-
Notifications
You must be signed in to change notification settings - Fork 54
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Maintenance: JS dependency updates #2759
Merged
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…n removing and babeling
…eact deps like select and modal
👍 in demo 🚢 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Who is this PR for?
developers, prompted by #2758
What problem does this PR fix?
#2758 Updated some JS dependencies, prompted by a false-positive vulnerability alert. It passed CI but the deploy failed. This led me to look more at what was going on, and how this could happen without failing the build. In the process, I updated the build process and many of the JS dependencies.
impact on build size
What does this PR do?
Yarn
yarn-checks-cli
, mostly for use when mucking with dependencies locally, but added it to CI as well.yarn check
is deprecated and full of false-positivesWebpack
devtool
sourcemap strategy, since it regressed the sourcemap quality. This is a bit slower but fine for now, and easy to change in isolation after.Polyfills
react-app-polyfill
fromcreate-react-app
, instead of our own.performance.now
. Remove those files and the pastedperformance.now
polyfill.eslint
eslint-plugin-compat
to catch when our code uses JS APIs that aren't supported in our target browsers. This also flaggedResponse
andURLSearchParams
, which were only used as test so set to ignore.eslint-plugin-compat
reads from.browserlistrc
, and then reads.eslintrc
settings to see what polyfills we expect to be present. This meants the values in.eslintrc
need to stay in sync withpolyfills.js
, so added comments in both places about that.es6: true
flag, since this includes JS APIs not just language features. Fromeslint
's perspective, this is best enforced byeslint-plugin-compat
and the settings for globals and polyfills.Testing
wrapper.html()
withmount
tests. Some tests failed after the upgrade, and investigated it turned out it was from lag between the DOM updating and the Enzyme#html
method reflecting that (the Enzyme docs had a method for manually synchronizing). Instead, just avoid this and check the DOM directly.Storybook
storybook-cli
to CI, to do a smoke test on building and loading stories.Other notes
query-string@6
isn't ES5 compatible, so kept it at 5 per those docsyarn outdated
looks like this now, 16 dependencies down from 60 prior to this PR:Not included
This doesn't updated any major versions of significant libraries (eg, moment, d3, highcharts).
I did look at upgrading React libs, but the React dependencies are also behind (eg,
react-select@1
leads to many warnings on lifecycle methods in React 16.9,react-virtualized
appears to require core-js@2). So I cut that out. To move that forward, it would be better to upgrade those dependencies first (or replace them,react-autocomplete
appears abandoned), and then upgrade the lib. Our code is straightforward for 16.9 at least.Checklists
Which features or pages does this PR touch?
Does this PR use tests to help verify we can deploy these changes quickly and confidently?