Skip to content

Update dependencies (security warnings), finish migration away from bits-ui/shadcn-svelte, and various cleanups #685

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 8 commits into from
Apr 25, 2025
Merged

Update dependencies (security warnings), finish migration away from bits-ui/shadcn-svelte, and various cleanups #685

merged 8 commits into from
Apr 25, 2025

Conversation

sean-zlai
Copy link
Contributor

@sean-zlai sean-zlai commented Apr 24, 2025
edited
Loading

Summary

Resolves ZIP-687 and ZIP-421

  • Resolves dependabot alerts and snyk (all local/dev only)
  • Finish migration from shadcn-svelte / bits-ui to Svelte UX components
  • Remove unused dependencies
    • @sveltejs/adapter-auto
    • @sveltejs/adapter-static
    • svelte-intersection-observer
    • cmdk-sv
    • svelte-radix
    • dotenv
    • internationalized/date
    • tailwind-variants
    • bits-ui
  • Cleanup some tailwind/css variables
  • Various cleanups
Before After
image image

Checklist

  • Added Unit Tests
  • Covered by existing CI
  • Integration tested
  • Documentation update

@linear Linear
Copy link

linear bot commented Apr 24, 2025

ZIP-687 Bump all dependencies / resolve security alerts

@coderabbitai coderabbitai
Copy link

coderabbitai bot commented Apr 24, 2025
edited
Loading

Walkthrough

This set of changes migrates the frontend codebase from custom/local UI button and separator components to those provided by the external svelte-ux package. It removes the local implementations and updates all usages and imports accordingly. Several dependencies are upgraded or removed in package.json, and Svelte adapters are switched. Styling customizations for navigation items are introduced via the settings function. The SplitView component is deleted, and a new Separator component is added. Various files are refactored to use the new UI components and updated class names.

Changes

Files/Paths Change Summary
frontend/package.json Upgraded multiple dependencies; removed unused packages; switched Svelte adapters.
frontend/src/app.css Removed several CSS variables for colors and border radius.
frontend/src/lib/components/NavigationMenu.svelte,
PageHeader.svelte,
ResetZoomButton.svelte,
SortButton.svelte,
charts/TransformControls.svelte,
overview/+page.svelte,
[name]/online/observability/drift/+page.svelte		 Replaced local Button imports/usages with svelte-ux Button; updated styling and props.
frontend/src/lib/components/Separator.svelte New customizable Separator component added.
frontend/src/lib/components/SplitView.svelte Deleted SplitView component.
frontend/src/lib/components/ui/button/button.svelte,
ui/button/index.ts,
ui/separator/index.ts,
ui/separator/separator.svelte		 Deleted local Button and Separator implementations and re-exports.
frontend/src/routes/+layout.svelte Customized NavItem styling via settings from svelte-ux.
frontend/src/routes/[conf]/+page.svelte,
[conf]/[name]/offline/+layout.svelte,
[conf]/[name]/offline/data/+layout.svelte,
[conf]/[name]/online/+layout.svelte		 Changed Separator import paths to new component location.

Sequence Diagram(s)

sequenceDiagram
    participant App
    participant svelte-ux
    participant LocalUI

    App->>svelte-ux: Import Button, Separator, NavItem
    App--xLocalUI: Remove usage of local Button/Separator
    App->>svelte-ux: Use external components in UI
    App->>App: Apply custom styles via settings()
Loading

Possibly related PRs

  • #150: Also updates dependency versions in frontend/package.json.
  • #440: Upgrades svelte-ux and related packages, similar to this PR's UI component migration.
  • #522: Switches from bits-ui/shadcn-svelte to svelte-ux components, closely related to this migration.

Suggested reviewers

  • nikhil-zlai

Poem

Out with the old, in with the new,
Buttons and lines get a sleek debut!
Svelte-ux shines, local bits retire,
Imports are lighter, the UI’s on fire.
With code now clean and styles refined,
The frontend’s future is well-aligned!

Warning

Review ran into problems

🔥 Problems

GitHub Actions and Pipeline Checks: Resource not accessible by integration - https://docs.github.com/rest/actions/workflow-runs#list-workflow-runs-for-a-repository.

