fix: detect stale Pro migration module specifiers

[justin808]

Summary

• detect stale react-on-rails package references in Jest-style mock helpers during Pro migrations
• detect TypeScript declare module 'react-on-rails' augmentations so doctor catches another silent migration leftover
• cover both cases in doctor specs

Refs #3104

Test Plan

• bundle exec rspec react_on_rails/spec/lib/react_on_rails/doctor_spec.rb:2533 react_on_rails/spec/lib/react_on_rails/doctor_spec.rb:2552
• bundle exec rubocop react_on_rails/lib/react_on_rails/doctor.rb react_on_rails/spec/lib/react_on_rails/doctor_spec.rb
• git diff --check

---

Note

Low Risk
Low risk: expands react_on_rails:doctor static scanning regexes and adds specs; no runtime rendering/auth logic changes.

Overview
Improves Pro migration diagnostics in react_on_rails:doctor. The base-package reference scan now also flags Jest/Vitest-style mock calls (e.g., jest.mock('react-on-rails')) and TypeScript declare module 'react-on-rails' blocks, catching migration leftovers that previously slipped past import/require detection.

Adds regression coverage for both new patterns, and documents the fix in the changelog.

^{Reviewed by Cursor Bugbot for commit fa3c407. Bugbot is set up for automated code reviews on this repo. Configure here.}

[chatgpt-codex-connector]

You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard.

[coderabbitai]

Warning

Rate limit exceeded

@justin808 has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 3 minutes and 23 seconds before requesting another review.

To keep reviews running without waiting, you can enable usage-based add-on for your organization. This allows additional reviews beyond the hourly cap. Account admins can enable it under billing.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: a290cc79-b3b4-4463-b65f-e4ea78095d65

📥 Commits

Reviewing files that changed from the base of the PR and between f25cde3 and fa3c407.

📒 Files selected for processing (3)

• CHANGELOG.md
• react_on_rails/lib/react_on_rails/doctor.rb
• react_on_rails/spec/lib/react_on_rails/doctor_spec.rb

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch codex/doctor-pro-module-specifiers

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Review rate limit: 0/8 reviews remaining, refill in 3 minutes and 23 seconds.}

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[greptile-apps]

Greptile Summary

This PR extends the check_base_package_imports doctor check to detect two additional stale-module-specifier patterns that survive a migration from react-on-rails to react-on-rails-pro: Jest/Vitest mock calls (jest.mock('react-on-rails', ...)) and TypeScript ambient module declarations (declare module 'react-on-rails' { … }). Both patterns are covered by well-formed regex constants and backed by new RSpec contexts that exercise the detection end-to-end.

Confidence Score: 4/5

Safe to merge; the only finding is a P2 wording improvement to the warning message.

No logic errors or regressions introduced. The two new regex patterns are correct and the tests validate them. The only concern is a P2: the existing warning message and fix suggestion are framed around import/require patterns and don't give accurate guidance for the newly-detected mock-call and declare module cases.

react_on_rails/lib/react_on_rails/doctor.rb — warning message wording should be updated to mention mock/declare-module patterns.

Important Files Changed

Filename	Overview
react_on_rails/lib/react_on_rails/doctor.rb	Adds two new regex constants and extends the file-content guard to detect jest.mock-style calls and TypeScript declare module augmentations that still reference the base react-on-rails package after a Pro migration; warning message wording not updated to cover the new patterns.
react_on_rails/spec/lib/react_on_rails/doctor_spec.rb	Adds two new test contexts for the mock-call pattern and the declare module pattern; tests set up temp directories correctly and assert the expected warning is produced.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[check_base_package_imports] --> B[resolve_js_source_path]
    B --> C[Glob js/jsx/ts/tsx files]
    C --> D{File content matches?}
    D -->|import from react-on-rails| E[files_with_base_import << file]
    D -->|require react-on-rails| E
    D -->|jest.mock react-on-rails NEW| E
    D -->|declare module react-on-rails NEW| E
    D -->|no match| F[next file]
    E --> G{Any files collected?}
    G -->|yes| H[add_warning with file list]
    G -->|no| I[add_success]

Loading

Comments Outside Diff (1)

1. react_on_rails/lib/react_on_rails/doctor.rb, line 2779-2789 (link)

   Warning message doesn't cover newly-detected patterns

   The warning message and its fix suggestion are still written entirely in terms of ES module imports (import … from) and CommonJS requires (require(...)). The two new patterns — jest.mock('react-on-rails', ...) and declare module 'react-on-rails' { … } — will now be flagged, but the suggested fix ("Update imports to use 'react-on-rails-pro'") is misleading for those cases: a test-mock call should be changed to jest.mock('react-on-rails-pro', ...), and a declare module augmentation should target 'react-on-rails-pro' instead. Consider splitting the message or adding a note that covers these additional patterns.

