fix(deps): bump angular to 15.2.4 and update all dependencies possible

[joanise]

• bump all angular packages to 15.2.4 to fix dependencies and do fresh npm install
• run "npm audit fix --force" to make sure the necessary bumps were done
• run "npm update --save" to update everything that can be updated

Fixes https://github.com/ReadAlongs/Web-Component/security/dependabot/31

[joanise]

To test this on my machine, I had to:

npm update -g ng ng-cli nx
rm -r node_modules
rm -r packages/*/node_modules
npm install

and then build/serve/test as usual.

[dhdaines]

To test this on my machine, I had to:

npm update -g ng ng-cli nx
rm -r node_modules
rm -r packages/*/node_modules
npm install

and then build/serve/test as usual.

Hmm, ng and ng-cli aren't actually useful, I think you mean angular and angular-cli? I am able to build/run/test everything without installing nx globally in any case. Running audit/update pulls in a couple newer versions so I will commit those as well.

[dhdaines]

Hmm, ng and ng-cli aren't actually useful, I think you mean angular and angular-cli? I am able to build/run/test everything without installing nx globally in any case. Running audit/update pulls in a couple newer versions so I will commit those as well.

Oh, wait, no, I see what you mean, the tests don't run without ng installed somewhere.

[dhdaines]

strange though because ng should be provided by @angular/cli ...

[dhdaines]

and ... sorry for the spam, but all I had to do was run npm install -D @angular/cli at the top level - I suggest not installing ng-cli, it is, I think, an old version of the Angluar CLI.

[dhdaines]

looks fine to me, perhaps need to run install one more time to update package-lock.json (I can't do this because I have the wrong versions of node, it seems)

[joanise]

I think I'm going to start using npx ng and npx nx systematically instead of ng and nx, and remove everything I've installed globally.

We run nx and ng directly as CLI commands, and that only works if you've installed them globally. It's quite possible I'm using the wrong version in my global config, yet another reason to ditch global installs and using npx!

I also keep getting warnings that global and local ng are out of sync, because my Coursera course project is ng 14 but this one is ng 15, and therefore it's not even possible for me to have my global in sync with all my projects. Again, npx is the obvious solution.

[joanise]

I ran several further rounds in install and audit fix, it seems like every single run of that finds yet another package to update! I don't get it.

[joanise]

I ran several further rounds in install and audit fix, it seems like every single run of that finds yet another package to update! I don't get it.

Wait, yes, I do get it: you picked up webpack 5.77.0, which got published 4 hours ago, half a day after I push my PR. I guess that's just the speed of the web, isn't it?

[joanise]

There, done:

npm uninstall -g ng nx ng-cli nx-cli

now ng and nx aren't on my path anymore so I won't be tempted (or able) to use them in any other way than via npx.

[joanise]

There's a problem with this PR on my Windows machine. I keep getting this error message:

Could not find 'nx' module in this workspace. Error: Invalid source or target versions. Source: 5.1, Target: 5.0.
Only backwards compatibility between "5.0" and "4.0" is supported.
This error can be caused by "@nrwl/..." packages getting out of sync or outdated project graph cache.
Check the versions running "nx report" and/or remove your "nxdeps.json" file (in node_modules/.cache/nx folder).

This time, it was when running npx nx bundle web-component, but it happens with a variety of nx commands.

When this happens, I can delete node_modules/.cache/nx/nxdeps.json and try again and things are fine for a little while, until I get the same message again. I have looked for but not found where those supposed Source: 5.1 and Target: 5.0 settings are, and so I don't know what to fix to make the problem go away for good.

[joanise]

Oh, I think I figured it out: I changed some nx package versions without using the official nx migrate tool, and I probably have inconsistent versions that it doesn't like.

[joanise]

Fixed with nx migrate latest. It bumped a bunch of things, in what is presumably a coherent way, keeping all the nx-related modules in sync with each other.

[roedoejet]

Thanks @joanise !