Please grant the required permissions to the CodeRabbit GitHub App under the organization or repository settings.

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Generate unit testing code for this file.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai generate unit testing code for this file.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and generate unit testing code.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

coderabbitai[bot]
coderabbitai bot reviewed Apr 24, 2025
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

🧹 Nitpick comments (1)
frontend/src/lib/components/SortButton.svelte (1)

27-30: Simplified Button implementation.

Props spreading works correctly. Consider consistent styling approach with other components that use explicit classes.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro (Legacy)

📥 Commits

Reviewing files that changed from the base of the PR and between 5e1f5b3 and 06eb7cb.

⛔ Files ignored due to path filters (1)
  • frontend/package-lock.json is excluded by !**/package-lock.json
📒 Files selected for processing (20)
  • frontend/package.json (2 hunks)
  • frontend/src/app.css (0 hunks)
  • frontend/src/lib/components/NavigationMenu.svelte (3 hunks)
  • frontend/src/lib/components/PageHeader.svelte (2 hunks)
  • frontend/src/lib/components/ResetZoomButton.svelte (1 hunks)
  • frontend/src/lib/components/Separator.svelte (1 hunks)
  • frontend/src/lib/components/SortButton.svelte (3 hunks)
  • frontend/src/lib/components/SplitView.svelte (0 hunks)
  • frontend/src/lib/components/charts/TransformControls.svelte (2 hunks)
  • frontend/src/lib/components/ui/button/button.svelte (0 hunks)
  • frontend/src/lib/components/ui/button/index.ts (0 hunks)
  • frontend/src/lib/components/ui/separator/index.ts (0 hunks)
  • frontend/src/lib/components/ui/separator/separator.svelte (0 hunks)
  • frontend/src/routes/+layout.svelte (2 hunks)
  • frontend/src/routes/[conf]/+page.svelte (1 hunks)
  • frontend/src/routes/[conf]/[name]/offline/+layout.svelte (1 hunks)
  • frontend/src/routes/[conf]/[name]/offline/data/+layout.svelte (1 hunks)
  • frontend/src/routes/[conf]/[name]/online/+layout.svelte (1 hunks)
  • frontend/src/routes/[conf]/[name]/online/observability/drift/+page.svelte (2 hunks)
  • frontend/src/routes/[conf]/[name]/overview/+page.svelte (3 hunks)
💤 Files with no reviewable changes (6)
  • frontend/src/lib/components/ui/separator/separator.svelte
  • frontend/src/lib/components/ui/separator/index.ts
  • frontend/src/app.css
  • frontend/src/lib/components/ui/button/button.svelte
  • frontend/src/lib/components/SplitView.svelte
  • frontend/src/lib/components/ui/button/index.ts
🔇 Additional comments (39)
frontend/src/routes/[conf]/+page.svelte (1)

11-11: LGTM - updated import path

Import path updated to use standalone Separator component.

frontend/src/routes/[conf]/[name]/offline/data/+layout.svelte (1)

11-11: LGTM - updated import path

Import path updated to use standalone Separator component.

frontend/src/routes/[conf]/[name]/online/+layout.svelte (1)

6-6: LGTM - updated import path

Import path updated to use standalone Separator component.

frontend/src/routes/[conf]/[name]/offline/+layout.svelte (1)

6-6: LGTM - updated import path

Import path updated to use standalone Separator component.

frontend/src/lib/components/charts/TransformControls.svelte (2)

4-4: LGTM - simplified import

Changed from local UI button to svelte-ux package.

68-68: LGTM - simplified Button API

Using iconOnly prop instead of multiple props for styling.

Also applies to: 76-77, 84-85

frontend/src/lib/components/PageHeader.svelte (2)

3-3: Migrated to svelte-ux Button.

Importing from external package instead of local implementation.

18-25: Button styling updated with explicit Tailwind classes.

Removed variant props in favor of direct utility classes for consistent styling approach.

frontend/src/routes/[conf]/[name]/online/observability/drift/+page.svelte (2)

3-3: Simplified imports from svelte-ux.

Consolidated Button and Drawer imports from external package.

