Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Removes YarnLockfileParser #6016

Merged
merged 3 commits into from
Nov 2, 2022
Merged

Removes YarnLockfileParser #6016

merged 3 commits into from
Nov 2, 2022

Conversation

bdragon
Copy link
Member

@bdragon bdragon commented Nov 1, 2022

YarnLockfileParser is a vestige from an era in which it may have been safer to parse a yarn.lock ourselves rather than shelling out to yarn. Elsewhere Dependabot uses a native helper, yarn:parseLockfile (which in turn uses Yarn's own lockfile parser) to parse yarn lockfiles. Since YarnLockfileParser is no longer needed, and in order to parse lockfiles consistently, this PR removes it.

@bdragon
Remove outdated comment
4a5578c
@bdragon
Remove YarnLockfileParser
22f718d 
YarnLockfileParser is a vestige from an era in which it may have been safer to parse a yarn.lock ourselves rather than shelling out to a native helper. Elsewhere Dependabot uses a native helper, `yarn:parseLockfile` (which in turn uses Yarn's own lockfile parser) to parse yarn lockfiles. Since the YarnLockfileParser is no longer required, and in order to parse lockfiles consistently, the class is being removed.
@bdragon bdragon requested a review from a team as a code owner November 1, 2022 22:30
mctofu
mctofu approved these changes Nov 1, 2022
View reviewed changes
Copy link
Contributor

@mctofu mctofu left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

✂️

@bdragon bdragon merged commit 2c0fae2 into main Nov 2, 2022
@bdragon bdragon deleted the bdragon/rm-yarn-lockfile-parser branch November 2, 2022 16:21
@pavera pavera mentioned this pull request Nov 30, 2022
Merged
thavaahariharangit pushed a commit that referenced this pull request May 13, 2024
#6016: Address RSpec/ContextMethod Rubocop violations
59380e5
thavaahariharangit added a commit that referenced this pull request May 13, 2024
@thavaahariharangit
Merge pull request #9713 from dependabot/harry/#6016
b23bd04 
#6016: Address RSpec/ContextMethod Rubocop violations
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mctofu mctofu mctofu approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@bdragon @mctofu