Clean up dependencies in package.json

[june-tawk]

Summary by CodeRabbit

• Chores
  • Reorganized package dependencies and simplified project metadata.

[coderabbitai]

Walkthrough

The package.json file has been reorganized to remove public metadata fields and restructure dependencies. Metadata including author, license, repository, and keywords were removed. Dependencies were reorganized with "@ai-sdk/groq" moved to devDependencies, specific dev tools removed, and a new optionalDependencies block added for ioredis and mongodb.

Changes

Cohort / File(s)	Summary
Package Configuration package.json	Removed public metadata fields (author, license, repository, homepage, bugs, files, keywords) and top-level peerDependencies/peerDependenciesMeta blocks. Reorganized dependencies: moved "@ai-sdk/groq" to devDependencies, removed "@types/express" and "nodemon", and added new optionalDependencies block with ioredis and mongodb.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Poem

🐰 A hop through the dependencies so neat,
Metadata removed, the config's complete!
Groq now in dev, Redis waits by the door,
Cleaner, leaner package—we couldn't ask for more! 📦✨

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'Clean up dependencies in package.json' directly summarizes the main change: reorganizing and removing metadata and dependencies from package.json.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch clean-up-packages

Tip

Issue Planner is now in beta. Read the docs and try it out! Share your feedback on Discord.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

package.json (1)

1-7: ⚠️ Potential issue | 🟠 Major

Restore files and add a license field.

Two important manifest fields were dropped:

1. files — Without this field, npm publish includes everything not excluded by .npmignore/.gitignore. For a package whose build output lives in dist/, the tarball will unintentionally bundle src/, tests/, e2e scripts, dotenv configs, and any other dev artifacts. Even with publishConfig.access: "restricted", this bloats the tarball and risks exposing internal test fixtures or configuration. At minimum, add:

📦 Restore `files`

   "publishConfig": {
     "access": "restricted"
   },
+  "files": [
+    "dist",
+    "README.md"
+  ],

2. license — Omitting license causes npm to warn on install and can create ambiguity for internal legal/compliance review. Use "UNLICENSED" for proprietary packages or the appropriate SPDX identifier.

📝 Restore `license`

   "description": "...",
+  "license": "UNLICENSED",

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@package.json` around lines 1 - 7, The package manifest is missing the
top-level "files" and "license" fields; add a "files" array that restricts the
published tarball to the build output (e.g., include "dist/" or "dist/**") to
avoid shipping src/tests/configs, and add a "license" field (e.g., "UNLICENSED"
for proprietary packages or the correct SPDX identifier) next to the existing
"name"/"version"/"publishConfig" entries in package.json for
`@tawk.to/tawk-agents-sdk` so npm publish produces a minimal, compliant package.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@package.json`:
- Around line 76-79: Replace the current optionalDependencies block that lists
"ioredis" and "mongodb" with peerDependencies and add peerDependenciesMeta to
mark them optional: remove the "optionalDependencies" key, add a
"peerDependencies" entry including "ioredis" and "mongodb" with the same semver
ranges, and add a "peerDependenciesMeta" entry setting both "ioredis" and
"mongodb" to { "optional": true } so consumers aren't forced to install these
heavy packages while preserving optional peer semantics.

---

Outside diff comments:
In `@package.json`:
- Around line 1-7: The package manifest is missing the top-level "files" and
"license" fields; add a "files" array that restricts the published tarball to
the build output (e.g., include "dist/" or "dist/**") to avoid shipping
src/tests/configs, and add a "license" field (e.g., "UNLICENSED" for proprietary
packages or the correct SPDX identifier) next to the existing
"name"/"version"/"publishConfig" entries in package.json for
`@tawk.to/tawk-agents-sdk` so npm publish produces a minimal, compliant package.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

optionalDependencies auto-installs ioredis and mongodb for every consumer — revert to peerDependencies + peerDependenciesMeta.

The semantics of optionalDependencies and optional peer dependencies are fundamentally different:

• optionalDependencies are installed by npm by default; optional peer dependencies declared via peerDependenciesMeta are not auto-installed.
• Marking a peer dependency as optional in peerDependenciesMeta suppresses install warnings without triggering an auto-install, while optionalDependencies tells npm to proceed even if the package fails to install — but it still attempts installation.

For an SDK that optionally integrates with Redis or MongoDB, optionalDependencies forces ioredis and mongodb onto every downstream consumer regardless of whether they use those features. Both are heavyweight packages (MongoDB driver includes native bindings). This conflicts with the "bring your own adapter" contract that peerDependenciesMeta was designed for.

Restore the previous pattern:

🔧 Revert to `peerDependencies` + `peerDependenciesMeta`

-  "optionalDependencies": {
-    "ioredis": "^5.4.2",
-    "mongodb": "^6.12.0"
-  }
+  "peerDependencies": {
+    "ioredis": "^5.4.2",
+    "mongodb": "^6.12.0"
+  },
+  "peerDependenciesMeta": {
+    "ioredis": {
+      "optional": true
+    },
+    "mongodb": {
+      "optional": true
+    }
+  }

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	"optionalDependencies": {
	"ioredis": "^5.4.2",
	"mongodb": "^6.12.0"
	}
	"peerDependencies": {
	"ioredis": "^5.4.2",
	"mongodb": "^6.12.0"
	},
	"peerDependenciesMeta": {
	"ioredis": {
	"optional": true
	},
	"mongodb": {
	"optional": true
	}
	}

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@package.json` around lines 76 - 79, Replace the current optionalDependencies
block that lists "ioredis" and "mongodb" with peerDependencies and add
peerDependenciesMeta to mark them optional: remove the "optionalDependencies"
key, add a "peerDependencies" entry including "ioredis" and "mongodb" with the
same semver ranges, and add a "peerDependenciesMeta" entry setting both
"ioredis" and "mongodb" to { "optional": true } so consumers aren't forced to
install these heavy packages while preserving optional peer semantics.