Monorepo for Aesthetic.Computer
aesthetic.computer
1# Dependency Update Tracking
2
3_Last Updated: June 2025_
4
5This file tracks dependency versions and updates across the aesthetic-computer project.
6
7---
8
9## 📦 system/package.json (Node Dependencies)
10
11Updated via `npx ncu -u` on June 2025:
12
13| Package | Previous | Updated | Notes |
14|---------|----------|---------|-------|
15| @aws-sdk/client-s3 | 3.932.0 | 3.975.0 | Minor AWS SDK update |
16| @aws-sdk/s3-request-presigner | 3.932.0 | 3.975.0 | Minor AWS SDK update |
17| netlify-cli | 23.13.0 | 23.13.5 | Patch update |
18| openai | 6.9.0 | 6.16.0 | Minor update |
19| playwright-core | 1.56.0 | 1.58.0 | Minor update |
20| puppeteer-core | 24.30.0 | 24.36.0 | Minor update |
21| redis | 5.9.0 | 5.10.0 | Minor update |
22| stripe | 19.3.1 | 20.2.0 | **⚠️ MAJOR UPDATE** - Review changelog! |
23| three | 0.181.0 | 0.182.0 | Minor update |
24
25### Action Taken ✅
26- [x] Run `npm install` in `/workspaces/aesthetic-computer/system`
27- [x] Review Stripe 20.x breaking changes: https://github.com/stripe/stripe-node/releases
28
29### Stripe 19→20 Migration Notes
30The v20 breaking changes are **LOW IMPACT** for this project:
31- V2 API array serialization changes - Only affects `/v2` endpoints (not used here)
32- V2 Event namespace moves - Not using V2 events
33- Node.js 16+ required - Already on Node 20+
34
35Usage locations reviewed:
36- `system/netlify/functions/email.js` - customers.search, customers.update
37- `system/netlify/functions/print.js` - checkout.sessions, webhooks, refunds
38- `system/netlify/functions/gives.mjs` - sessions.list, subscriptions.list
39- `system/netlify/functions/mug.js` - checkout.sessions, webhooks
40
41All use standard v1 APIs unaffected by v20 breaking changes.
42
43---
44
45## 📁 /dep Folder (Vendored Client Libraries)
46
47These are manually copied client-side dependencies in `system/public/aesthetic.computer/dep/`:
48
49| Library | Vendored Version | Latest | Status | Notes |
50|---------|-----------------|--------|--------|-------|
51| **three.js** | **0.182.0** | 0.182.0 | ✅ **UPDATED** | Updated from r145 (June 2025) |
52| aframe | v1.3.0 | 1.6.0+ | ⚠️ Outdated | Check compatibility |
53| auth0-spa-js | 2.1.2 | 2.1.4+ | ✅ Close | Minor updates only |
54| geckos.io-client | 2.3.2, 3.0.2 | 3.x | ✅ OK | Both versions present |
55| web3 | Unknown (minified) | 4.x | ❓ Check | Version hard to determine |
56| gl-matrix | Unknown | 3.4.3 | ❓ Check | Version hard to determine |
57| jszip | Unknown (minified) | 3.10.1 | ❓ Check | |
58| nanoid | Unknown | 5.x | ❓ Check | |
59| idb.js | Unknown | 8.x | ❓ Check | |
60
61### /dep Subfolders
62- `@akamfoad/` - Custom/fork dependency
63- `@mediapipe/` - MediaPipe vision models
64- `ffmpeg/` - WASM FFmpeg
65- `gif/`, `gifenc/` - GIF encoding
66- `gpt3-tokenizer/` - GPT tokenizer
67- `sm/` - Unknown
68- `tasks-vision/` - MediaPipe tasks
69- `wasmboy/` - GameBoy emulator
70- `webpxmux/` - WebP muxer
71
72### Three.js Update ✅ COMPLETED
73The vendored Three.js has been updated from r145 to 0.182.0.
74
75**Files updated:**
76- `three.core.js` (1.4MB) - New modular core
77- `three.module.js` (631KB) - ES module entry
78- All addon files with fixed import paths (`from './three.module.js'`)
79
80**Action Required:**
81- [ ] Test 3D pieces thoroughly (use `3d.mjs` or similar pieces)
82
83---
84
85## 🐳 Dockerfile (CLI Tool Versions)
86
87Located at `/workspaces/aesthetic-computer/Dockerfile`:
88
89| Tool | Pinned Version | Latest | Status |
90|------|---------------|--------|--------|
91| Fedora | latest | latest | ✅ OK |
92| Deno | v2.6.6 | 2.6.x | ✅ **UPDATED** |
93| Stripe CLI | v1.34.0 | 1.34.x | ✅ **UPDATED** |
94| redli | v0.15.0 | 0.15.x | ✅ OK |
95| mkcert | v1.4.4 | 1.4.4 | ✅ OK |
96| doctl | 1.149.0 | 1.149.x | ✅ **UPDATED** |
97| Node (fnm) | lts-jod + 20.5.0 | 22.x LTS | ⚠️ Consider update |
98| SmartPy | 0.22.0 | 0.23.x+ | ⚠️ Check |
99| pytezos | >=3.9.0,<4 | 3.x | ✅ OK |
100| Octez | v20.3-1 | v21.x+ | ⚠️ Check |
101
102### Action Taken ✅
103- [x] Update Stripe CLI: v1.30.0 → v1.34.0
104- [x] Update doctl: 1.109.0 → 1.149.0
105- [x] Update Deno: v2.4.5 → v2.6.6
106
107### Action Required
108- [ ] Rebuild devcontainer to apply Dockerfile changes
109- [ ] Consider Node.js 22 LTS upgrade
110
111---
112
113## 📝 entry.fish (Startup Script)
114
115The 818-line startup script at `/workspaces/aesthetic-computer/entry.fish` handles:
116- Environment setup
117- Tool installation
118- Service initialization
119
120No pinned versions found in script - versions come from Dockerfile or package managers.
121
122---
123
124## 🔄 Update Procedures
125
126### For package.json dependencies:
127```bash
128cd /workspaces/aesthetic-computer/system
129npm install
130npm test # Run tests to verify
131```
132
133### For /dep vendored libraries:
1341. Download new version from source
1352. Replace files in `/dep/<library>/`
1363. Test affected pieces thoroughly
1374. Update this tracking document
138
139### For Dockerfile:
1401. Update version in Dockerfile
1412. Rebuild devcontainer: `devcontainer rebuild`
1423. Test all tools work correctly
143
144---
145
146## ⚠️ Known Issues
147
1481. **Three.js Version Mismatch**: `/dep/three/` is r145, package.json is 0.182.0
149 - Potential incompatibility if both are used
150 - 37+ releases of bug fixes and features missing
151
1522. **Stripe Major Update**: 19.x → 20.x may have breaking API changes
153 - Review: https://github.com/stripe/stripe-node/blob/master/CHANGELOG.md
154
155---
156
157## � Security Audit (system/package.json)
158
159After `npm install`, 31 vulnerabilities reported (20 low, 3 moderate, 8 high).
160
161Most vulnerabilities stem from blockchain/wallet dependencies:
162- `elliptic` - Cryptographic primitive issues
163- `@taquito/*` - Tezos SDK chain
164- `@walletconnect/*` - WalletConnect chain
165- `@airgap/beacon-*` - Beacon wallet chain
166
167**Note**: These are in the Tezos integration and may require major version upgrades to fix.
168
169---
170
171## 📅 Update History
172
173| Date | Changes |
174|------|---------|
175| 2025-06 | Initial dependency audit, package.json updates via ncu, npm install completed |
176