Skip to content

fix: allow webpack-dev-server v6#1102

Merged
justin808 merged 4 commits into
shakacode:mainfrom
G-Rath:support-webpack-dev-server-v6
Jul 5, 2026
Merged

fix: allow webpack-dev-server v6#1102
justin808 merged 4 commits into
shakacode:mainfrom
G-Rath:support-webpack-dev-server-v6

Conversation

@G-Rath

@G-Rath G-Rath commented Apr 28, 2026

Copy link
Copy Markdown
Contributor

Summary

This version will be released in the next week or so, and importantly enables addressing GHSA-w5hq-g745-h8pq

The migration docs are here - I don't think any of the breaking changes require any changes to Shakapacker

Pull Request checklist

  • Add/update test to cover these changes
  • Update documentation
  • Update CHANGELOG file

Other Information

Summary by CodeRabbit

  • Documentation
    • Updated peer dependency and dependency strategy guidance to include support for webpack-dev-server v6 (in addition to v5).
  • Chores
    • Broadened webpack-dev-server version ranges across package and install configuration to support either v5 or v6.
  • Changelog
    • Added an “Unreleased” note highlighting support for webpack-dev-server v6.

@coderabbitai

coderabbitai Bot commented Apr 28, 2026

Copy link
Copy Markdown

Review Change Stack

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

  • @coderabbitai resume to resume automatic reviews.
  • @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

  • ▶️ Resume reviews
  • 🔍 Trigger review

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 10a1a9a7-4262-4e3b-a77c-43bf8a61b97a

📥 Commits

Reviewing files that changed from the base of the PR and between c8911d6 and 1674e12.

📒 Files selected for processing (6)
  • CHANGELOG.md
  • docs/dependency-strategy.md
  • docs/peer-dependencies.md
  • lib/install/package.json
  • package.json
  • packages/shakapacker-webpack/package.json
✅ Files skipped from review due to trivial changes (4)
  • docs/peer-dependencies.md
  • CHANGELOG.md
  • package.json
  • docs/dependency-strategy.md
🚧 Files skipped from review as they are similar to previous changes (2)
  • packages/shakapacker-webpack/package.json
  • lib/install/package.json

Walkthrough

This PR expands the configured and documented webpack-dev-server range from ^5.2.2 to ^5.2.2 || ^6.0.0 across package metadata, install configuration, and related documentation.

Changes

webpack-dev-server v6 Support

Layer / File(s) Summary
Update dependency ranges
package.json, lib/install/package.json, packages/shakapacker-webpack/package.json
webpack-dev-server version constraints were expanded to accept both v5 and v6.
Update dependency documentation
docs/peer-dependencies.md, docs/dependency-strategy.md, CHANGELOG.md
The documented webpack-dev-server ranges were updated, including the v11 Webpack + SWC example snippet and the new changelog note.

Estimated code review effort: 1 (Trivial) | ~5 minutes

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title accurately summarizes the main change: broadening support to allow webpack-dev-server v6.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@justin808 justin808 marked this pull request as ready for review May 16, 2026 01:15
@greptile-apps

greptile-apps Bot commented May 16, 2026

Copy link
Copy Markdown
Contributor

Greptile Summary

This PR widens the webpack-dev-server peer dependency range from ^5.2.2 to ^5.2.2 || ^6.0.0 in three places (package.json, lib/install/package.json, and docs/peer-dependencies.md), unblocking users who want to adopt v6 and the security fix it addresses.

  • All three files are updated consistently and the change is minimal and correct.
  • No code changes to Shakapacker's runtime webpack-dev-server usage are required, as the v6 breaking changes (per the linked migration guide) don't affect Shakapacker's invocation paths.
  • The CHANGELOG is not updated despite the project's convention that peer dependency range widening is a user-visible fix that warrants an entry.

Confidence Score: 4/5

Safe to merge — the change is a one-line peer dependency range widening applied consistently across all three relevant files, with no runtime code touched.

