fix: update antfu config to version 5

[ixartz]

Summary by CodeRabbit

• Chores

  • Upgraded many runtime and dev dependencies to newer patch/minor releases to improve stability, security, build speed, and compatibility.

• Tests

  • Updated testing, linting, and Storybook tooling and bumped test runner container image to the latest patch for more reliable E2E/unit runs and accessibility checks.

• Documentation

  • Removed external hyperlink to CodeRabbit in README; now references CodeRabbit as plain text.

No breaking changes expected for typical usage.

[railway-app]

🚅 Environment Next-js-Boilerplate-pr-471 in Next.js Boilerplate has no services deployed.

[coderabbitai]

Warning

Rate limit exceeded

@ixartz has exceeded the limit for the number of commits or files that can be reviewed per hour. Please wait 11 minutes and 59 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

📥 Commits

Reviewing files that changed from the base of the PR and between 3174568 and 45800cb.

📒 Files selected for processing (2)

• .github/workflows/CI.yml (3 hunks)
• src/middleware.ts (1 hunks)

Walkthrough

This PR bumps many runtime and dev dependency versions in the root package.json, updates Playwright Docker image tags in the CI workflow, and replaces a linkified "CodeRabbit" in README.md with plain text.

Changes

Cohort / File(s)	Summary of changes
Runtime dependencies package.json	Bumped runtime deps: @arcjet/next ^1.0.0-beta.10→^1.0.0-beta.12, @clerk/localizations ^3.22.0→^3.25.3, @clerk/nextjs ^6.31.3→^6.32.2, @hookform/resolvers ^5.2.1→^5.2.2, @logtape/logtape ^1.0.4→^1.1.1, drizzle-orm ^0.44.4→^0.44.5, next ^15.5.0→^15.5.4, next-intl ^4.3.4→^4.3.9, posthog-js ^1.260.1→^1.268.3, react-hook-form ^7.62.0→^7.63.0, zod ^4.0.17→^4.1.11
Dev dependencies & tooling package.json	Bumped dev/tooling deps: @antfu/eslint-config ^4.19.0→^5.4.1, @chromatic-com/playwright ^0.12.6→^0.12.7, @electric-sql/pglite-socket ^0.0.12→^0.0.15, @eslint-react/eslint-plugin ^1.52.6→^1.53.1, @faker-js/faker ^9.9.0→^10.0.0, @lingual/i18n-check ^0.8.5→^0.8.7, @next/bundle-analyzer ^15.5.0→^15.5.4, @next/eslint-plugin-next ^15.5.0→^15.5.4, @playwright/test ^1.54.2→^1.55.1, Storybook packages ^9.1.2→^9.1.8, @tailwindcss/postcss ^4.1.12→^4.1.13, @types/node ^24.3.0→^24.5.2, @types/react ^19.1.10→^19.1.13, @vitejs/plugin-react ^4.7.0→^5.0.3, checkly ^6.4.0→^6.5.0, eslint ^9.33.0→^9.36.0, eslint-plugin-format ^1.0.1→^1.0.2, eslint-plugin-react-refresh ^0.4.20→^0.4.21, eslint-plugin-storybook ^9.1.2→^9.1.8, knip ^5.62.0→^5.64.0, lefthook ^1.12.3→^1.13.4, semantic-release ^24.2.7→^24.2.9, tailwindcss ^4.1.12→^4.1.13, typescript ^5.8.3→^5.9.2
CI workflow .github/workflows/CI.yml	Updated Playwright Docker image tag from v1.54.0 to v1.55.0 in unit, storybook, and E2E test jobs.
Documentation README.md	Replaced linkified CodeRabbit mentions with plain text CodeRabbit (two occurrences).

Sequence Diagram(s)

(omitted — changes are dependency and CI image updates without new runtime control flow)

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

• fix: update to Next.js 15.5 #452 — Broad dependency bumps overlapping many of the same packages (Next.js, Clerk, PostHog, Zod, etc.).
• Storybook9 #414 — Also updates the Playwright Docker image tag in the CI workflow.
• chore: update dependencies to the latest version #410 — Overlapping dependency/version updates and Playwright-related config changes.

Poem

"I hopped through package trees with care,
Tuned the versions, bit by hair.
Swapped a CI image, tidied a read —
Tiny fixes for code to speed. 🥕🐇"

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check	✅ Passed	The title "fix: update antfu config to version 5" is a short, single sentence that clearly highlights the primary change (upgrading @antfu/eslint-config to v5) which is present in the changeset; it is concise and specific enough for a reviewer to understand the main intent even though additional dependency bumps occur in the PR.
Docstring Coverage	✅ Passed	No functions found in the changes. Docstring coverage check skipped.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Preview	Comments	Updated (UTC)
next-js-boilerplate	Ready	Preview	Comment	Sep 24, 2025 2:23pm

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between f88aa6a and 4ffc74b.

