1.9 KiB
1.9 KiB
Hypothesis: Outdated Dependencies Cause Performance Regressions
Claim
Outdated dependencies accumulate performance regressions over time through:
- Missing tree-shaking improvements in newer versions
- Duplicated polyfills for features now native to the runtime
- Unoptimized codepaths that newer releases have rewritten
- Missed bundle-size reductions from internal refactors
- Transitive dependency bloat from old sub-dependencies
Testing approach
Upgrade dependencies in order of likely performance impact on the cf-webapp Next.js dashboard (app.codeflash.ai). Build after each batch. Measure bundle size and build time before/after.
Experiment: cf-webapp (2026-04-10)
Baseline
- 46 outdated packages identified via
npm outdated - 16 major version bumps, ~30 semver-compatible patches
Round 1 — Semver-compatible patches (~30 packages)
React 19.2.5, Sentry 10.48.0, Radix UI patches, PostCSS 8.5.9, auth0 4.17.0, etc.
- Result: Build passes, 0 vulnerabilities
Round 2 — Major version upgrades (performance-impactful)
posthog-js1.127 → 1.367 (analytics SDK, loads every page)lucide-react0.563 → 1.8 (icon library, v1 tree-shaking rewrite; requiredGithub→GitForkrename — brand icons removed)tailwind-merge2.6 → 3.5 (used in everycn()call, v3 smaller/faster runtime)marked16.4 → 18.0 (markdown parser)react-markdown9.1 → 10.1 (required removingclassNameprop — dropped in v10)prettier3.2 → 3.8,lint-staged15 → 16,posthog-node4 → 5- Result: Build passes after migration fixes
Deferred (high migration cost)
- tailwindcss 3 → 4 (complete CSS framework rewrite)
- prisma 6 → 7 (database client API changes)
- zod 3 → 4 (validation API changes)
- typescript 5 → 6 (type system changes)
Measurements
TODO: Run ANALYZE=true npm run build before/after to capture concrete bundle size deltas.