From b8989af3ec4f562afd1dcdd9528bd62d07a26a71 Mon Sep 17 00:00:00 2001 From: "John R. D'Orazio" Date: Tue, 16 Jun 2026 11:10:15 -0400 Subject: [PATCH] chore(deps): group @tiptap/* updates so peer-dep-coupled bumps land together PRs #211 and #213 sat open with failing CI because Dependabot raises one PR per package and tiptap's internal peer-dep structure forces lockstep version bumps: npm ERESOLVE could not resolve While resolving: @tiptap/react@3.26.0 Found: @tiptap/core@3.26.1 peer @tiptap/core@"3.26.0" from @tiptap/react@3.26.0 @tiptap/pm@3.26.1 and @tiptap/starter-kit@3.26.1 individually pull in @tiptap/core@3.26.1, which conflicts with @tiptap/react@3.26.0's peer requirement on core@3.26.0 exact. Bumped together they install cleanly. Adds a `tiptap` group matching `@tiptap/*` so future minor/patch bumps arrive as a single bundled PR that npm install accepts the first time. Doesn't fix the current open #211/#213 (their existing PRs need closing or Dependabot will recreate the group on next weekly run, leaving the old ones to be closed manually). Co-Authored-By: Claude Opus 4.7 (1M context) --- .github/dependabot.yml | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 05a7337..705825a 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -4,6 +4,17 @@ updates: directory: "/" schedule: interval: "weekly" + # Group co-coupled packages so per-package PRs don't fail npm install + # on peer-dependency conflicts. Concrete failure that motivated this: + # @tiptap/pm@3.26.1 and @tiptap/starter-kit@3.26.1 individually + # conflict with @tiptap/react@3.26.0's peer-dep requirement on + # @tiptap/core@3.26.0 (npm ERESOLVE) — but bumped together they + # install cleanly. PRs #211 and #213 sat open with failing CI for + # this reason. + groups: + tiptap: + patterns: + - "@tiptap/*" - package-ecosystem: "github-actions" directory: "/"