgrade of React and its ecosystem.

---

61-61: Updated @types/react-dom in DevDependencies.
This update to ^19.0.0 mirrors the React upgrade and is critical for maintaining type integrity.

---

66-66: Updated postcss-styled-syntax in DevDependencies.
The new version ^0.7.1 meets our standardization goals across projects.

---

67-67: Updated stylelint Version in DevDependencies.
Changing to ^16.14.1 improves linting consistency across our services.

---

74-77: Unified Overrides for React Packages.
By setting react, react-dom, @types/react, and @types/react-dom to $react, the override promotes consistent version management.

services/main-frontend/package.json (16)

13-13: Updated @citation-js/plugin-bibtex Version.
The version upgrade to ^0.7.18 aligns with similar dependency updates in related services.

---

25-25: Updated @next/bundle-analyzer Version.
Maintaining consistency with other services, the update to ^15.1.6 is well justified.

---

27-27: Updated @tanstack/react-query Version.
The bump to ^5.66.0 is part of the coordinated effort to standardize dependency versions.

---

31-31: Updated citation-js Version.
Upgrading to ^0.7.18 ensures the package stays current and in sync with other module updates.

---

39-39: Updated i18next Version.
The new version ^24.2.2 is consistent with other updates across our services.

---

43-43: Updated Next.js Version.
Changing to ^15.1.6 reflects an overall upgrade strategy; please verify all Next.js–dependent functionality.

---

44-44: Added/Updated Papaparse Dependency.
The inclusion of papaparse at ^5.5.2 should be validated for compatibility across consumers of CSV parsing functionality.

---

45-45: Updated React Version.
The significant upgrade to ^19.0.0 must be thoroughly tested within the front-end environment for potential breaking changes.

---

46-46: Updated React-DOM Version.
Ensure that the upgrade to ^19.0.0 is comprehensively compatible with the React version and UI rendering tests.

---

59-59: Updated @types/diff in DevDependencies.
The minor update to ^7.0.1 improves type safety without major impact.

---

60-60: Updated @types/lodash in DevDependencies.
This change to ^4.17.15 is consistent with our overall type definition strategy.

---

61-61: Updated @types/node in DevDependencies.
Bumping to ^22.13.0 ensures improved type definitions in line with the latest Node versions.

---

63-63: Updated @types/react in DevDependencies.
The update to ^19.0.0 is necessary to match the React upgrade and maintain coherent type definitions.

---

64-64: Updated @types/react-dom in DevDependencies.
This version bump to ^19.0.0 supports the React ecosystem update.

---

68-68: Updated stylelint in DevDependencies.
The new version ^16.14.1 further aligns our linting tools across projects.

---

73-76: Unified Overrides for React Packages.
Switching to the $react variable for react, react-dom, @types/react, and @types/react-dom enforces consistency and easier version management.

services/course-material/package.json (17)

24-24: Updated @tanstack/react-query Version.
The version update to ^5.66.0 ensures consistency with the global dependency upgrade initiative.

---

27-27: Updated citation-js Version.
Bumping to ^0.7.18 aligns with similar changes across related services.

---

31-31: Updated dompurify Version.
The update to ^3.2.4 is consistent with our coordinated update strategy.

---

35-35: Updated i18next Version.
Changing to ^24.2.2 reflects the overall synchronization of dependency versions across services.

---

37-37: Updated katex Version.
Upgrading to ^0.16.21 is part of the standardized updates and should be verified with the rendering components.

---

40-40: Updated Next.js Version.
The bump to ^15.1.6 is consistent with the dependency management strategy across projects.

---

41-41: Updated React Version.
The upgrade to ^19.0.0 necessitates careful testing with course content components to ensure full compatibility.

---

42-42: Updated React-DOM Version.
This change to ^19.0.0 should be paired with comprehensive UI testing to catch any possible regressions.

---

52-52: Updated tsparticles Version.
The update to ^3.8.1 meets the planned dependency version changes and should be verified with particle rendering features.

