Major upgrades for AI & Custom Apps samples (runtimes + framework majors)#254
Open
dluces wants to merge 10 commits into
Open
Major upgrades for AI & Custom Apps samples (runtimes + framework majors)#254dluces wants to merge 10 commits into
dluces wants to merge 10 commits into
Conversation
…acts tooling - webhook: express 4->5, replace body-parser with express.json(), engines node>=22 - shared tooling: browser-smoke --screenshot, Save-HttpArtifact helper Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- express 4->5, @types/express 4->5, engines node>=22 - Dockerfile base node:20-alpine -> node:22-alpine - validate-sample: capture /health HTTP artifact - Routes use fixed paths; Express 5 compatible; tsc build clean Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- vite 5->8, @vitejs/plugin-react-swc 3->4 - react/react-dom 18->19, @types/react(-dom) 19 - validate-sample: capture render screenshot - build + lint + preview + browser smoke pass Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- react/react-dom 18->19, @types/react(-dom) 19 on existing Vite 8 - validate-sample: capture render screenshot - build + lint + preview + browser smoke pass Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- TargetFramework net8.0 -> net10.0 - EF Core (SqlServer/Design/Tools) + Extensions.Caching.SqlServer 8.0.16 -> 10.0.0 - AspNetCore.Authentication.Certificate/JwtBearer/OpenIdConnect 8.0.16 -> 10.0.0 - VS.Web.CodeGeneration.Design 8.0.7 -> 10.0.0 - Microsoft.Graph kept at 4.31.0 (no known vuln; v5 is a large runtime-unverifiable rewrite without tenant/SQL config) - documented exception - validate-sample: capture landing HTTP artifact when appsettings present - Build succeeds on net10; runtime remains SKIP_CONFIG (no tenant/SQL) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
…AL v3, TS 5 Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
… MSAL v4, MGT v4 Also fixes MSAL v4 requirement to call initialize() before token acquisition. Legacy net461 Functions csproj documented as follow-up; authoritative Functions impl is JS. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Bump next-themes 0.3->0.4 and vaul 0.9->1.1 (React 19 support); add .npmrc legacy-peer-deps=true so clean npm install resolves remaining shadcn transitive peers (react-day-picker@8). Regenerated lockfiles. Both validate-sample.ps1 now PASS from a clean install. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
…lidation artifacts) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Major upgrades for AI & Custom Apps samples (runtimes + framework majors)
Follow-up to the recent minor/vulnerability-only pass, this PR applies the deferred major upgrades across all eight runnable sample apps under
AI/andCustom Apps/. The goal was to move each sample onto current runtimes (Node 22 LTS, .NET 10) and framework majors (Express 5, React 19, Vite, MSAL/MGT v4) — making code changes where the majors required them — while keeping every app building and running. Each app has avalidate-sample.ps1that was run after every change; the final results and validation artifacts are below.Per-app upgrades
body-parserwith built-inexpress.json();engines.node >= 22engines.node >= 22; Dockerfilenode:20-alpine→node:22-alpine.npmrc(legacy-peer-deps) for shadcn transitive peers.npmrc(legacy-peer-deps)initialize();require→ ESM import; React 19 JSX typingREACT_APP_*→import.meta.env.VITE_*; Azure Functions v4 kept.js→.jsx;createRoot; MSALinitialize()fix;REACT_APP_*→VITE_*Final validation results
Run each with
pwsh -NoProfile -File "<app>/validate-sample.ps1"from the repo root./healthruntime smokefuncnot installed)funcnot installed)Validation artifacts — HTTP transcripts (background/API samples)
webhook — POST
/webhook?validationToken=…:mcp-server — GET
/health:AI/ocr — backend GET
/api/echo:Validation artifacts — screenshots (UI samples)
Per the upgrade plan, no validation assets are committed to the repo (everything under
.validation/is git-ignored). Screenshots were captured during the final validation run for each UI app and are staged uncommitted in the working tree under each app's.validation/screenshots/(curated copies under.validation/_pr-assets/<app>/screenshot.png):#rootmounted, no console errors).legal-docs

AI/ocr

project-management

boilerplate-react-azurefunction

boilerplate-typescript-react

How to reproduce
`pwsh
from repo root, per app:
pwsh -NoProfile -File "/validate-sample.ps1"
`
.NETsample requires the .NET 10 SDK.VALIDATION_NODE_COMMANDto override the node binary if needed.func) to exercise the Functions runtime; without it, builds/typechecks still run and the Functions runtime portion reportsSKIP_CONFIG.Documented exceptions
MSGraphService.cs+ interface + controllers). 4.31.0 has no known vulnerability and builds on .NET 10. Because the aspnet runtime can't be verified here (no tenant/SQL), the Graph major was deferred as a documented follow-up while the .NET 10 / EF Core 10 / Auth 10 upgrade landed.funcCore Tools is not installed in the validation environment, so the Functions host isn't started. Builds/typechecks still pass.net461Functions project (boilerplate-react-azurefunction): the authoritative Functions implementation is the JavaScript package (function.json+index.js); the legacyRaaSSampleFunctionApi.csproj(net461) is retained for a follow-up migration and is not built here.node:22-alpinebut the image build was not exercised.Risk & rollback notes
next-themes/vaulto their React-19 releases plus a committed.npmrc(legacy-peer-deps=true) so clean installs are deterministic..env,local.settings.json,appsettings.json, tenant identifiers, or validation assets are committed. HTTP transcripts above were reviewed and contain no tokens or tenant data.