The dependency range update is correct and consistent. The only gap is a missing CHANGELOG entry that the project's own conventions require for user-visible fixes like this one.

CHANGELOG.md should receive an entry under the Unreleased section before merging.

Important Files Changed

Filename Overview
package.json Widens webpack-dev-server peer dependency from ^5.2.2 to `^5.2.2
lib/install/package.json Mirrors the same peer dependency widening for new project installs; change is consistent with package.json.
docs/peer-dependencies.md Documentation updated to reflect the new supported range; consistent with the code changes.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[Shakapacker 10.x] --> B{webpack-dev-server version?}
    B -->|v5.2.2 and above| C[Supported before this PR]
    B -->|v6.0.0 and above| D[Newly supported by this PR]
    B -->|v4.x or older| E[Not supported]
    C --> F[peerDependencies range updated]
    D --> F
Loading

Reviews (1): Last reviewed commit: "fix: allow `webpack-dev-server` v6" | Re-trigger Greptile

@justin808

Copy link
Copy Markdown
Member

@G-Rath I asked copilot about the failing CI:

The failure is happening during the generator install step itself, not in the assertions afterward. The common failing point is the shell command launched from spec/generator_specs/generator_spec.rb:67-69, 253-255, 358-360, and 397-399, all of which call:

  • bundle exec rake shakapacker:install
  • with env like USE_BABEL_PACKAGES=true or JAVASCRIPT_TRANSPILER=babel

That command is executed through Shakapacker::Utils::Misc.sh_in_dir in lib/shakapacker/utils/misc.rb, which only reports a generic shell failure, so the real issue is upstream in the install behavior.

Most likely root cause

The failures line up with the PR’s new Babel-related expectations:

  • spec/generator_specs/generator_spec.rb:110-118 expects config/shakapacker.yml to switch from "swc" to "babel" when USE_BABEL_PACKAGES=true
  • spec/generator_specs/generator_spec.rb:200-217 now expects both Babel and SWC deps when USE_BABEL_PACKAGES=true
  • spec/generator_specs/generator_spec.rb:388-427 expects JAVASCRIPT_TRANSPILER=babel to install Babel deps, exclude SWC deps, and write javascript_transpiler: "babel"

Because 63 examples fail across npm/pnpm/bun/TypeScript/auto-detect cases, this strongly suggests the installer now writes or validates package/config state inconsistently and aborts early for all variants.

Focused solution

Fix the installer so transpiler selection is centralized and consistent:

1. Compute transpiler mode once

In the install code, derive one value from env/options:

transpiler =
  if ENV["JAVASCRIPT_TRANSPILER"] == "babel"
    "babel"
  elsif Shakapacker::Utils::Misc.object_to_boolean(ENV["USE_BABEL_PACKAGES"])
    "babel"
  else
    "swc"
  end

Use that same value everywhere:

  • package dependency selection
  • config/shakapacker.yml
  • JS/TS config template generation

2. Separate “runtime transpiler” from “installed compatibility packages”

Based on the spec:

  • USE_BABEL_PACKAGES=true

    • runtime config should be babel
    • install Babel packages
    • keep SWC packages too
  • JAVASCRIPT_TRANSPILER=babel

    • runtime config should be babel
    • install Babel packages
    • do not install SWC packages

That means the dependency logic should look more like:

use_babel_packages = Shakapacker::Utils::Misc.object_to_boolean(ENV["USE_BABEL_PACKAGES"])
babel_only = ENV["JAVASCRIPT_TRANSPILER"] == "babel"

dependencies = base_dependencies.dup
dependencies.merge!(babel_dependencies) if use_babel_packages || babel_only
dependencies.merge!(swc_dependencies) unless babel_only

3. Update config/shakapacker.yml from the same decision

The install step must replace the transpiler line deterministically:

config = File.read(config_path)
config.gsub!('javascript_transpiler: "swc"', %(javascript_transpiler: "#{transpiler}"))
File.write(config_path, config)

