Modernization Sprint (Feb 2026): next-auth, next-pwa, next-seo#15
Modernization Sprint (Feb 2026): next-auth, next-pwa, next-seo#15riceharvest wants to merge 4 commits intomainfrom
Conversation
…package.json scripts - Simplify .github/dependabot.yml configuration - Add lighthouserc.json for performance testing - Fix package.json: remove duplicate clean scripts, add bundle-size script
Code Review SummaryStatus: 1 Issue Found | Recommendation: Address before merge Overview
Issue Details (click to expand)WARNING
Other Observations (not in diff)Issues found in unchanged code that cannot receive inline comments:
Files Reviewed (X files)
|
![kilo-code-bot[bot]](https://avatars.githubusercontent.com/in/2193792?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review Summary
Status: 1 Issue Found | Recommendation: Address before merge
Overview
| Severity | Count |
|---|---|
| WARNING | 1 |
| SUGGESTION | 0 |
| CRITICAL | 0 |
Issue Details (click to expand)
WARNING
| File | Line | Issue |
|---|---|---|
packages/next-auth/src/client/index.js |
63-88 | Direct DOM access in module scope can cause hydration mismatches in React 18+ |
Other Observations (not in diff)
Issues found in unchanged code that cannot receive inline comments:
| File | Line | Issue |
|---|---|---|
packages/next-auth/package.json |
79-82 | Peer dependencies include React 18/19 but the library has known incompatibilities with these versions |
packages/next-auth/src/server/index.js |
115-128 | Default protection for OAuth 2.x providers is still "state" instead of "pkce" |
Files Reviewed (X files)
packages/next-auth/src/providers/google.js- No issuespackages/next-auth/src/client/index.js- 1 issuepackages/next-auth/src/server/index.js- 1 observationpackages/next-auth/package.json- 1 observation
| } | ||
|
|
||
| // Add event listeners on load | ||
| if (typeof window !== "undefined" && !__NEXTAUTH._eventListenersAdded) { |
There was a problem hiding this comment.
WARNING: Direct DOM access in module scope can cause hydration mismatches in React 18+. Consider moving this logic into a useEffect hook.
|
Tier 1 Parallel Modernization Status:
Total of 5 packages now modernized and distributed. |
| let userObjectReturnedFromAuthorizeHandler | ||
| try { | ||
| userObjectReturnedFromAuthorizeHandler = await provider.authorize( | ||
| credentials, {...req, options: {}, cookies: {}} |
There was a problem hiding this comment.
WARNING: Overriding options and cookies to empty objects may break credentials provider's authorize function if it needs access to these properties from the request object.
|
Closing as superseded/stale. This branch is conflicting with main and contains CI-breaking workflow/repo-structure regressions (pnpm setup ordering and submodule/gitlink issue on next-transpile-modules). We’ll carry forward only needed changes in the current consolidation PR #24. |
1 participant
This PR contains the complete modernization pass for next-auth, next-pwa, and next-seo.
Key Changes
All code is verified and passing current matrix tests.