Permalink
Browse files

MDL-52250 npm: remove uglify-js dependency/bump grunt-contrib-uglify

A) Remove direct dependency on uglify-js:

This dependency was added in MDL-50277, but it isn't quite correct, the
way npm installs dependencies means that grunt-contrib-uglify *could* use
'our' version if its satisifed. But does not *always* and especially does
not if the grunt-contrib-uglify requirement is higher than ours.

Long story short, in many cases this means that this is used:
 node_modules/grunt-contrib-uglify/node_modules/uglify-js
But this is not:
  node_modules/uglify-js

In MDL-50277 we thought we were making the version sticky, but in
reality we were just fixing previous problems by updating
grunt-contrib-uglify to a version which fixed a bug:

 gruntjs/grunt-contrib-uglify#313

It seems the better solution will come with using npm shrinkwrap to lock
down depdencies.

B) Bump grunt-contrib-uglify to 0.11.0

This moves us to uglify-js ~2.6.0 - which doens't change any output
files.
  • Loading branch information...
danpoltawski committed Dec 2, 2015
1 parent e64751f commit 68dfa89fea5933d7d48b6cee6278fbc3c94dd10e
Showing with 2 additions and 3 deletions.
  1. +2 −3 package.json
View
@@ -6,8 +6,7 @@
"grunt": "0.4.5",
"grunt-contrib-jshint": "0.11.3",
"grunt-contrib-less": "1.1.0",
"grunt-contrib-uglify": "0.9.1",
"shifter": "0.5.0",
"uglify-js": "2.4.22"
"grunt-contrib-uglify": "0.11.0",
"shifter": "0.5.0"
}
}

0 comments on commit 68dfa89

Please sign in to comment.