_{Reviews (1): Last reviewed commit: "Add changelog for Pro doctor specifier s..." | Re-trigger Greptile}

[cursor]

Cursor Bugbot has reviewed your changes and found 1 potential issue.

Bugbot Autofix prepared a fix for the issue found in the latest run.

• ✅ Fixed: Warning message misleads for mock and declaration matches
  • Generalized the doctor warning and spec coverage so mock and declaration matches are described as package references with applicable remediation guidance.

Or push these changes by commenting:

@cursor push 2c7191062e

Preview (2c7191062e)

diff --git a/react_on_rails/lib/react_on_rails/doctor.rb b/react_on_rails/lib/react_on_rails/doctor.rb
--- a/react_on_rails/lib/react_on_rails/doctor.rb
+++ b/react_on_rails/lib/react_on_rails/doctor.rb
@@ -2747,9 +2747,9 @@
     end
 
     # The base 'react-on-rails' npm package is a transitive dependency of 'react-on-rails-pro',
-    # so `import ... from 'react-on-rails'` resolves silently — loading the base package instead
-    # of Pro. Components registered through the base package won't have Pro features (streaming,
-    # caching, RSC), and may cause "component not registered" errors at runtime.
+    # so references to 'react-on-rails' resolve silently — loading the base package instead of Pro.
+    # Components registered through the base package won't have Pro features (streaming, caching,
+    # RSC), and may cause "component not registered" errors at runtime.
     BASE_PACKAGE_IMPORT_PATTERN = %r{\bfrom\s+['"]react-on-rails(?:/[^'"]*)?['"]}
     BASE_PACKAGE_REQUIRE_PATTERN = %r{\brequire\s*\(\s*['"]react-on-rails(?:/[^'"]*)?['"]\s*\)}
     BASE_PACKAGE_MOCK_PATTERN = %r{\b\w+\.(?:mock|unmock|doMock|dontMock|requireActual|requireMock)\s*\(\s*['"]react-on-rails(?:/[^'"]*)?['"]} # rubocop:disable Layout/LineLength
@@ -2777,13 +2777,13 @@
         checker.add_success("✅ No base 'react-on-rails' imports found (Pro package used correctly)")
       else
         checker.add_warning(<<~MSG.strip)
-          ⚠️  Found imports from 'react-on-rails' instead of 'react-on-rails-pro':
+          ⚠️  Found references to 'react-on-rails' instead of 'react-on-rails-pro':
           #{files_with_base_import.map { |f| "  • #{f}" }.join("\n")}
 
-          The base package is a transitive dependency of Pro, so these imports resolve
+          The base package is a transitive dependency of Pro, so these references resolve
           silently but load the base version without Pro features.
 
-          Fix: Update imports to use 'react-on-rails-pro':
+          Fix: Update imports, require calls, mocks, and declarations to use 'react-on-rails-pro':
             import ReactOnRails from 'react-on-rails-pro';        // server
             import ReactOnRails from 'react-on-rails-pro/client';  // client
         MSG

diff --git a/react_on_rails/spec/lib/react_on_rails/doctor_spec.rb b/react_on_rails/spec/lib/react_on_rails/doctor_spec.rb
--- a/react_on_rails/spec/lib/react_on_rails/doctor_spec.rb
+++ b/react_on_rails/spec/lib/react_on_rails/doctor_spec.rb
@@ -2546,6 +2546,7 @@
         doctor.send(:check_base_package_imports)
         warning_msgs = checker.messages.select { |m| m[:type] == :warning }
         expect(warning_msgs.any? { |m| m[:content].include?("app.test.ts") }).to be true
+        expect(warning_msgs.any? { |m| m[:content].include?("Found references to 'react-on-rails'") }).to be true
       end
     end
 
@@ -2565,6 +2566,7 @@
         doctor.send(:check_base_package_imports)
         warning_msgs = checker.messages.select { |m| m[:type] == :warning }
         expect(warning_msgs.any? { |m| m[:content].include?("react-on-rails.d.ts") }).to be true
+        expect(warning_msgs.any? { |m| m[:content].include?("imports, require calls, mocks, and declarations") }).to be true
       end
     end

_{You can send follow-ups to the cloud agent here.}

^{Reviewed by Cursor Bugbot for commit fa3c407. Configure here.}

[cursor]

Warning message misleads for mock and declaration matches

Low Severity

The new BASE_PACKAGE_MOCK_PATTERN and BASE_PACKAGE_DECLARE_MODULE_PATTERN now trigger the existing warning that says "Found imports from 'react-on-rails'" with a fix suggesting import ReactOnRails from 'react-on-rails-pro'. When the actual match is a jest.mock('react-on-rails') or declare module 'react-on-rails', calling these "imports" is inaccurate and the import-specific fix guidance doesn't apply to those cases. The diagnostic will point users to the correct files but give them inapplicable remediation advice.

 

^{Reviewed by Cursor Bugbot for commit fa3c407. Configure here.}

[claude]

The # rubocop:disable Layout/LineLength is needed because of the long method list inline. A small readability improvement would be to extract the alternation into a named group or split across assignment lines:

BASE_PACKAGE_MOCK_METHODS = %r{mock|unmock|doMock|dontMock|requireActual|requireMock}
BASE_PACKAGE_MOCK_PATTERN =
  %r{\b\w+\.(?:#{BASE_PACKAGE_MOCK_METHODS.source})\s*\(\s*['"]react-on-rails(?:/[^'"]*)?['"]}

Not a blocker, just worth considering if this constant ever needs extending again.

[claude]

The ^ anchor here works in Ruby because ^ matches the beginning of a line (not just the string), so multiline file content is handled correctly. Worth a brief comment so a future reader doesn't mistake it for \A:

Suggested change

	BASE_PACKAGE_DECLARE_MODULE_PATTERN = %r{^\s*declare\s+module\s+['"]react-on-rails(?:/[^'"]*)?['"]}
	BASE_PACKAGE_DECLARE_MODULE_PATTERN = %r{^\s*declare\s+module\s+['"]react-on-rails(?:/[^'"]*)?['"]} # ^ = start of any line

[claude]

Two gaps worth adding:

1. Negative test — jest.mock('react-on-rails-pro', ...) should not trigger a warning. The regex is constructed correctly (the -pro suffix prevents a match), but a negative spec locks that in explicitly.

2. Subpath mock — jest.mock('react-on-rails/client') is another common leftover pattern; a spec confirming it is caught would match the subpath coverage already present for import/require.

context "when JS tests mock the base package subpath (e.g. react-on-rails/client)" do
  # ...
  File.write("app/javascript/packs/app.test.ts",
             "jest.mock('react-on-rails/client', () => ({}));\n")
  # expects warning
end

context "when JS tests mock the Pro package (no warning expected)" do
  # ...
  File.write("app/javascript/packs/app.test.ts",
             "jest.mock('react-on-rails-pro', () => ({}));\n")
  # expects success, not warning
end

[claude]

.d.ts files are picked up because **/*.ts matches anything ending in .ts — react-on-rails.d.ts qualifies. This works correctly, but it's non-obvious. A short comment in the test (or a note alongside js_extensions in doctor.rb) would help a future reader who wonders why .d.ts files are covered without an explicit extension entry.

[claude]

Review: fix: detect stale Pro migration module specifiers

Overall this is a clean, well-scoped addition. The two new regex constants are logically correct and the test structure follows the existing pattern. A few things worth addressing before merge:

---

🔴 Warning message doesn't cover the new detection types

The existing warning text (unchanged in this PR) was written only for import/require:

⚠️  Found imports from 'react-on-rails' instead of 'react-on-rails-pro':
  • app/javascript/packs/app.test.ts

Fix: Update imports to use 'react-on-rails-pro':
  import ReactOnRails from 'react-on-rails-pro';        // server
  import ReactOnRails from 'react-on-rails-pro/client';  // client

When the trigger is a Jest mock or a declare module block the fix guidance is wrong — the user is told to change an import statement, but there is no import to change. They need to know to update the mock or the type augmentation instead. Suggested fix:

Fix: Replace all base-package references with 'react-on-rails-pro':
  import ReactOnRails from 'react-on-rails-pro';              // ESM import (server)
  import ReactOnRails from 'react-on-rails-pro/client';       // ESM import (client)
  jest.mock('react-on-rails-pro', ...);                       // test mock
  declare module 'react-on-rails-pro' { ... }                 // TypeScript augmentation

---

🟡 Test gaps

1. No negative test for the mock pattern — jest.mock('react-on-rails-pro', ...) must not trigger a warning. The regex is correct, but a dedicated spec would make that guarantee explicit (see inline comment on line 2549).

2. Subpath mock not covered — jest.mock('react-on-rails/client') is a natural counterpart to the import ... from 'react-on-rails/client' test that already exists.

---

🟢 Things that look good

• Both new regex patterns correctly exclude react-on-rails-pro — the (?:/[^'"]*) optional subpath group requires a / prefix, so -pro is never a false match.
• ^ in BASE_PACKAGE_DECLARE_MODULE_PATTERN is line-anchored in Ruby (not string-anchored), so multiline .d.ts content is handled correctly.
• .d.ts files are covered implicitly by **/*.ts (they end in .ts); this works as intended, just non-obvious to a future reader.
• The rubocop disables are accurate — Metrics/PerceivedComplexity is the right addition alongside the pre-existing CyclomaticComplexity disable.
• Changelog entry is clear and links the issue correctly.

