New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Find something like requires.io for our js libraries #5580
Comments
Bower is deprecated. Solutions like yarn, webpack and parcel all seem to want to bundle the stuff in a build process and serve it ourselves. We want to use CDN versions. I am looking at libraries.io as a way of just watching for version updates and doing it a bit more manually. Would still like something as slick as our requires.io setup though. |
We should account for/get rid of the duplication between logsite and decksite footer.mustache when we do this, too. |
libraries.io didn't find any dependencies so that's not going to do anything. cdnjs has an API so we could spin our own or hopefully someone has built something on that – https://cdnjs.com/api |
@silasary can you revoke the authorization for libraries.io or give me the power to do same? |
Revoked |
Maintenance task that queries cdnjs for the latest version of all our libs (parsed from footer.mustache or more appropriately situated in a client-requirements.txt/json that is then used to form footer.mustache more likely) if any differ it can flag in some way or (better) create a PR to update. This seems reasonable and not an insane amount of work but I still hope there's a third party solution to this as it must be a common problem. Am I overvaluing getting these from CDN and should just have us bundle them and serve them ourselves with something like parcel? |
We have npm and webpack as dependencies now so maybe that opens something up here. |
If we're prepared to put our dependencies under npm management we have some options. These will send us PRs so are probably best: https://depfu.com/ But that means not pointing at the cdn version of libraries and instead webpack-ing them ourselves. That seems bad. |
This was already done |
Dependabot is handling out npm packages. We just need to migrate the older CDN based js libraries into the webpack stuff |
As ridiculous as it sounds I rolled my own in a287014. Really surprised there's nothing better out there. Leaving this open until it is landed and proven working. |
Reported on Discord by bakert#2193
The text was updated successfully, but these errors were encountered: