d4a5378adf
Frontend: - Replace Next.js with Vite + React + TypeScript - Add new component architecture (app-shell, sidebar, dashboard modules) - Implement product modules: FRAME, safety protocols, walkthrough checkin, campus/staff attendance, personality quiz, sign language, classroom timer - Add shadcn/ui component library with Tailwind CSS - Remove legacy generated components, stores, and pages Backend: - Add product migrations: frame_entries, user_progress, safety_quiz_results, walkthrough_checkins, communication_events, personality_quiz_results, campus_attendance_config/summaries, staff_attendance_records, content_catalog - Add corresponding models, services, and routes - Implement cookie-based auth with refresh token rotation - Add content catalog seeder with product content - Migrate to ESLint flat config - Switch from yarn to npm Infrastructure: - Update .gitignore for new tooling - Add project documentation (CLAUDE.md, docs/) - Remove deprecated config files and yarn.lock Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
70 lines
2.2 KiB
Markdown
70 lines
2.2 KiB
Markdown
# Dependency Baseline
|
|
|
|
## Purpose
|
|
|
|
This document records the active dependency baseline for the project after upgrading runtime and tooling packages.
|
|
|
|
## Active Applications
|
|
|
|
The active applications are:
|
|
|
|
- `frontend/`
|
|
- `backend/`
|
|
|
|
Both active applications use npm lockfiles:
|
|
|
|
- `frontend/package-lock.json`
|
|
- `backend/package-lock.json`
|
|
|
|
The root production scripts use npm commands. Do not add Yarn lockfiles back to the active apps unless the package-manager decision is explicitly changed.
|
|
|
|
## Frontend Baseline
|
|
|
|
The frontend dependency baseline has been updated to current stable npm versions for the active Vite app.
|
|
|
|
Key tooling/runtime updates:
|
|
|
|
- React 19
|
|
- Vite 8
|
|
- TypeScript 6
|
|
- Tailwind 4 with `@tailwindcss/postcss`
|
|
- Vitest 4
|
|
- ESLint 10
|
|
- `@vitejs/plugin-react`
|
|
- Playwright for frontend smoke tests
|
|
|
|
Verification:
|
|
|
|
- `npm run lint` passes.
|
|
- `npm run test` passes.
|
|
- `npm run test:e2e` passes when a local browser install is available.
|
|
- `npm run build` passes and runs typecheck before Vite.
|
|
- `npm audit --audit-level=low` reports 0 vulnerabilities.
|
|
- `npm outdated` reports no outdated stable dependencies.
|
|
|
|
## Backend Baseline
|
|
|
|
The backend dependency baseline has been updated to current stable npm versions for the active Express app.
|
|
|
|
Key tooling/runtime updates:
|
|
|
|
- Express 5
|
|
- bcrypt 6
|
|
- helmet 8
|
|
- jsonwebtoken 9
|
|
- Sequelize 6.37
|
|
- ESLint 10 flat config
|
|
- `eslint-plugin-import-x` for unresolved import checks with ESLint 10
|
|
|
|
The backend uses an npm `overrides` entry for `uuid` so transitive dependency trees resolve to the patched stable line.
|
|
|
|
Verification:
|
|
|
|
- `npm audit --audit-level=low` reports 0 vulnerabilities.
|
|
- `npm outdated` reports only `json2csv@6.0.0-alpha.2` above the installed stable `5.0.7`; prerelease packages are not part of the stable baseline.
|
|
- `npm run lint` still fails on existing generated/template code debt. The ESLint 10 `.eslintignore` warning is resolved, and the remaining lint failures should be fixed as backend cleanup instead of hidden with broad ignores.
|
|
|
|
## Reference Frontend
|
|
|
|
`ref-frontend/` is a temporary reference artifact, not the active runtime frontend. Keep it frozen until integration work no longer needs it, then delete it.
|