---

60-60: Updated @types/diff in DevDependencies.
The upgrade to ^7.0.1 is straightforward and aligns with other services’ updates.

---

64-64: Updated @types/lodash in DevDependencies.
The new version ^4.17.15 is consistent with the unified upgrade strategy.

---

65-65: Updated @types/node in DevDependencies.
Bumping to ^22.13.0 maintains consistency among our Node type definitions.

---

66-66: Updated @types/react in DevDependencies.
The update to ^19.0.0 supports the React upgrade in dependencies.

---

67-67: Updated @types/react-dom in DevDependencies.
This change to ^19.0.0 provides necessary support for the updated React-DOM library.

---

72-72: Updated postcss-styled-syntax in DevDependencies.
Upgrading to ^0.7.1 is standard across our services and helps maintain consistency in styles linting.

---

73-73: Updated stylelint in DevDependencies.
The upgrade to ^16.14.1 matches the coordinated updates seen in similar projects.

---

79-82: Unified Overrides for React Packages.
Using the $react variable for react, react-dom, @types/react, and @types/react-dom is an excellent step for consistent versioning.

services/headless-lms/models/Cargo.toml (3)

24-24: Updated uuid Crate Version.
The change to version "1.12.1" with the specified features ensures alignment with similar updates in other headless-lms packages.

---

30-30: Updated serde_json Crate Version.
Bumping to "1.0.138" is consistent with our dependency upgrade plans and should enhance serialization performance.

---

56-56: Updated rand Crate Version.
The update to "0.9.0" reflects upstream improvements and keeps the randomness functionality up to date across the headless-lms project.

shared-module/packages/common/package.json (3)

12-62: Dependency Version Updates in "dependencies" Section
The dependencies have been updated to newer versions for a variety of packages (e.g., @citation-js/plugin-bibtex, @emotion/*, various Fontsource and FontAwesome packages, etc.). One point to note is the usage of React version "^19.0.0" here, which differs from some other parts of the project. Please verify that this discrepancy is intentional and that it won’t lead to compatibility issues across the workspace.

---

65-84: DevDependencies Version Updates
The devDependencies have been uniformly upgraded (including updates for @testing-library/react, several @types/* packages, msw, postcss-styled-syntax, stylelint, and typescript). Ensure that these updates do not break existing tests or type checking and that any custom configurations in your build/test pipeline remain compatible.

---

87-90: Overrides Section Updates
The overrides now force react, react-dom, and their type packages to the workspace variable $react. Confirm that this strategy correctly centralizes the React version across all packages to prevent version mismatches.

services/cms/package.json (2)

15-62: Dependency Version Updates in CMS
This file shows significant dependency updates including:

• Upgrading @tanstack/react-query to "^5.66.0".
• Updating multiple @wordpress/* packages (e.g., @wordpress/base-styles, @wordpress/block-editor, etc.) to newer versions.
• Bumping katex to "^0.16.21" and next to "^15.1.6".

One notable point is that React is specified as "^18.3.1" here, in contrast to "^19.0.0" in the common package. Please verify that this difference is intentional and that the override mechanism (if any) will reconcile these versions across the codebase.

---

64-88: DevDependencies and Overrides Consistency
The devDependencies have been upgraded (e.g., @types/node, @wordpress/scripts, json-schema-to-typescript, etc.) and the overrides section now enforces React-related packages using $react. Ensure that these settings are consistent with the overall project configuration and that automated builds and tests continue to pass after these updates.

services/headless-lms/utils/Cargo.toml (5)

22-23: Update UUID Dependency
The uuid dependency has been updated to version "1.12.1" with features [\"serde\", \"v4\", \"v5\"]. This change aligns with updates in other Cargo.toml files, so please confirm that UUID generation and serialization behaviors are as expected.

---

28-29: Update serde_json Dependency
serde_json is now at version "1.0.138". Verify that any JSON serialization or deserialization logic in the project works correctly with this version and that there are no breaking changes in the API.

