[blocker]: Playwright CI never launches backend. The Playwright workflow installs dependencies and immediately runsnpx playwright test, but it neither starts the QueryWeaver backend/frontend nor setsPLAYWRIGHT_BASE_URL, so every navigation/API helper will hit an empty localhost port and time out on CI. Add a step (or PlaywrightwebServer config) that starts the API/frontend, waits for it to become reachable, and exportsPLAYWRIGHT_BASE_URL before the tests run.

[major]: Base URL left undefined.use.baseURL is commented out, so helpers likepage.goto('/') guess the host and CI cannot override it. Without a deterministic base URL the suite cannot talk to either localhost or staging. Setuse: { baseURL: process.env.PLAYWRIGHT_BASE_URL ?? 'http://localhost:5000', ... } (and pass the env in CI) so tests share a consistent origin.

[major]: Node typings out of sync with runtime.@types/node was bumped to ^24.x while Docker/CI still execute Node 22, so TypeScript will now allow APIs that crash under the shipped runtime when running the Playwright tooling. Either upgrade every runtime to Node 24 or pin@types/node to the 22.x series so type definitions match the deployed Node version.

[major]: Wrapper reuses handles after closing.closeBrowser() closes the page/browser but leavesthis.browser andthis.context populated, so the nextcreateNewPage() reuses handles Playwright has already torn down and throws target-closed errors. After closing, dispose the context and set boththis.browser andthis.context to null (or recreate them) so later calls relaunch cleanly.

[major]: API request contexts leak. Each helper creates arequest.newContext() when one isn’t supplied but never disposes it, so repeated calls leak HTTP sessions/processes and eventually hang the runner. Track whether the helper created the context (e.g.,const shouldDispose = !availableRequest) andawait requestContext.dispose() in a finally block when true.

[major]@types/node is bumped to 24.10 here while the project runtime is still Node 22 (see Dockerfile’ssetup_22.x install and the workflow’snode-version: lts/*). TypeScript will now permit APIs that only exist in Node 24, which will crash when the Playwright tooling runs under Node 22 inside Docker/CI. Please either keep the types on the 22.x line or upgrade the runtime everywhere so the type definitions match the actual Node version.

[major]closeBrowser() only closes the page and then the raw browser handle, but it never closes the activeBrowserContext or resetthis.browser/this.context tonull. After one test finishes those fields keep pointing at Playwright objects that have already been torn down, so the nextcreateNewPage will try to reuse a dead context and throwbrowserContext.newPage: Protocol error: Target closed. Pleaseawait this.context?.close() and null the fields (browser/context/page) when shutting down so a subsequent run can relaunch cleanly.

[major] Each helper here spins up a freshAPIRequestContext when one isn’t provided, but none of them ever dispose it. In a longer suite these stacks of orphaned contexts leak HTTP sessions/processes until Playwright hangs or hits the browser limit. Please track whether the helper created the context (e.g.const shouldDispose = !availableRequest) and callawait requestContext.dispose() in afinally block when appropriate so we don’t leak resources between API calls.

[major] Unlike the GET/POST/PATCH helpers,deleteRequest always creates a brand‑newAPIRequestContext, so callers such asdeleteGraph/deleteToken drop the authenticated session they just established and hit the endpoint without cookies/headers. Please accept the optionalavailableRequest parameter (mirroring the other helpers) and reuse it so DELETE calls keep the same auth context as the rest of the API interactions.

[major]uploadGraph builds a plain object{ file: filePath } and then forcesContent-Type: multipart/form-data. Playwright will serialize that object as JSON ({"file":"/tmp/foo.json"}) and the backend never receives any file bytes or multipart boundary, so uploads will always fail. Use Playwright’s multipart support instead—e.g.requestContext.post(url, { multipart: { file: await fs.createReadStream(filePath), database, description } })—and let Playwright set the header so the graph file actually reaches the server.

[major]playwright is added underdependencies, which means we now ship the browser binaries to every production install/deployment even though they are only needed for local/CI testing. This roughly gigabyte-sized dependency bloats Lambda/container images, slows prod deploys, and is unused at runtime. Please moveplaywright (and its transitive install) todevDependencies so only development/test environments pull it in.