Contrib.social

Update all JavaScript dependencies which cause no changes

Open on Drupal.org β†’
Created on 11 December 2024, 11 days ago

Problem/Motivation

? Pick the packages you want to upgrade.          Current          Range            Latest

   @floating-ui/dom ---------------------------- β—― ^1.6.8 ------- β—‰ ^1.6.12 ------
   chokidar ------------------------------------ β—― ^3.6.0 -------                  β—‰ ^4.0.1 -------
   cspell -------------------------------------- β—‰ ^8.16.0 ------ β—― ^8.16.1 ------
   dotenv -------------------------------------- β—― ^16.4.5 ------ β—‰ ^16.4.7 ------
   eslint-plugin-import ------------------------ β—― ^2.29.1 ------ β—‰ ^2.31.0 ------
   eslint-plugin-no-jquery --------------------- β—― ^3.0.2 ------- β—‰ ^3.1.0 -------
   eslint-plugin-yml --------------------------- β—― ^1.14.0 ------ β—‰ ^1.16.0 ------
   eslint -------------------------------------- β—― ^8.57.0 ------ β—‰ ^8.57.1 ------ β—― ^9.16.0 ------
   jquery-ui ----------------------------------- β—― ^1.14.0 ------ β—‰ ^1.14.1 ------
   jquery -------------------------------------- β—‰ ^4.0.0-beta.2                   β—― ^3.7.1 -------
   jsdom --------------------------------------- β—― ^24.1.1 ------ β—― ^24.1.3 ------ β—‰ ^25.0.1 ------
   nightwatch ---------------------------------- β—― ^3.7.0 ------- β—‰ ^3.9.0 -------
   postcss-preset-env -------------------------- β—‰ ^9.6.0 -------                  β—― ^10.1.1 ------
   postcss ------------------------------------- β—‰ ^8.4.40 ------ β—― ^8.4.49 ------
   prettier ------------------------------------ β—― ^3.3.3 ------- β—‰ ^3.4.2 -------
   sortablejs ---------------------------------- β—― ^1.15.2 ------ β—‰ ^1.15.6 ------
   stylelint ----------------------------------- β—― ^16.10.0 ----- β—‰ ^16.11.0 -----
   terser -------------------------------------- β—― ^5.31.3 ------ β—‰ ^5.37.0 ------
   tua-body-scroll-lock ------------------------ β—― ^1.5.0 ------- β—‰ ^1.5.3 -------
 > webpack ------------------------------------- β—― ^5.96.1 ------ β—‰ ^5.97.1 ------

@longwave confirmed it's okay (in this specific case) to bundle all JavaScript dependencies that don't have the above changes in a single issue.
This is very welcome, because it means a lot can be done in one issue and basically every extra issue about JavaScript dependencies ends up in reroll-limbo if any of the other JavaScript dependencies gets committed.

Steps to reproduce

Proposed resolution

Remaining tasks

User interface changes

Introduced terminology

API changes

Data model changes

Release notes snippet

πŸ“Œ Task
Status

Active

Version

11.0 πŸ”₯

Component

javascript

Created by

πŸ‡³πŸ‡±Netherlands spokje

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Merge Requests

Comments & Activities

  • Issue created by @spokje
  • Comment 11 days ago β†’
    πŸ‡³πŸ‡±Netherlands spokje
  • Comment 11 days ago β†’
    πŸ‡³πŸ‡±Netherlands spokje
  • Comment 11 days ago β†’
    πŸ‡³πŸ‡±Netherlands spokje
  • Merge request !10521Resolve #3493146 "Update all javascript" β†’ (Closed) created by spokje
  • Pipeline finished with Success
    11 days ago
    Total: 642s
    #365341
  • Comment 11 days ago β†’
    πŸ‡³πŸ‡±Netherlands spokje
  • Comment 11 days ago β†’
    πŸ‡³πŸ‡ΏNew Zealand quietone

    The cspell issue was committed so this needs some work.

  • Comment 11 days ago β†’
    πŸ‡³πŸ‡±Netherlands spokje

    spokje β†’ changed the visibility of the branch 11.x to hidden.

  • Pipeline finished with Success
    11 days ago
    Total: 748s
    #365495
  • Comment 11 days ago β†’
    πŸ‡³πŸ‡±Netherlands spokje

    Rebased

  • Comment 10 days ago β†’
    πŸ‡ΊπŸ‡ΈUnited States smustgrave

    Applied locally for about 20 minutes while doing other stuff and nothing seemed off. Wasn't sure how else to test.

    LGTM

  • Comment 8 days ago β†’
    System Message
    • catch β†’ committed 8646c5fe on 11.1.x 
      Issue #3493146 by spokje, smustgrave: Update all JavaScript dependencies...
  • Comment 8 days ago β†’
    System Message
    • catch β†’ committed 0c91bf7e on 11.x 
      Issue #3493146 by spokje, smustgrave: Update all JavaScript dependencies...
  • Comment 8 days ago β†’
    πŸ‡¬πŸ‡§United Kingdom catch

    Committed/pushed to 11.x and cherry-picked to 11.1.x, thanks!

    Should do the equivalent update for 10.5.x/10.4.x so moving there for 'backport'

  • Merge request !1055210.5.x β†’ (Open) created by spokje
  • Comment 8 days ago β†’
    πŸ‡³πŸ‡±Netherlands spokje

    TBH I've ran out of steam for fancy diffs and linking issues for stuff that can't be done.

    Instead here's the before:

    $ yarn outdated
yarn outdated v1.22.22
info Color legend :
 "<red>"    : Major Update backward-incompatible updates
 "<yellow>" : Minor Update backward-compatible features
 "<green>"  : Patch Update backward-compatible bug fixes
Package                 Current Wanted Latest Package Type           URL
@floating-ui/dom        1.6.5   1.6.12 1.6.12 devDependencies        https://floating-ui.com
chokidar                3.6.0   3.6.0  4.0.1  devDependencies        https://github.com/paulmillr/chokidar
dotenv                  16.4.5  16.4.7 16.4.7 devDependencies        https://github.com/motdotla/dotenv#readme
eslint                  8.57.0  8.57.1 9.17.0 devDependencies        https://eslint.org
eslint-plugin-import    2.29.1  2.31.0 2.31.0 devDependencies        https://github.com/import-js/eslint-plugin-import
eslint-plugin-no-jquery 3.0.2   3.1.0  3.1.0  devDependencies        https://github.com/wikimedia/eslint-plugin-no-jquery#readme
eslint-plugin-prettier  5.1.3   5.2.1  5.2.1  devDependencies        https://github.com/prettier/eslint-plugin-prettier#readme
eslint-plugin-yml       1.14.0  1.16.0 1.16.0 devDependencies        https://ota-meshi.github.io/eslint-plugin-yml/
glob                    10.3.5  10.3.5 11.0.0 devDependencies        https://github.com/isaacs/node-glob#readme
jackspeak               2.1.1   2.1.1  4.0.2  resolutionDependencies https://github.com/isaacs/jackspeak#readme
jquery-ui               1.14.0  1.14.1 1.14.1 devDependencies        https://jqueryui.com
jsdom                   24.0.0  24.1.3 25.0.1 devDependencies        https://github.com/jsdom/jsdom#readme
nightwatch              2.4.2   2.4.2  3.9.0  devDependencies        https://nightwatchjs.org
postcss                 8.4.38  8.4.49 8.4.49 devDependencies        https://postcss.org/
postcss-preset-env      9.5.11  9.6.0  10.1.2 devDependencies        https://github.com/csstools/postcss-plugins/tree/main/plugin-packs/postcss-preset-env#readme
prettier                3.2.5   3.4.2  3.4.2  devDependencies        https://prettier.io
semver                  7.5.4   7.5.4  7.6.3  resolutionDependencies https://github.com/npm/node-semver#readme
shepherd.js             10.0.1  10.0.1 14.3.0 devDependencies        https://shepherdjs.dev
sortablejs              1.15.2  1.15.6 1.15.6 devDependencies        https://github.com/SortableJS/Sortable#readme
terser                  5.31.0  5.37.0 5.37.0 devDependencies        https://terser.org
terser-webpack-plugin   5.3.10  5.3.11 5.3.11 devDependencies        https://github.com/webpack-contrib/terser-webpack-plugin
tua-body-scroll-lock    1.5.0   1.5.3  1.5.3  devDependencies        https://github.com/tuax/tua-body-scroll-lock#readme
underscore              1.13.6  1.13.7 1.13.7 devDependencies        https://underscorejs.org
webpack                 5.96.1  5.97.1 5.97.1 devDependencies        https://github.com/webpack/webpack
  • Pipeline finished with Failed
    8 days ago
    Total: 530s
    #368343
  • Comment 8 days ago β†’
    πŸ‡³πŸ‡±Netherlands spokje

