New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use yargs instead of deprecated optimist in 4.x release #1658
Comments
I think it may break the cli, so I'd rather not update in the 4.x branch. I am sometimes working on 5.0 in the master, but since this is all voluntary work and I have a lot of other duties, I cannot tell when it with be ready. |
Moving from This would be something I would imagine that Handlebars would want to backport to the 4.x branch. An alternative that I have proposed is to relax the dependencies in https://github.com/substack/node-optimist/pull/150 Edit: Workaround below, using Yarn: #1658 (comment) |
OK, I think we can give it a shot. The yargs API really seems to be like the optimist API. Does anybody want to create a PR for 4.x? I would really feel better if there were some more tests verifying that the CLI still works the same after the migration. There is currently only one here. It would be cool to have some test using different parameters. Create some tests, check that they work with optimist, then migrate to yargs and see if they still work. Could anybody do that? |
If you use Yarn, here's a workaround for now until this is fixed (maybe with #1662): Add the following resolution to your "resolutions": {
"**/optimist/minimist": "0.2.1"
} This will force all versions of |
The latest |
See #1661 |
…ed code from master to latest yargs (`.option` calls). ``` 4.x: found 188 vulnerabilities (169 low, 4 moderate, 14 high, 1 critical) in 5815 scanned packages 4.x with this PR: found 32 vulnerabilities (17 low, 1 moderate, 13 high, 1 critical) in 5829 scanned packages ```
closes handlebars-lang#1658 adapted code from master to latest yargs (`.option` calls). ``` 4.x: found 188 vulnerabilities (169 low, 4 moderate, 14 high, 1 critical) in 5815 scanned packages 4.x with this PR: found 32 vulnerabilities (17 low, 1 moderate, 13 high, 1 critical) in 5829 scanned packages ```
closes handlebars-lang#1658 - adapted code from master to latest yargs (`.option` calls). ``` 4.x: found 188 vulnerabilities (169 low, 4 moderate, 14 high, 1 critical) in 5815 scanned packages 4.x with this PR: found 32 vulnerabilities (17 low, 1 moderate, 13 high, 1 critical) in 5829 scanned packages ```
closes handlebars-lang#1658 - adapted code from master to latest yargs (`.option` calls). ``` 4.x: found 188 vulnerabilities (169 low, 4 moderate, 14 high, 1 critical) in 5815 scanned packages 4.x with this PR: found 32 vulnerabilities (17 low, 1 moderate, 13 high, 1 critical) in 5829 scanned packages ```
Released in 4.7.4 |
Before filing issues, please check the following points first:
We are using the latest
handlebars 4.7.3
, but we noticed that one of the dependenciesoptimist
is deprecated. There is a ticket to switch toyargs
instead (#1179) and it was closed with the merged PR (#1180). However, the merged PR is not in 4.x release yet. Please fix this in 4.x release.The text was updated successfully, but these errors were encountered: