Skip to content

chore(js): modernize Connect/Protobuf and React test deps#1512

Merged
mishushakov merged 5 commits into
mainfrom
mishushakov/modernize-js-dependencies
Jul 9, 2026
Merged

chore(js): modernize Connect/Protobuf and React test deps#1512
mishushakov merged 5 commits into
mainfrom
mishushakov/modernize-js-dependencies

Conversation

@mishushakov

@mishushakov mishushakov commented Jun 30, 2026

Copy link
Copy Markdown
Member

What

Modernizes the JS SDK's dependencies while remaining fully compatible with the current supported Node range (>=20.18.1) — no engine changes and no breaking impact for consumers.

  • @connectrpc/connect / @connectrpc/connect-web: 2.0.0-rc.3^2.1.2 (off the pre-release pin onto the stable line, and switched to a ^ range).
  • @bufbuild/protobuf: ^2.6.2^2.12.1.
  • React test deps: react / @types/react^19.2.0, and react-dom / @types/react-dom added at ^19.2.0 (previously auto-installed as v18 peers). Dev/test-only — no runtime impact.
  • CI: standardized actions/setup-node (mixed v3/v4/v6) to v6 across all workflows; the three @v3 uses were on the deprecated Node16 action runtime.

No public SDK API changes — the sandbox filesystem and command RPCs use the same Connect transport configuration.

Why undici / Node floor were dropped from this PR

An earlier revision also bumped undici 7 → 8 and raised the Node floor to >=22.19.0. Usage data shows Node 20 is still the single largest SDK runtime (~39% of sandbox creations), so dropping it would break the largest consumer segment via engine-strict install failures. undici 8 was the only change forcing Node 22, and undici 7.28.0 (already the latest 7.x) supports Node 20 — so undici stays at ^7.28.0 and the engine floor is unchanged. undici 8 is a good candidate for a future major once Node 20 usage declines.

Verification

  • typecheck, lint (oxlint), and build pass
  • 22 mocked Connect/undici transport unit tests pass
  • 106 live filesystem/command tests pass over connectrpc 2.1.2 + undici 7.28.0

🤖 Generated with Claude Code

Move @connectrpc/connect and @connectrpc/connect-web off the 2.0.0-rc.3
pre-release pin to the stable ^2.1.2 line, bump @bufbuild/protobuf to
^2.12.1, and upgrade undici 7 -> ^8.5.0. undici 8 requires Node >=22.19.0,
so raise the minimum supported Node version for both the e2b SDK and
@e2b/cli from 20 (EOL 2026-04-30) to 22.19.0, and bump @types/node to ^22.

Also bump the React test dependencies to v19 (adding react-dom and
@types/react-dom), update CI's .tool-versions Node to 22.23.1, and
standardize actions/setup-node to v6 across all workflows.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@changeset-bot

changeset-bot Bot commented Jun 30, 2026

Copy link
Copy Markdown

🦋 Changeset detected

Latest commit: 26ffbde

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 1 package
Name Type
e2b Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

@cursor

cursor Bot commented Jun 30, 2026

Copy link
Copy Markdown

PR Summary

Medium Risk
Runtime RPC stack upgrades can change wire/transport behavior even without API changes; verify Connect-backed sandbox tests still pass.

Overview
The e2b package moves @connectrpc/connect and @connectrpc/connect-web from 2.0.0-rc.3 to ^2.1.2 and @bufbuild/protobuf from ^2.6.2 to ^2.12.1, with a patch changeset noting no public API change for sandbox filesystem/command RPCs. Browser test devDependencies shift to React 19 (react, react-dom, @types/react / @types/react-dom). GitHub Actions workflows and the build-cli composite action use actions/setup-node@v6 instead of v3/v4; pnpm-lock.yaml reflects the dependency graph updates.

The PR description mentions undici 8 and a Node 22 engine floor, but those edits are not in this diff (undici stays ^7.28.0, engines.node stays >=20.18.1).

Reviewed by Cursor Bugbot for commit 26ffbde. Bugbot is set up for automated code reviews on this repo. Configure here.

@github-actions

github-actions Bot commented Jun 30, 2026

Copy link
Copy Markdown
Contributor

Package Artifacts

Built from 4a3e03c. Download artifacts from this workflow run.

JS SDK (e2b@2.32.1-mishushakov-modernize-js-dependencies.0):

npm install ./e2b-2.32.1-mishushakov-modernize-js-dependencies.0.tgz

CLI (@e2b/cli@2.13.2-mishushakov-modernize-js-dependencies.0):

npm install ./e2b-cli-2.13.2-mishushakov-modernize-js-dependencies.0.tgz

Python SDK (e2b==2.31.0+mishushakov.modernize.js.dependencies):

pip install ./e2b-2.31.0+mishushakov.modernize.js.dependencies-py3-none-any.whl

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: b31ef9549f

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

Comment thread .changeset/js-connectrpc-stable.md Outdated
Comment thread .changeset/cli-node-floor.md Outdated
Comment thread .tool-versions Outdated
Comment thread packages/cli/package.json Outdated
… floor

Address Claude review findings on #1512:
- codegen.Dockerfile pinned NODE_VERSION to 20.19.5 while .tool-versions
  moved to 22.23.1; since generated_files.yml triggers on .tool-versions
  and engine-strict=true, the codegen container would run Node 20 against
  packages now requiring >=22.19.0. Bump the pin to 22.23.1.
- skills/stripe-projects/SKILL.md still claimed Node 20; update to 22.19.0.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…-js-dependencies

# Conflicts:
#	packages/js-sdk/package.json
#	pnpm-lock.yaml
@mishushakov mishushakov requested a review from huv1k June 30, 2026 14:15

@huv1k huv1k left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I am approving it even though I think we should more respect semver versioning 😅

@linear-code

linear-code Bot commented Jul 9, 2026

Copy link
Copy Markdown

SDK-219

@tvi tvi self-requested a review July 9, 2026 12:30
mishushakov and others added 2 commits July 9, 2026 18:26
Usage data shows Node 20 is still the single largest SDK runtime (~39% of
sandbox creations), so dropping it would break the largest consumer segment
via engine-strict install failures. undici 8 was the only change forcing
Node >=22.19.0, and undici 7.28.0 (latest 7.x) already supports Node 20.

Revert undici to ^7.28.0, restore engines.node (>=20.18.1 for e2b, >=20 for
@e2b/cli), @types/node to ^20, and the CI .tool-versions / codegen.Dockerfile
Node pins and the CLI skill doc. Keep the Node-20-compatible wins: connectrpc
RC -> stable 2.1.2, @bufbuild/protobuf 2.12.1, React 19 test deps, and the
actions/setup-node@v6 standardization. Changeset downgraded to patch; the CLI
changeset is dropped since the CLI no longer changes.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@mishushakov mishushakov changed the title chore(js): modernize networking deps and raise Node floor to 22 chore(js): modernize Connect/Protobuf and React test deps Jul 9, 2026
@mishushakov mishushakov enabled auto-merge (squash) July 9, 2026 16:33
@mishushakov mishushakov merged commit e6c4e7e into main Jul 9, 2026
30 checks passed
@mishushakov mishushakov deleted the mishushakov/modernize-js-dependencies branch July 9, 2026 16:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants