Skip to content

chore(deps)(deps): bump recharts from 2.15.4 to 3.8.1#141

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/recharts-3.8.1
Closed

chore(deps)(deps): bump recharts from 2.15.4 to 3.8.1#141
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/recharts-3.8.1

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 11, 2026
edited by coderabbitai Bot
Loading

Bumps recharts from 2.15.4 to 3.8.1.

Release notes

Sourced from recharts's releases.

v3.8.1

What's Changed

Bugfixes!

New Contributors

Full Changelog: recharts/recharts@v3.8.0...v3.8.1

v3.8.0

What's Changed

We added generics to our data and dataKey props and now you can have your charts validated by TypeScript. See the full guide here: https://recharts.github.io/en-US/guide/typescript/

We are releasing new helper functions and hooks that will allow you to precisely target mouse interactions, and convert coordinates. See the guide here: https://recharts.github.io/en-US/guide/coordinateSystems/

And new functions and hooks:

getRelativeCoordinate - converts mouse events to pixel positions

Convert Data → Pixels:

useXAxisScale - returns a function to convert X data values to pixel positions useYAxisScale - returns a function to convert Y data values to pixel positions useCartesianScale - convenience hook for converting both at once

Pixels → Data:

... (truncated)

Commits
  • 5b10788 chore(deps-dev): bump diff from 8.0.3 to 8.0.4 (#7156)
  • 222396f chore(deps): bump react-router-dom from 7.13.1 to 7.13.2 (#7164)
  • c2642da chore(deps-dev): bump typescript-eslint from 8.57.1 to 8.57.2 (#7166)
  • b186929 fix(RechartsWrapper): prevent ResizeObserver memory leak on ref update (#7161)
  • 738f71f fix(Tooltip): prevent crash on sparse or undefined payload entries (#7149)
  • 00daf0b chore(deps-dev): bump rollup from 4.59.0 to 4.60.0 (#7158)
  • eba4f2a chore(deps-dev): bump marked from 17.0.4 to 17.0.5 (#7157)
  • 201d060 fix: resolve keyboard navigation and tooltip issues for Pie charts (#6921) (#...
  • 670d092 chore(deps-dev): bump flatted from 3.3.3 to 3.4.2 (#7150)
  • 86ca8de fix: stackOffset expand should not override numerical XAxis domain (#7152)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by corkscreewe, a new releaser for recharts since your current version.

Install script changes

This version modifies prepare script that runs during installation. Review the package contents before updating.


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Summary by CodeRabbit

Notas de Lançamento

  • Tarefas
    • Atualização da dependência recharts para versão 3.8.1 (anteriormente 2.10.3).

Review Change Stack

@dependabot
chore(deps)(deps): bump recharts from 2.15.4 to 3.8.1
f39b317 
Bumps [recharts](https://github.com/recharts/recharts) from 2.15.4 to 3.8.1.
- [Release notes](https://github.com/recharts/recharts/releases)
- [Changelog](https://github.com/recharts/recharts/blob/main/CHANGELOG.md)
- [Commits](recharts/recharts@v2.15.4...v3.8.1)

---
updated-dependencies:
- dependency-name: recharts
  dependency-version: 3.8.1
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 11, 2026

Labels

The following labels could not be found: automated, dependencies. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot Bot requested a review from adm01-debug as a code owner May 11, 2026 13:09
@vercel
Copy link
Copy Markdown

vercel Bot commented May 11, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
promo-gifts Ready Ready Preview, Comment May 11, 2026 1:10pm

@coderabbitai
Copy link
Copy Markdown
Contributor

coderabbitai Bot commented May 11, 2026
edited
Loading

Walkthrough

A dependência recharts foi atualizada de ^2.10.3 para ^3.8.1—um bump de major version que pode impactar compatibilidade com componentes gráficos existentes na aplicação.

Changes

Atualização de Versão Recharts

Layer / File(s) Summary
Versão Recharts Atualizada
package.json		 Dependência recharts bumped de ^2.10.3 para ^3.8.1 (major version jump de 2.x para 3.x).

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutos

Suggested reviewers

  • adm01-debug

⚠️ Pontos de atenção

Major version bump: Recharts v3 pode incluir breaking changes. Recomenda-se verificar:

  • Compatibilidade de props e componentes gráficos já utilizados na aplicação
  • Se há renderizações quebrando após o npm install
  • Performance e bundle size com a nova versão
  • Migrações ou comportamentos alterados na documentação do recharts
🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Description check ⚠️ Warning A descrição fornecida pelo Dependabot é técnica e completa com release notes, mas não segue o template obrigatório do repositório (📝 Descrição, 🎯 Tipo de mudança, checklist, etc). Preencha o template oficial do PR com seções obrigatórias: 📝 Descrição, 🎯 Tipo de mudança (marque breaking change), ✅ Checklist (validar ESLint, tsc, testes) e ⚠️ Notas (validar compatibilidade).
✅ Passed checks (4 passed)
Check name Status Explanation
Title check ✅ Passed O título é claro e específico, descrevendo a principal mudança: atualização da dependência recharts de v2.15.4 para v3.8.1.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch dependabot/npm_and_yarn/recharts-3.8.1

Comment @coderabbitai help to get the list of available commands and usage tips.

coderabbitai[bot]
coderabbitai Bot reviewed May 11, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@coderabbitai coderabbitai Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@package.json`:
- Line 159: O bump de major para "recharts": "^3.8.1" pode introduzir breaking
changes; antes de aceitar, verifique compatibilidade: execute e manualmente
teste todos os componentes de chart usados na aplicação (renders, interactions,
tooltips, legends), insira testes de integração/usability para os componentes
que usam Recharts (procure por usos de componentes como <LineChart>, <BarChart>,
<CartesianGrid> etc. nos seus arquivos de UI), compare as props usadas contra a
API documentada da v3 e revise o changelog entre 2.15.4 e 3.8.1 para breaking
changes; se algum comportamento mudou, reverta para a versão anterior ou adapte
os usages/prop names conforme necessário e só então atualize package.json para a
nova versão.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: b86d3dfe-a2da-4404-8be9-d4bb1d434b09

📥 Commits

Reviewing files that changed from the base of the PR and between dfd0384 and f39b317.