This directly addresses the failures asserted at:

4. Ensure install code does not raise when package manager metadata is updated

The workflow runs on Node 20 in .github/workflows/generator.yml:69-86, and the generator specs run across npm/yarn/pnpm/bun. Since all managers fail, avoid manager-specific mutation during install unless required. In particular:

  • write packageManager safely if missing
  • don’t assume lockfile state
  • don’t require a package install side effect before writing config files

Suggested code shape

If the install code currently has scattered conditionals, refactor to helpers like:

def transpiler
  return "babel" if ENV["JAVASCRIPT_TRANSPILER"] == "babel"
  return "babel" if Shakapacker::Utils::Misc.object_to_boolean(ENV["USE_BABEL_PACKAGES"])

  "swc"
end

def install_babel?
  transpiler == "babel"
end

def install_swc?
  ENV["JAVASCRIPT_TRANSPILER"] != "babel"
end

And then:

deps.merge!(babel_dependencies) if install_babel?
deps.merge!(swc_dependencies) if install_swc?
update_shakapacker_yml(transpiler)

Why this should fix the job

This matches the exact expectations in the failing spec file and explains why the entire generator matrix is collapsing:

  • one bad installer path
  • exercised by every app setup
  • causing bundle exec rake shakapacker:install to exit 1 before assertions run

So the solution is to fix the install implementation to consistently honor:

  • USE_BABEL_PACKAGES=true => Babel config + Babel deps + SWC deps
  • JAVASCRIPT_TRANSPILER=babel => Babel config + Babel deps only

The key failing references are:

If you want a minimal patch, the safest fix is: centralize transpiler selection, make dependency installation conditional as above, and update config/shakapacker.yml from the same single source of truth.

No — this problem is not on main.

PR #1102 is still open and targets main, with:

  • base branch: main at 46cc1056d31d25e3269afb6864c5a7065f6aef89
  • head branch: support-webpack-dev-server-v6 at 503e7aa1df025e168b3962f837c66fe4fda426de

The failing job you asked about ran on the PR head commit 503e7aa1df025e168b3962f837c66fe4fda426de, not on main.

Also, the PR only changes 3 files, all related to widening the webpack-dev-server version range:

  • package.json
  • lib/install/package.json
  • docs/peer-dependencies.md

So the generator-spec failure is happening on the PR branch/merge context, and it does not appear to be a failure already present on main.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@package.json`:
- Line 123: The peerDependencies entry for "webpack-dev-server" lists a
non-existent v6 range ("^5.2.2 || ^6.0.0"); update the package.json
peerDependencies so the "webpack-dev-server" range only includes valid released
versions (remove the "|| ^6.0.0" portion), e.g., change the value to "^5.2.2"
(or to a single valid v5 range such as "^5.2.2" or a bumped v5 like "^5.2.4" if
you want to target the latest patch).
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: cacd7101-6b82-4290-8708-0801cc39152a

📥 Commits

Reviewing files that changed from the base of the PR and between 46cc105 and 503e7aa.

📒 Files selected for processing (3)
  • docs/peer-dependencies.md
  • lib/install/package.json
  • package.json

Comment thread package.json
"webpack-assets-manifest": "^5.0.6 || ^6.0.0",
"webpack-cli": "^4.9.2 || ^5.0.0 || ^6.0.0 || ^7.0.0",
"webpack-dev-server": "^5.2.2",
"webpack-dev-server": "^5.2.2 || ^6.0.0",

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Description: Verify webpack-dev-server v6 availability and security status