390-393: Ghost variant replaced with direct Tailwind classes.

Removed variant prop, keeping consistent with new styling approach.

frontend/src/routes/[conf]/[name]/overview/+page.svelte (4)

20-20: Consolidated UI component imports.

Using svelte-ux components consistently across the application.

40-40: Simplified Separator import path.

Direct import from component file instead of index.

474-478: Variant prop replaced with explicit styling.

Direct Tailwind classes used for consistent styling approach.

482-485: Simplified close button styling.

Removed ghost variant in favor of direct class application.

frontend/src/routes/+layout.svelte (2)

4-4: Added utility for class composition.

Imported cls helper for clean class concatenation in settings.

20-36: Centralized NavItem styling configuration.

Implemented global styling for svelte-ux NavItem components via settings to ensure consistent appearance across the application.

frontend/src/lib/components/ResetZoomButton.svelte (3)

2-4: Clean migration to svelte-ux.

Imports updated correctly for external library.

8-8: Props typing updated appropriately.

Type extends ComponentProps from ButtonUX component.

11-20: Explicit styling replaces variant props.

Migrated from variant-based styling to explicit Tailwind classes with proper class merging.

frontend/src/lib/components/SortButton.svelte (2)

2-4: Imports updated for svelte-ux.

Correctly switched to external Button component.

10-15: Props typing updated for Button.

ComponentProps correctly extended for svelte-ux Button.

frontend/src/lib/components/Separator.svelte (2)

1-13: Well-structured component props.

Clean API with properly typed optional props.

15-23: Clean implementation with flexible styling.

Good use of cls utility for class merging and conditional styles.

frontend/package.json (5)

26-50: Dependencies updated correctly.

Newer versions address security warnings.

60-66: Successful migration from bits-ui.

Removed deprecated dependencies and added svelte-ux.

72-72: Vite override updated.

Ensures consistent version throughout dependencies.

76-76: Linux dependency updated.

Patch version bump for security.

28-28: Note adapter change.

Switched from auto/static adapters to node adapter. Verify deployment implications.

frontend/src/lib/components/NavigationMenu.svelte (11)

2-12: Updated imports to use svelte-ux components.

Imports now use svelte-ux UI components, replacing custom implementations.

Also applies to: 22-22

85-87: Improved semantic HTML for logo link.

Changed from Button to anchor tag - better semantics for navigation.

90-98: Updated search button styling.

Explicit border and fullWidth prop replace variant styling. Text uses new color scheme.

110-113: Replaced Button with NavItem for Home navigation.

NavItem handles active state automatically based on currentUrl.

117-117: Updated section label styling.

Using new color scheme with text-surface-content/40.

119-124: Simplified navigation items with NavItem component.

Replaced custom navigation buttons with NavItem components.

130-130: Updated Resources section label styling.

Consistent with other section labels.

132-135: Replaced Button with NavItem for docs link.

Using consistent component for all navigation items.

137-144: Replaced Button with NavItem for Support link.

Using consistent component for all external links.

146-149: Updated feedback button styling.

Explicit border and padding classes replace variant props.

153-166: Updated user menu toggle styling.

Using new color scheme and explicit styling instead of variant props.

@linear Linear
Copy link

linear bot commented Apr 24, 2025

ZIP-421 Replace shadcn-svelte / bits-ui components with Svelte UX

Since our project is using Svelte 5, it would be nice to update shadcn-svelte and bits-ui to the newer Svelte 5 API versions. Also should bring svelte 5 to the latest version.
They are both available as next versions, so we might want to wait til they become latest

It would remove the npm warning every time we install/update any package.

@sean-zlai sean-zlai requested a review from nikhil-zlai April 24, 2025 17:51
@sean-zlai sean-zlai merged commit be81ef0 into main Apr 25, 2025
6 checks passed
@sean-zlai sean-zlai deleted the sean/zip-687-bump-all-dependencies-resolve-security-alerts branch April 25, 2025 18:45
This was referenced Apr 28, 2025
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@nikhil-zlai nikhil-zlai nikhil-zlai approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@sean-zlai @nikhil-zlai @techniq