    After:

    $ yarn outdated --no-links
yarn outdated v1.22.22
info Color legend :
 "<red>"    : Major Update backward-incompatible updates
 "<yellow>" : Minor Update backward-compatible features
 "<green>"  : Patch Update backward-compatible bug fixes
Package            Current Wanted Latest Package Type          
eslint             8.57.0  8.57.1 9.17.0 devDependencies       
glob               10.3.5  10.3.5 11.0.0 devDependencies       
jackspeak          2.1.1   2.1.1  4.0.2  resolutionDependencies
nightwatch         2.4.2   2.4.2  3.9.0  devDependencies       
postcss            8.4.38  8.4.49 8.4.49 devDependencies       
postcss-preset-env 9.5.11  9.6.0  10.1.2 devDependencies       
semver             7.5.4   7.5.4  7.6.3  resolutionDependencies
shepherd.js        10.0.1  10.0.1 14.3.0 devDependencies
  • Comment 8 days ago β†’
    System Message
  • Pipeline finished with Success
    8 days ago
    Total: 583s
    #368355
  • Comment 8 days ago β†’
    πŸ‡³πŸ‡±Netherlands spokje
  • Comment 8 days ago β†’
    πŸ‡¬πŸ‡§United Kingdom catch

    commit-code-check.sh wasn't happy, yarn check -s gave me this:

    warning "backbone#underscore@>=1.8.3" could be deduped from "1.13.7" to "underscore@1.13.7"
warning Resolution field "ejs@3.1.10" is incompatible with requested version "nightwatch#ejs@3.1.8"
warning Resolution field "nightwatch#semver@7.5.4" is incompatible with requested version "nightwatch#semver@7.3.5"
warning "stylelint#debug@^4.3.7" could be deduped from "4.4.0" to "debug@4.4.0"
warning "eslint#@humanwhocodes/config-array#debug@^4.3.1" could be deduped from "4.4.0" to "debug@4.4.0"
error "espree#acorn" not installed
error "espree#acorn-jsx" not installed
error Found 3 errors.

    Not sure if it's something up with my local or a problem with the MR.

  • Comment 8 days ago β†’
    πŸ‡³πŸ‡±Netherlands spokje

    No clue either, but I'm officially calling it quits on trying to update any JS dependency.
    It's far too tedious with rerolls, canary-in-coal-mine for broken HEADs and multiple branches.

    I think we should put time in researching something like Renovate or whatever shiny stuff works on GitLab these days.
    IMHO it shouldn't take the roughly 10-15hrs I've spent this time around.

    This is by no means a rant against core committers, who can somehow juggle multiple branches almost perfectly, but for mere mortals like me, this is _very_ frustrating and something that looks like it can be achieved with automation far easier than a/this human banging its forehead on a keyboard :)

  • Comment 8 days ago β†’
    πŸ‡³πŸ‡±Netherlands spokje

    NW is probably the status for this now.

  • Comment 5 days ago β†’
    πŸ‡³πŸ‡ΏNew Zealand quietone

    There is an open issue about dedupe, https://github.com/yarnpkg/yarn/issues/7568. Someone solved that by deleting the lock file and then 'yarn install'.

    Locally, that worked for the dedupe errors. Still to do is the resolution one.

  • Comment 5 days ago β†’
    πŸ‡«πŸ‡·France nod_ Lille
  • Comment 5 days ago β†’
    πŸ‡«πŸ‡·France nod_ Lille

    So in 11.x and yarn 2 we don't check dependencies because the command doesn't exists. From the docs:

    NOTE: The command yarn check has been historically buggy and undermaintained and, as such, has been deprecated and will be removed in Yarn 2.0. You should use yarn install --check-files instead.

    The --check-files option doesn't exist anymore.

    the deduping doesn't impact our vendored deps so I'd be inclined to just ignore it and remove the check. i'll try to fix it later today but might just remove that

  • Comment 5 days ago β†’
    πŸ‡³πŸ‡ΏNew Zealand quietone

    And what about the two 'resolution' warning?

    warning Resolution field "ejs@3.1.10" is incompatible with requested version "nightwatch#ejs@3.1.8"
warning Resolution field "nightwatch#semver@7.5.4" is incompatible with requested version "nightwatch#semver@7.3.5"
  • Comment 5 days ago β†’
    πŸ‡¬πŸ‡§United Kingdom catch

    I think we can ignore the warnings, they might be pre-existing. Should open a follow up to try to clean this up though.

  • Comment 5 days ago β†’
    πŸ‡ΊπŸ‡ΈUnited States xjm

    FWIW I got the Nightwatch warning in #25 on HEAD when I was prepping for the live commit at Singapore. Asked @larowlan about it and he suggested ignoring that at the time.

  • Comment 5 days ago β†’
    πŸ‡ΊπŸ‡ΈUnited States xjm
  • Comment 5 days ago β†’
    πŸ‡ΊπŸ‡ΈUnited States xjm

    Tagging for the Nightwatch warning followup and adding it to the IS.

  • First commit to issue fork.
  • Comment 4 days ago β†’
    πŸ‡¬πŸ‡§United Kingdom longwave UK

    I think the warnings are safe to ignore.

    I fixed the errors by removing the two sets of acorn data from yarn.lock and rerunning yarn install which has deduplicated them correctly and yarn check now has warnings but no errors:

    $ yarn check -s
warning "backbone#underscore@>=1.8.3" could be deduped from "1.13.7" to "underscore@1.13.7"
warning Resolution field "ejs@3.1.10" is incompatible with requested version "nightwatch#ejs@3.1.8"
warning Resolution field "nightwatch#semver@7.5.4" is incompatible with requested version "nightwatch#semver@7.3.5"
warning "stylelint#debug@^4.3.7" could be deduped from "4.4.0" to "debug@4.4.0"
warning "eslint#@humanwhocodes/config-array#debug@^4.3.1" could be deduped from "4.4.0" to "debug@4.4.0"

    I can further fix the debug and underscore warnings by removing those from the lockfile and running yarn install again. This just leaves:

    $ yarn check -s
warning Resolution field "ejs@3.1.10" is incompatible with requested version "nightwatch#ejs@3.1.8"
warning Resolution field "nightwatch#semver@7.5.4" is incompatible with requested version "nightwatch#semver@7.3.5"
  • Pipeline finished with Success
    4 days ago
    Total: 857s
    #371437
  • Comment 4 days ago β†’
    πŸ‡¬πŸ‡§United Kingdom catch

    That makes sense with the Nightwatch mis-match, good to narrow everything down. Let's get this in.

  • Comment 4 days ago β†’
    System Message
    • nod_ β†’ committed 70106c6d on 10.4.x 
      Issue #3493146 by spokje, longwave, catch, quietone, smustgrave: Update...
  • Comment 4 days ago β†’
    System Message
    • nod_ β†’ committed fa78bb36 on 10.5.x 
      Issue #3493146 by spokje, longwave, catch, quietone, smustgrave: Update...
  • Comment 4 days ago β†’
    πŸ‡«πŸ‡·France nod_ Lille
contrib.social Blog FAQ Discussions
Production build 0.71.5 2024