# Check available versions on npm
echo "=== Checking webpack-dev-server versions on npm ==="
curl -s https://registry.npmjs.org/webpack-dev-server | jq -r '.versions | keys[] | select(startswith("6."))' | head -10

echo -e "\n=== Checking latest version ==="
curl -s https://registry.npmjs.org/webpack-dev-server/latest | jq -r '.version'

echo -e "\n=== Checking for security advisories ==="
gh api graphql -f query='
{
  securityVulnerabilities(first: 5, ecosystem: NPM, package: "webpack-dev-server") {
    nodes {
      advisory {
        ghsaId
        summary
        severity
        publishedAt
      }
      vulnerableVersionRange
      firstPatchedVersion {
        identifier
      }
    }
  }
}'

Repository: shakacode/shakapacker

Length of output: 1097


🌐 Web query:

webpack-dev-server v6 migration guide breaking changes

💡 Result:

As of May 16, 2026, webpack-dev-server has not released a version 6.0.0 [1][2]. The current stable version is in the 5.x series (specifically 5.2.4, released May 11, 2026) [2]. Because no v6 release exists, there is no official migration guide for it. If you are looking to migrate to the latest version, you should refer to the migration guide for v5.0.0 [3][1]. Key breaking changes introduced in the v5.0.0 release include: - Minimum Node.js version: 18.12.0 [3]. - Minimum webpack version: 5.0.0 [3]. - Server configuration: The http2 and https options were removed in favor of a unified server option [3]. - Middleware: onAfterSetupMiddleware and onBeforeSetupMiddleware were replaced by setupMiddlewares [3]. - Proxy: The proxy option now requires an array [3]. - CLI options: --open-app was replaced by --open-app-name, and --web-socket-server was replaced by --web-socket-server-type [3]. - Environment variables: The WEBPACK_SERVE environment variable value changed from a boolean true to the string 'true' [3]. - API changes: The constructor arguments were updated (first argument is options, second is compiler), and the listen method was replaced by async start or startCallback methods [3]. For detailed instructions on upgrading to the current stable version, consult the official migration-v5.md document in the webpack-dev-server GitHub repository [3].

Citations:


Remove non-existent webpack-dev-server v6 from peer dependency range.

The peer dependency range specifies ^6.0.0, but webpack-dev-server v6 has not been released on npm. The current latest version is 5.2.4. Remove ^6.0.0 from the OR clause so the range reflects only available versions (e.g., ^5.2.2).

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@package.json` at line 123, The peerDependencies entry for
"webpack-dev-server" lists a non-existent v6 range ("^5.2.2 || ^6.0.0"); update
the package.json peerDependencies so the "webpack-dev-server" range only
includes valid released versions (remove the "|| ^6.0.0" portion), e.g., change
the value to "^5.2.2" (or to a single valid v5 range such as "^5.2.2" or a
bumped v5 like "^5.2.4" if you want to target the latest patch).

@G-Rath

G-Rath commented May 16, 2026

Copy link
Copy Markdown
Contributor Author

@justin808 I expect the failures are because CI attempts to install the latest package version possible for peer dependencies, and webpack-dev-server v6 has not yet been published:

image

If you want to land this now, then probably easiest solution would be to have CI special case webpack-dev-server to install v5

@justin808

Copy link
Copy Markdown
Member

@claude please review this PR. Focus on:

  • Code quality and best practices
  • Potential bugs or issues
  • Security implications
  • Performance considerations

Please post your review as a PR comment, and use inline comments for specific code issues.

@justin808

Copy link
Copy Markdown
Member

@claude please review the latest commit on this PR. Focus on:

  • Code quality and best practices
  • Potential bugs or issues
  • Security implications
  • Performance considerations

Post your review as a PR comment, and use inline comments for specific code issues.

@github-actions

github-actions Bot commented Jun 1, 2026

Copy link
Copy Markdown

Claude finished @justin808's task in 1m 23s —— View job


PR Review: fix: allow webpack-dev-server v6

Tasks:

  • Load review tools
  • Read changed files
  • Check git diff vs main
  • Post comprehensive review

Summary

This is a minimal, well-scoped PR that widens the webpack-dev-server peer dependency range from ^5.2.2 to ^5.2.2 || ^6.0.0. The change is applied consistently across all three relevant locations. The motivation (addressing GHSA-w5hq-g745-h8pq) is sound.