---

34-35: Update async-trait
The async-trait dependency has been updated to "0.1.86". Please double-check that all async trait implementations still compile and function properly with this upgrade.

---

38-39: Update rand Dependency
The rand dependency is upgraded from "0.8.5" to "0.9.0". Since rand can introduce API changes, ensure that any logic relying on random number generation has been tested against the new version.

---

69-70: Update ipnet Dependency
The ipnet dependency has been bumped to version "2.11.0". Confirm that all code utilizing IP network address parsing or validation continues to work as intended.

services/headless-lms/server/Cargo.toml (7)

39-39: Update listenfd Dependency Version
The listenfd dependency has been updated to "1.0.2". This is a minor update that should improve compatibility with socket activation mechanisms, so this change looks appropriate.

---

45-45: Update UUID Dependency in Server
The uuid dependency here is updated to "1.12.1" with the appropriate features. Confirm that this update is harmonized with the changes in related packages.

---

50-51: Update serde_json Dependency
serde_json has been bumped to "1.0.138". Please verify that all JSON handling in the server component continues to function correctly with this version change.

---

109-109: Update tempfile Dependency
The tempfile dependency is now "3.16.0". Please check that any temporary file operations are unaffected and that no API changes have been introduced that require code updates.

---

115-115: Update rand Dependency
rand is updated to "0.9.0". Similar to other occurrences, ensure that use cases involving randomness conform to the new API and that no unexpected behavior occurs.

---

127-127: Update async-trait Dependency in Server
The async-trait dependency has been updated to "0.1.86" here as well. Make sure that asynchronous trait implementations throughout the server continue to compile and run as expected.

---

139-139: DevDependency: Update rand
The dev-dependency for rand has also been updated to "0.9.0", ensuring consistency between development and production builds.

services/headless-lms/server/src/programs/doc_file_generator/mod.rs (1)

308-323: LGTM! The documentation generation for StudyRegistryCompletion is well-structured.

The function provides a comprehensive example of the StudyRegistryCompletion struct with realistic values, which is valuable for API documentation.

A few observations:

• The example includes both required and optional fields (tier and completion_registration_attempt_date are None).
• The user_id field uses the Example trait implementation.
• The date values and UUIDs are fixed, making the documentation reproducible.

Let's verify that all fields in the example match the actual struct definition:

✅ Verification successful

Field Consistency Verification for StudyRegistryCompletion is confirmed.
All fields in the example (including types and order) match the struct definition in services/headless-lms/models/src/course_module_completions.rs:

• completion_date: Uses a proper DateTime<Utc> value.
• completion_language: Provided as a valid String.
• completion_registration_attempt_date: Correctly shown as None, matching Option<DateTime<Utc>>.
• email: Matches the String type.
• grade: Instantiated properly via StudyRegistryGrade::new.
• id: Parsed to a Uuid as expected.
• user_id: Passed as a field (assumed to be a valid Uuid per the context).
• tier: Appropriately set to None, conforming to Option<i32>.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify that all fields in the example match the struct definition.

# Test: Search for the StudyRegistryCompletion struct definition
ast-grep --pattern $'struct StudyRegistryCompletion {
  $$$
}'

Length of output: 63

---

Script:

#!/bin/bash
# Use ripgrep to locate the definition of StudyRegistryCompletion with context of its fields.
rg "struct StudyRegistryCompletion" -n .

Length of output: 147

---

Script:

#!/bin/bash
# Extract the full definition of StudyRegistryCompletion from the models file.
sed -n '/pub struct StudyRegistryCompletion {/,/}/p' ./services/headless-lms/models/src/course_module_completions.rs

Length of output: 1690

[coderabbitai]

⚠️ Potential issue

Major Upgrade for oauth2 Dependency
The oauth2 dependency has been upgraded from "4.4.2" to "5.0.0". This major version change likely introduces breaking changes. It is critical to review and test all OAuth client instantiation and related flows thoroughly.