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (1)

• package.json (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)

• GitHub Check: Build with 22.x
• GitHub Check: Build with 24.x

🔇 Additional comments (1)

package.json (1)

52-99: Antfu ESLint config v5 — verified

eslint.config.mjs imports '@antfu/eslint-config' and exports default antfu(...); package.json has eslint ^9.36.0; no legacy .eslintrc.* files found. Expect rule churn — run eslint --fix locally and in CI.

[coderabbitai]

⚠️ Potential issue

🧩 Analysis chain

Runtime bumps look sane; check peer compatibility (Vite-related)

• Next 15.5.4 + React 19.1.1 + next-intl 4.3.9 + Clerk and drizzle patches are consistent.
• Potential gap: @vitejs/plugin-react@5 and vitest@3 expect Vite ^5 as a peer. I don’t see a direct "vite" devDependency. If Storybook doesn’t hoist Vite, Vitest may warn/fail.

Run this to verify Vite presence and relevant config:

If missing, consider adding:

• devDependency: "vite": "^5.x"
• Keep @vitejs/plugin-react aligned with Vite’s major.

---

🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "• Checking for Vite dependency in package.json"
rg -nP '"vite"\s*:' package.json || echo "  (no direct vite dep found)"

echo
echo "• Looking for Vite config files"
fd -HI --regex '(^|/)vite\.config\.(js|cjs|mjs|ts|mts)$' -t f | sed 's/^/  - /' || true

echo
echo "• Checking Storybook framework selection"
rg -nP '@storybook/nextjs-vite' -C2 .storybook || echo "  (no explicit nextjs-vite framework reference found)"

Length of output: 972

---

Add Vite as a devDependency (Vite v5) — package.json missing 'vite' while Storybook uses nextjs-vite

package.json has no direct "vite" dependency; .storybook/main.ts references "@storybook/nextjs-vite". If Vite isn't hoisted, @vitejs/plugin-react@5 and vitest@3 (peers requiring Vite ^5) will warn/fail. Add devDependency "vite": "^5.x" and align @vitejs/plugin-react / vitest versions to Vite's major. Affected: package.json, .storybook/main.ts.

🤖 Prompt for AI Agents

In package.json around lines 34 to 49, add Vite as a devDependency (e.g. "vite":
"^5.x") because .storybook/main.ts uses "@storybook/nextjs-vite" and peer deps
like @vitejs/plugin-react@5 and vitest@3 require Vite v5; update or align
@vitejs/plugin-react and vitest versions in devDependencies to match Vite's
major (v5) and ensure lockfile is updated (run install) so Storybook and test
tooling resolve without peer warnings; also confirm .storybook/main.ts remains
configured for nextjs-vite.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (3)

.github/workflows/CI.yml (3)

131-133: Keep Playwright image tags consistent across jobs (use v1.55.1 here too).

Mirror the unit-test change for Storybook tests.

Apply:

-        uses: docker://mcr.microsoft.com/playwright:v1.55.0
+        uses: docker://mcr.microsoft.com/playwright:v1.55.1

---

157-159: Bump Playwright image for E2E to v1.55.1 for parity with dev dependency.

Consistency avoids subtle browser/driver mismatches.

Apply:

-        uses: docker://mcr.microsoft.com/playwright:v1.55.0
+        uses: docker://mcr.microsoft.com/playwright:v1.55.1

---

159-159: Typo: “Firebox” → “Firefox”.

Minor comment fix.

Apply:

-          args: sh -c "HOME=/root npm run test:e2e" # Set HOME to /root to avoid Playwright error with Firebox
+          args: sh -c "HOME=/root npm run test:e2e" # Set HOME to /root to avoid Playwright error with Firefox

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between fedc23e and 3174568.

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (3)

• .github/workflows/CI.yml (3 hunks)
• README.md (1 hunks)
• package.json (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (2)

• README.md
• package.json

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)

• GitHub Check: Run unit tests (22.x)
• GitHub Check: Run E2E tests (22.x)
• GitHub Check: Run Storybook (22.x)

🔇 Additional comments (1)

.github/workflows/CI.yml (1)

103-105: Don't bump Playwright Docker image to v1.55.1 — tag not published

mcr.microsoft.com/playwright:v1.55.1 is not available; keep docker://mcr.microsoft.com/playwright:v1.55.0 (or use :v1.55.0-jammy to pin OS) and only change the workflow once an official :v1.55.1 image is released.

File: .github/workflows/CI.yml (lines 103–105)

Likely an incorrect or invalid review comment.

[codecov]

Codecov Report

❌ Patch coverage is 0% with 1 line in your changes missing coverage. Please review.
✅ Project coverage is 5.71%. Comparing base (f88aa6a) to head (45800cb).
⚠️ Report is 5 commits behind head on main.

Files with missing lines	Patch %	Lines
src/middleware.ts	0.00%	1 Missing ⚠️

Additional details and impacted files

@@           Coverage Diff            @@
##            main    #471      +/-   ##
========================================
- Coverage   5.72%   5.71%   -0.01%     
========================================
  Files         45      45              
  Lines       1538    1539       +1     
  Branches      45      45              
========================================
  Hits          88      88              
- Misses      1422    1423       +1     
  Partials      28      28              

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[github-actions]

🎉 This PR is included in version 5.1.11 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