Code Quality ✅

The diff is clean and consistent:

File Change
package.json:123 `"webpack-dev-server": "^5.2.2
lib/install/package.json `"webpack-dev-server": "^5.2.2
docs/peer-dependencies.md Documentation matches code

The three-file update is exactly correct — all three need to stay in sync and they do. The range follows the same ||-separated pattern used by other packages in the same files (e.g., webpack-cli, webpack-assets-manifest).


Issues Found

Missing CHANGELOG entry ⚠️

The PR checklist item "Update CHANGELOG file" is unchecked. Per the project's conventions, widening a peer dependency range is a user-visible fix that warrants an entry. The existing [Unreleased] section in CHANGELOG.md already has a ### Fixed subsection — this entry should be added there:

- **Widened `webpack-dev-server` peer dependency range to support v6 (`^5.2.2 || ^6.0.0`)**. [PR #1102](https://github.com/shakacode/shakapacker/pull/1102) by [G-Rath](https://github.com/G-Rath). Allows upgrading to `webpack-dev-server` v6, which addresses [GHSA-w5hq-g745-h8pq](https://github.com/advisories/GHSA-w5hq-g745-h8pq).

Fix this →

CI Failures — Not a code problem ✅

The generator spec failures reported in the CI run are not caused by this PR's code changes. As G-Rath correctly identified, the failures occur because the CI tooling tries to resolve the highest matching version of webpack-dev-server (v6), which may not have been available at the time of the run. Once webpack-dev-server v6.0.0 is published (which it should be by now given the April 28 estimate of "next week or so"), CI should pass cleanly.

The copilot analysis in the thread about generator install failures and transpiler logic is a red herring — those are unrelated to this PR's changes.

If CI is still failing due to this, the simplest workaround would be to pin webpack-dev-server to ^5.2.2 in the CI test matrix while keeping the peer dependency range wide.


Security ✅

The motivating security issue is GHSA-w5hq-g745-h8pq, a vulnerability in webpack-dev-server addressed in v6. Widening the peer range to allow v6 is the right approach — it gives users the choice to upgrade without requiring a Shakapacker release. There are no security concerns introduced by this PR.


Verdict

Approve after adding the CHANGELOG entry. The code change itself is correct, minimal, and consistent. Only the missing CHANGELOG entry needs to be addressed before merging.

Copy link
Copy Markdown
Member

I’m not merging this yet because the current branch is not merge-ready.

The main blocker is that webpack-dev-server@6 still does not appear to be published on npm. I rechecked the registry today, and the latest published version is 5.2.5 with no 6.x versions available. That means the unresolved CodeRabbit thread on package.json is still valid.

That also matches the current CI failure mode: the generator specs try to install webpack-dev-server@^6.0.0, and the package managers fail with “No matching version found.” Since this repo’s merge gate is the full gh pr checks list green, resolved review threads, and clean mergeability, this can’t merge while those generator checks are failing/cancelled and the review decision is CHANGES_REQUESTED.

Other cleanup needed before this is mergeable:

  • update/rebase the branch onto current main (it is significantly behind)
  • add the missing CHANGELOG.md entry if the change remains user-visible
  • rerun CI after the dependency/version direction is corrected
  • resolve the outstanding review thread

The practical paths are either to wait until upstream actually publishes webpack-dev-server@6 and then validate this compatibility change, or repurpose the PR to a current v5 floor such as ^5.2.5 if the goal is to enforce today’s latest v5 release. I would not merge the current ^5.2.2 || ^6.0.0 change while v6 is unpublished and CI is proving the installer path cannot handle it.

