Find something like requires.io for our js libraries #5580
Comments
triage-new-issues
bot
added
the
triage
|
Bower is deprecated. Solutions like yarn, webpack and parcel all seem to want to bundle the stuff in a build process and serve it ourselves. We want to use CDN versions. I am looking at libraries.io as a way of just watching for version updates and doing it a bit more manually. Would still like something as slick as our requires.io setup though. |
|
We should account for/get rid of the duplication between logsite and decksite footer.mustache when we do this, too. |
triage-new-issues
bot
removed
the
triage
bakert
changed the title
|
libraries.io didn't find any dependencies so that's not going to do anything. cdnjs has an API so we could spin our own or hopefully someone has built something on that – https://cdnjs.com/api |
|
@silasary can you revoke the authorization for libraries.io or give me the power to do same? |
|
Revoked |
|
Maintenance task that queries cdnjs for the latest version of all our libs (parsed from footer.mustache or more appropriately situated in a client-requirements.txt/json that is then used to form footer.mustache more likely) if any differ it can flag in some way or (better) create a PR to update. This seems reasonable and not an insane amount of work but I still hope there's a third party solution to this as it must be a common problem. Am I overvaluing getting these from CDN and should just have us bundle them and serve them ourselves with something like parcel? |
|
We have npm and webpack as dependencies now so maybe that opens something up here. |
|
If we're prepared to put our dependencies under npm management we have some options. These will send us PRs so are probably best: https://depfu.com/ But that means not pointing at the cdn version of libraries and instead webpack-ing them ourselves. That seems bad. |
|
This was already done |
|
Dependabot is handling out npm packages. We just need to migrate the older CDN based js libraries into the webpack stuff |
|
As ridiculous as it sounds I rolled my own in a287014. Really surprised there's nothing better out there. Leaving this open until it is landed and proven working. |
Reported on Discord by bakert#2193
The text was updated successfully, but these errors were encountered: