admin/40227-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
40227-vm/docs/dependency-baseline.md
Dmitri d4a5378adf Refactor: migrate frontend to Vite/React, add product backend modules 
Frontend:
- Replace Next.js with Vite + React + TypeScript
- Add new component architecture (app-shell, sidebar, dashboard modules)
- Implement product modules: FRAME, safety protocols, walkthrough checkin,
  campus/staff attendance, personality quiz, sign language, classroom timer
- Add shadcn/ui component library with Tailwind CSS
- Remove legacy generated components, stores, and pages

Backend:
- Add product migrations: frame_entries, user_progress, safety_quiz_results,
  walkthrough_checkins, communication_events, personality_quiz_results,
  campus_attendance_config/summaries, staff_attendance_records, content_catalog
- Add corresponding models, services, and routes
- Implement cookie-based auth with refresh token rotation
- Add content catalog seeder with product content
- Migrate to ESLint flat config
- Switch from yarn to npm

Infrastructure:
- Update .gitignore for new tooling
- Add project documentation (CLAUDE.md, docs/)
- Remove deprecated config files and yarn.lock

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-06-09 15:18:23 +02:00

2.2 KiB
Raw Blame History

Dependency Baseline

Purpose

This document records the active dependency baseline for the project after upgrading runtime and tooling packages.

Active Applications

The active applications are:

  • frontend/
  • backend/

Both active applications use npm lockfiles:

  • frontend/package-lock.json
  • backend/package-lock.json

The root production scripts use npm commands. Do not add Yarn lockfiles back to the active apps unless the package-manager decision is explicitly changed.

Frontend Baseline

The frontend dependency baseline has been updated to current stable npm versions for the active Vite app.

Key tooling/runtime updates:

  • React 19
  • Vite 8
  • TypeScript 6
  • Tailwind 4 with @tailwindcss/postcss
  • Vitest 4
  • ESLint 10
  • @vitejs/plugin-react
  • Playwright for frontend smoke tests

Verification:

  • npm run lint passes.
  • npm run test passes.
  • npm run test:e2e passes when a local browser install is available.
  • npm run build passes and runs typecheck before Vite.
  • npm audit --audit-level=low reports 0 vulnerabilities.
  • npm outdated reports no outdated stable dependencies.

Backend Baseline

The backend dependency baseline has been updated to current stable npm versions for the active Express app.

Key tooling/runtime updates:

  • Express 5
  • bcrypt 6
  • helmet 8
  • jsonwebtoken 9
  • Sequelize 6.37
  • ESLint 10 flat config
  • eslint-plugin-import-x for unresolved import checks with ESLint 10

The backend uses an npm overrides entry for uuid so transitive dependency trees resolve to the patched stable line.

Verification:

  • npm audit --audit-level=low reports 0 vulnerabilities.
  • npm outdated reports only json2csv@6.0.0-alpha.2 above the installed stable 5.0.7; prerelease packages are not part of the stable baseline.
  • npm run lint still fails on existing generated/template code debt. The ESLint 10 .eslintignore warning is resolved, and the remaining lint failures should be fixed as backend cleanup instead of hidden with broad ignores.

Reference Frontend

ref-frontend/ is a temporary reference artifact, not the active runtime frontend. Keep it frozen until integration work no longer needs it, then delete it.