@G-Rath G-Rath force-pushed the support-webpack-dev-server-v6 branch from 503e7aa to a31ecef Compare July 3, 2026 03:30
@G-Rath

G-Rath commented Jul 3, 2026

Copy link
Copy Markdown
Contributor Author

@justin808 webpack-dev-server v6 has been published

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: a31ecefb7c

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

Comment thread lib/install/package.json
"webpack-assets-manifest": "^5.0.6 || ^6.0.0",
"webpack-cli": "^4.9.2 || ^5.0.0 || ^6.0.0 || ^7.0.0",
"webpack-dev-server": "^5.2.2",
"webpack-dev-server": "^5.2.2 || ^6.0.0",

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1 Badge Keep installer default on a published dev-server version

For new webpack installs, lib/install/template.rb reads this file, splits ranges on ||, and installs constraints.last, so this change makes shakapacker:install try to add webpack-dev-server@^6.0.0 by default. As of July 3, 2026, upstream webpack-dev-server releases still show v5.2.6 as latest, so the generated install command will fail to resolve until v6 is actually published; keep the install manifest on a published range or special-case the default the same way webpack-cli is handled.

Useful? React with 👍 / 👎.

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

that's very incorrect
image

@G-Rath G-Rath force-pushed the support-webpack-dev-server-v6 branch from a31ecef to 2d759aa Compare July 3, 2026 23:26

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 2d759aa79b

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

Comment thread lib/install/package.json
"webpack-assets-manifest": "^5.0.6 || ^6.0.0",
"webpack-cli": "^4.9.2 || ^5.0.0 || ^6.0.0 || ^7.0.0",
"webpack-dev-server": "^5.2.2",
"webpack-dev-server": "^5.2.2 || ^6.0.0",

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Keep webpack installs on a Node-compatible dev server

When the selected bundler is webpack, lib/install/template.rb splits each range on || and installs constraints.last for every peer except webpack-cli, so this line now makes shakapacker:install request webpack-dev-server@^6.0.0. Fresh evidence since the earlier thread: the current webpack-dev-server v6 package declares engines.node >=22.15.0, while Shakapacker still supports ^20.19.0 || >=22.12.0 in package.json, so supported Node 20 and 22.12–22.14 webpack apps can fail install with engine checks (or hit an unsupported runtime). Please keep the installer default on the v5 range or gate selecting v6 by Node version.

Useful? React with 👍 / 👎.

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

it should be fine to assume new installs are using the latest version of Node, rather than the min.

@G-Rath G-Rath force-pushed the support-webpack-dev-server-v6 branch from c8911d6 to 1674e12 Compare July 5, 2026 19:05

@justin808 justin808 left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@justin808 justin808 merged commit fc16549 into shakacode:main Jul 5, 2026
21 checks passed
@justin808 justin808 mentioned this pull request Jul 6, 2026
2 tasks
justin808 added a commit that referenced this pull request Jul 6, 2026
## Summary
- Stamps `## [v10.2.1] - July 5, 2026` immediately after `##
[Unreleased]`, moving the existing unreleased entries
(webpack-dev-server v6 support, SWC/Babel fallback fixes, production-env
config fallback, and helper binstub PATH fix) into the new version
section.
- Adds the `[v10.2.1]` compare link and updates `[Unreleased]` to
compare from `v10.2.1...main`.

No new entries were needed: a classification sweep of
`v10.2.0..origin/main` found only #1102, #1206, #1200, and #1201 as
user-visible (all already present in Unreleased), plus #1202 (CI-only)
and #1208 (docs-only) which are correctly excluded.

## Test plan
- [x] Verified CHANGELOG.md diff manually
- [x] Confirmed file ends with a trailing newline

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Documentation**
* Updated the changelog with a new **v10.2.1** release entry dated July
5, 2026.
* Refreshed version comparison links so the latest release is now shown
against the main branch, with a new link for comparing **v10.2.0** to
**v10.2.1**.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->

Co-authored-by: Claude Sonnet 5 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants