-
Notifications
You must be signed in to change notification settings - Fork 161
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: pin platform transitive dependencies with npm #10864
Conversation
Trying to use this with
|
Uses the same vaadin_versions.json file based pinning as with pnpm. In case the application has @NpmPackage annotation with a certain version, then that is used over the platform pinned version. When that is older, a warning is logged (like with pnpm). In case a dependency has been pinned directly in package.json, then that is used over the platform pinned version. When that is older, a warning is logged (like with pnpm). Fixes #10572
flow-server/src/main/java/com/vaadin/flow/server/frontend/FrontendVersion.java
Outdated
Show resolved
Hide resolved
flow-server/src/main/java/com/vaadin/flow/server/frontend/FrontendVersion.java
Show resolved
Hide resolved
flow-server/src/main/java/com/vaadin/flow/server/frontend/FrontendVersion.java
Outdated
Show resolved
Hide resolved
flow-server/src/main/java/com/vaadin/flow/server/frontend/FrontendVersion.java
Outdated
Show resolved
Hide resolved
flow-server/src/main/java/com/vaadin/flow/server/frontend/NodeUpdater.java
Outdated
Show resolved
Hide resolved
flow-server/src/main/java/com/vaadin/flow/server/frontend/TaskUpdatePackages.java
Show resolved
Hide resolved
flow-server/src/main/java/com/vaadin/flow/server/frontend/NodeUpdater.java
Show resolved
Hide resolved
Still need to fix and add a test for this EDIT - done |
flow-server/src/main/java/com/vaadin/flow/server/frontend/FrontendVersion.java
Outdated
Show resolved
Hide resolved
flow-server/src/main/java/com/vaadin/flow/server/frontend/VersionsJsonFilter.java
Outdated
Show resolved
Hide resolved
flow-server/src/main/java/com/vaadin/flow/server/frontend/VersionsJsonFilter.java
Outdated
Show resolved
Hide resolved
SonarQube analysis reported 14 issues Top 10 issues
|
Uses the same vaadin_versions.json file based pinning as with pnpm. In case the application has @NpmPackage annotation with a certain version, then that is used over the platform pinned version. When that is older, a warning is logged (like with pnpm). In case a dependency has been pinned directly in package.json, then that is used over the platform pinned version. When that is older, a warning is logged (like with pnpm). Fixes #10572
Uses the same vaadin_versions.json file based pinning as with pnpm. In case the application has @NpmPackage annotation with a certain version, then that is used over the platform pinned version. When that is older, a warning is logged (like with pnpm). In case a dependency has been pinned directly in package.json, then that is used over the platform pinned version. When that is older, a warning is logged (like with pnpm). Fixes #10572
Uses the same vaadin_versions.json file based pinning as with pnpm. In case the application has @NpmPackage annotation with a certain version, then that is used over the platform pinned version. When that is older, a warning is logged (like with pnpm). In case a dependency has been pinned directly in package.json, then that is used over the platform pinned version. When that is older, a warning is logged (like with pnpm). Fixes #10572 Co-authored-by: Pekka Hyvönen <pekka@vaadin.com>
Uses the same vaadin_versions.json file based pinning as with pnpm. In case the application has @NpmPackage annotation with a certain version, then that is used over the platform pinned version. When that is older, a warning is logged (like with pnpm). In case a dependency has been pinned directly in package.json, then that is used over the platform pinned version. When that is older, a warning is logged (like with pnpm). Fixes #10572
This wasn't picked to 14-series, but to be honest, I don't remember why it was not - my bet is that due to "caution" it was to be tested in 7.0 (v20) first, where it seems to be working out fine. |
Uses the same vaadin_versions.json file based pinning as with pnpm. In case the application has @NpmPackage annotation with a certain version, then that is used over the platform pinned version. When that is older, a warning is logged (like with pnpm). In case a dependency has been pinned directly in package.json, then that is used over the platform pinned version. When that is older, a warning is logged (like with pnpm). Fixes #10572
Uses the same vaadin_versions.json file based pinning as with pnpm. In case the application has @NpmPackage annotation with a certain version, then that is used over the platform pinned version. When that is older, a warning is logged (like with pnpm). In case a dependency has been pinned directly in package.json, then that is used over the platform pinned version. When that is older, a warning is logged (like with pnpm). Fixes #10572
Uses the same vaadin_versions.json file based pinning as with pnpm. In case the application has @NpmPackage annotation with a certain version, then that is used over the platform pinned version. When that is older, a warning is logged (like with pnpm). In case a dependency has been pinned directly in package.json, then that is used over the platform pinned version. When that is older, a warning is logged (like with pnpm). Fixes #10572
Uses the same vaadin_versions.json file based pinning as with pnpm.
In case the application has @NpmPackage annotation with a certain version,
then that is used over the platform pinned version. When that is older,
a warning is logged (like with pnpm).
In case a dependency has been pinned directly in package.json, then that
is used over the platform pinned version. When that is older, a warning
is logged (like with pnpm).
Fixes #10572