build(deps-dev): bump @babel/core from 7.29.7 to 8.0.1 in /mobile-app#1550
build(deps-dev): bump @babel/core from 7.29.7 to 8.0.1 in /mobile-app#1550dependabot[bot] wants to merge 1 commit into
Conversation
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.29.7 to 8.0.1. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v8.0.1/packages/babel-core) --- updated-dependencies: - dependency-name: "@babel/core" dependency-version: 8.0.1 dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Code Review — bottube PR #1550Reviewer: @daviediao-code AssessmentReviewed PR #1550 (build(deps-dev): bump @babel/core from 7.29.7 to 8) for correctness and security. Findings
Suggestions:
VerdictSolid PR. Approved with minor observations. Reviewed per Bounty #73 Code Review criteria |
|
Holding this one for a manual check, not auto-merging. |
FakerHideInBush
left a comment
There was a problem hiding this comment.
This upgrades @babel/core from ^7.20.0 to ^8.0.1 — a major version boundary with several breaking changes that need verification before merging:
1. Babel 8 drops Node.js 14 and 16 support
@babel/core 8.x requires Node.js 18 or later. If any CI job, Docker build step, or developer environment still uses Node 14 or 16, the install will fail or produce undefined behavior. Confirm that engines in package.json, the Node version pinned in CI (.github/workflows/), and any Dockerfile all specify Node ≥ 18 before landing this bump.
2. Plugin and preset API changes in Babel 8
Babel 8 changed several internal APIs used by plugins and presets. Notable breaking changes include the removal of @babel/plugin-proposal-* packages (these merged into @babel/plugin-transform-*), and changes to how configuration files are resolved. If mobile-app depends on any Babel 7 proposal plugins (either directly or via a preset like babel-preset-expo or metro-react-native-babel-preset), those presets may not be compatible with @babel/core 8.x yet. Run the Metro bundler and the full test suite after applying this bump to confirm no Unknown option or Cannot find module errors appear.
3. @babel/core 8.x and React Native Metro compatibility
React Native's Metro bundler pins its own Babel dependency range. The project uses metro-react-native-babel-preset (implied by the react-native devDependency tree). As of mid-2025 this preset has not published a Babel 8-compatible release. Installing @babel/core@^8.0.1 alongside an incompatible preset will cause peer-dependency conflicts or a silent build regression. Check npm ls @babel/core after install to confirm only one copy is resolved and no peer warnings appear.
Bumps @babel/core from 7.29.7 to 8.0.1.
Release notes
Sourced from @babel/core's releases.
... (truncated)
Changelog
Sourced from @babel/core's changelog.
... (truncated)
Commits
b4be199v8.0.1b68b1cbActually removepreset-env'suseBuiltIns(#18079)de007eaAvoid trailing zeroes in Babel 9 generated version (#18078)7dc825av8.0.0b71c35aperf: Only extract source map comments at the end of the file (#18039)e74b70dchore: Remove unused file (#18033)ae57969chore: consolidate upwards traversal to empathic (#18030)827d003Change jestsnapshotFormat(#18029)34cf24eUpdate deps (#18023)73bceefv8.0.0-rc.6Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)