Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion docs/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -28,8 +28,8 @@
"clsx": "^2.0.0",
"geist": "^1.7.0",
"prism-react-renderer": "^2.3.0",
"react": "19.2.4",
"react": "19.2.5",
"react-dom": "19.2.4"

Check warning on line 32 in docs/package.json

View check run for this annotation

Claude / Claude Code Review

react and react-dom version mismatch

This PR bumps `react` to 19.2.5 but leaves `react-dom` at 19.2.4, creating a version mismatch that is explicitly unsupported by the React team. The fix is to also bump `react-dom` to 19.2.5 in `docs/package.json`.

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1 react-dom not bumped alongside react

react and react-dom are tightly coupled and must always be at the same version — the React team publishes them together. This PR bumps react to 19.2.5 but leaves react-dom pinned at 19.2.4, creating a version mismatch. While the lockfile resolves react-dom@19.2.4(react@19.2.5) and may work at the patch level, this is contrary to React's own guidance and could cause subtle runtime issues (e.g. mismatched internal shared state, concurrent mode behavior, event delegation differences).

Suggested change
"react-dom": "19.2.4"
"react-dom": "19.2.5"
Prompt To Fix With AI
This is a comment left during a code review.
Path: docs/package.json
Line: 32

Comment:
**`react-dom` not bumped alongside `react`**

`react` and `react-dom` are tightly coupled and must always be at the same version — the React team publishes them together. This PR bumps `react` to 19.2.5 but leaves `react-dom` pinned at 19.2.4, creating a version mismatch. While the lockfile resolves `react-dom@19.2.4(react@19.2.5)` and may work at the patch level, this is contrary to React's own guidance and could cause subtle runtime issues (e.g. mismatched internal shared state, concurrent mode behavior, event delegation differences).

```suggestion
    "react-dom": "19.2.5"
```

How can I resolve this? If you propose a fix, please make it concise.

Comment on lines +31 to 32

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🟡 This PR bumps react to 19.2.5 but leaves react-dom at 19.2.4, creating a version mismatch that is explicitly unsupported by the React team. The fix is to also bump react-dom to 19.2.5 in docs/package.json.

Extended reasoning...

What the bug is and how it manifests

docs/package.json specifies react at 19.2.5 while react-dom remains pinned at 19.2.4. The React team explicitly requires react and react-dom to be on the same version — this is a documented requirement enforced through peer dependencies. Mixing versions can cause hydration failures, warnings like "react-dom is not compatible with this version of React", or other subtle runtime errors.

The specific code path that triggers it

In docs/package.json (lines 31–32):

"react": "19.2.5",
"react-dom": "19.2.4"

The lock file confirms the mismatch is real and was resolved: react-dom@19.2.4(react@19.2.5) — meaning react-dom 19.2.4 is installed against react 19.2.5.

Why existing code doesn't prevent it

Dependabot only bumped the react dependency and did not update react-dom in the same PR. pnpm resolved the combination without emitting a hard error because react-dom declares react as a peer dependency with a permissive range (e.g., >=15), not an exact version match. This means the mismatch silently passes the install step even though it violates the React team's release contract.

What the impact would be

While this is a docs-only Docusaurus site and the react 19.2.5 change (RSC cycle protections) is unlikely to directly affect react-dom behavior, the version mismatch is a policy violation. In practice it may cause no visible issues on this patch bump, but it sets a precedent for version drift and could trigger warnings or subtle differences in future patch releases.

How to fix it

Update react-dom to 19.2.5 in docs/package.json and regenerate the lock file:

"react": "19.2.5",
"react-dom": "19.2.5"

Then run pnpm install to update the lock file.

Step-by-step proof

  1. Open docs/package.jsonreact is 19.2.5 (changed by this PR), react-dom is 19.2.4 (not changed).
  2. Open docs/pnpm-lock.yaml — the react-dom specifier entry still reads specifier: 19.2.4 and the snapshot key is react-dom@19.2.4(react@19.2.5), confirming react-dom 19.2.4 is installed alongside react 19.2.5.
  3. The React team's own documentation states react and react-dom must be on the same version.
  4. Conclusion: this PR is incomplete — it should have also bumped react-dom to 19.2.5.

},
"devDependencies": {
"@docusaurus/module-type-aliases": "3.9.2",
Expand Down
Loading
Loading