⛔ Files ignored due to path filters (1)
  • package-lock.json is excluded by !**/package-lock.json, !**/package-lock.json
📒 Files selected for processing (1)
  • package.json

Comment thread package.json
"react-markdown": "^10.1.0",
"react-router-dom": "6.30.3",
"recharts": "^2.10.3",
"recharts": "^3.8.1",
Copy link
Copy Markdown
Contributor

@coderabbitai coderabbitai Bot May 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "Comparando metadados de publicação: recharts@2.15.4 vs recharts@3.8.1"
for v in 2.15.4 3.8.1; do
  echo ""
  echo "=== recharts@$v ==="
  curl -s "https://registry.npmjs.org/recharts/$v" | jq '{
    version,
    publishedBy: ._npmUser.name,
    maintainers,
    scripts,
    dist: {
      integrity: .dist.integrity,
      shasum: .dist.shasum,
      tarball: .dist.tarball
    }
  }'
done

echo ""
echo "Checando scripts de ciclo de instalação em 3.8.1 (preinstall/install/postinstall/prepare)"
curl -s "https://registry.npmjs.org/recharts/3.8.1" \
| jq '.scripts // {} | {preinstall, install, postinstall, prepare}'

Repository: adm01-debug/Promo_Gifts

Length of output: 6211

Valide compatibilidade antes de aceitar esse major bump de recharts.

recharts 2.x → 3.x é um major bump significativo que pode gerar regressões. Embora a supply chain não apresente sinais críticos (novo publicador corkscreewe é maintainer já existente e mudança em script prepare é legítima — husky 9+ simplificou de "husky install" para "husky"), é essencial validar que os componentes da UI/charts não regrediram.

Checklist mínimo:

  • Testar todos os gráficos em uso da aplicação
  • Verificar se APIs de componentes usados mantêm compatibilidade
  • Revisar changelog de breaking changes entre 2.15.4 e 3.8.1
🤖 Prompt for AI Agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@package.json` at line 159, O bump de major para "recharts": "^3.8.1" pode
introduzir breaking changes; antes de aceitar, verifique compatibilidade:
execute e manualmente teste todos os componentes de chart usados na aplicação
(renders, interactions, tooltips, legends), insira testes de
integração/usability para os componentes que usam Recharts (procure por usos de
componentes como <LineChart>, <BarChart>, <CartesianGrid> etc. nos seus arquivos
de UI), compare as props usadas contra a API documentada da v3 e revise o
changelog entre 2.15.4 e 3.8.1 para breaking changes; se algum comportamento
mudou, reverta para a versão anterior ou adapte os usages/prop names conforme
necessário e só então atualize package.json para a nova versão.

@adm01-debug adm01-debug mentioned this pull request May 12, 2026
Open
@adm01-debug
Copy link
Copy Markdown
Owner

adm01-debug commented May 12, 2026

❌ Fechando esta PR — major bump requer refactor manual

Pacote: recharts 2.x → 3.8.1
Razão: 17 erros TS em 6 arquivos
Esforço estimado: 4-6h

Este upgrade tem breaking changes que não podem ser mergeados via dependabot automático. O componente base + callsites precisam ser refatorados em uma PR humana dedicada.

Tracking issue: #155 — onde o time pode discutir priorização e atribuir.

@dependabot ignore this minor version (pra dependabot não recriar a PR automaticamente)

Decisão tomada na Tarefa 7 do redeploy Promo_Gifts. Doc: docs/redeploy/REDEPLOY-T7-DEPENDABOT.md (a ser criado)

@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 12, 2026

OK, I won't notify you about version 3.8.x again, unless you re-open this PR.

@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/recharts-3.8.1 branch May 12, 2026 17:49
@adm01-debug adm01-debug mentioned this pull request May 12, 2026
Merged
adm01-debug added a commit that referenced this pull request May 12, 2026
@adm01-debug @claude
docs(redeploy-t7): summary of dependabot PR triage (#157)
2dbb22f 
Tarefa 7 do redeploy. Triagei 7 PRs dependabot abertas há semanas.

Resultado:
- 4 mergeadas: #138, #139, #144, #145 (devtools + CI actions, baixo risco)
- 3 fechadas: #140, #141, #142 (runtime majors com breaking changes)
- 1 issue criada: #155 (tracking dos 3 majors pendentes)

Critério: triagem por RISCO REAL (devtools vs runtime), não por minor/major.

Decisões persistidas em docs/redeploy/REDEPLOY-T7-DEPENDABOT.md:
- Lista completa das 7 PRs com decisão e razão
- Critérios de triagem reutilizáveis
- Achados sobre falsos-positivos (CDN 522 do esm.sh)
- Recomendação de dependabot.yml para reduzir ruído futuro
- Status atualizado do plano de redeploy

Closes part of #155 (T7 do plano)

Co-authored-by: Joaquim (via Claude Code redeploy T2) <joaquim@atomicabr.com.br>
Co-authored-by: Claude <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@adm01-debug adm01-debug Awaiting requested review from adm01-debug adm01-debug is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@adm01-debug