[claude]

The growing number of patterns and the two rubocop:disable overrides are a signal to extract a small helper. An array-based approach eliminates the complexity flags without requiring any linter suppression:

Suggested change

	PATTERNS = [
	BASE_PACKAGE_IMPORT_PATTERN,
	BASE_PACKAGE_REQUIRE_PATTERN,
	BASE_PACKAGE_MOCK_PATTERN,
	BASE_PACKAGE_DECLARE_MODULE_PATTERN,
	].freeze
	def check_base_package_imports
	source_path = resolve_js_source_path
	js_extensions = %w[js jsx ts tsx]
	js_patterns = js_extensions.map { |ext| "#{source_path}/**/*.#{ext}" }
	files_with_base_import = []
	js_patterns.each do |pattern|
	Dir.glob(pattern).each do |file|
	content = File.read(file)
	next unless PATTERNS.any? { |p| content.match?(p) }
	files_with_base_import << file
	end
	end

This also makes it trivial to add a fifth pattern in the future without touching the loop logic or bumping the complexity metrics.

[claude]

The inline rubocop:disable Layout/LineLength can be avoided with Ruby's extended-regex flag (x), which allows whitespace and comments inside the literal:

Suggested change

	BASE_PACKAGE_MOCK_PATTERN = %r{\b\w+\.(?:mock|unmock|doMock|dontMock|requireActual|requireMock)\s*\(\s*['"]react-on-rails(?:/[^'"]*)?['"]} # rubocop:disable Layout/LineLength
	BASE_PACKAGE_MOCK_PATTERN = %r{
	\b\w+\. # object receiver (jest / vi / module / …)
	(?:mock|unmock|doMock|dontMock|requireActual|requireMock)
	\s*\(\s*['"]react-on-rails(?:/[^'"]*)?['"]
	}x

Side note: requireActual('react-on-rails') is used specifically to bypass a mock and load the real base package — that's a different situation from a forgotten jest.mock. Worth deciding intentionally whether to flag it (the current behaviour) or exclude it.

[claude]

Code Review

Overall: A focused, low-risk improvement to the Pro migration diagnostic. The two new regex patterns correctly catch categories of base-package references that were previously invisible to the scanner, and the specs cover both new paths. A few things worth addressing before merge:

---

Warning message is stale for the new pattern types

The existing warning text (⚠️ Found imports from 'react-on-rails'...) and the fix guidance (import ReactOnRails from 'react-on-rails-pro') were written for import/require cases only. Now that the scanner also catches Jest mocks and declare module blocks, the message can mislead users:

• A test file with jest.mock('react-on-rails', ...) doesn't need a new import statement — it needs the mock target updated to 'react-on-rails-pro', or the mock deleted.
• A .d.ts declaration file with declare module 'react-on-rails' needs the block deleted or retargeted, not an import added.

The success path also reads "No base 'react-on-rails' imports found" — technically wrong now that mocks and type declarations are in scope.

Suggested language update (in check_base_package_imports, around line 2778):

checker.add_success("✅ No base 'react-on-rails' references found (Pro package used correctly)")
# ...
checker.add_warning(<<~MSG.strip)
  ⚠️  Found references to 'react-on-rails' instead of 'react-on-rails-pro':
  #{files_with_base_import.map { |f| "  • #{f}" }.join("\n")}

  The base package is a transitive dependency of Pro, so these references resolve
  silently but load the base version without Pro features.

  Fix: replace base-package references with their Pro equivalents:
    import ReactOnRails from 'react-on-rails-pro';         // ES import (server)
    import ReactOnRails from 'react-on-rails-pro/client';  // ES import (client)
    jest.mock('react-on-rails-pro', ...)                   // Jest/Vitest mock
    // delete stale 'declare module' blocks in .d.ts files
MSG

---

declare module test file is not covered by the glob

The test creates app/javascript/types/react-on-rails.d.ts, and *.ts does match .d.ts files (glob * matches .), so the test works today. Worth a brief note in the test or a comment on the constant that .d.ts files are intentionally included via the *.ts glob — this isn't obvious to future readers and could be accidentally broken if someone restricts the glob to exclude type-declaration files.

---

No negative regression test for declare module 'react-on-rails-pro'

There's a negative test for imports from 'react-on-rails-pro' but not one for declare module 'react-on-rails-pro' { ... }. Given that the DECLARE_MODULE_PATTERN regex uses a lookahead-free negative approach (the package name must match exactly), a quick sanity spec confirming declare module 'react-on-rails-pro' does not trigger would be a cheap safety net.

---

Minor: requireActual semantics differ from mock

jest.requireActual('react-on-rails') is used to bypass a mock and explicitly load the real base package — intentional usage, not always a migration leftover. The current implementation flags it (which is defensible as "any base-package reference is suspect"), but if a real user hits a false positive here, the warning could be confusing. At minimum, consider documenting the decision in the constant's comment.