Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Clean up peer dependency warnings and latest audit #148

Merged
merged 6 commits into from
Jun 27, 2022
Merged

Clean up peer dependency warnings and latest audit #148

merged 6 commits into from
Jun 27, 2022

Conversation

CobyPear
Copy link
Member

@CobyPear CobyPear commented Jun 17, 2022
edited
Loading

What changes were made?

Our audit script has been failing since the override that was being added does not exist. Until dicer or Gatsby which is the only of dicer that we have we will continue using 0.2.5. See mscdex/dicer#22 for more info on the dicer update.

Other changes made:

  • Removed peer dependencies from any package.json that had them and added any necessary dependencies as suggested by pnpm
  • Ignored any peer dependencies not needed. There is one warning remaining that I could not figure out how to ignore.
  • Pin react & react-dom to 17.0.2 until we decide to upgrade to v18
  • Fix Rollup warnings on build of the packages
  • Add some overrides from pnpm audit --fix that were not being applied in CI due to the dicer version

Where were the changes made?

pretty much everywhere, but there should be no breaking changes from this.

How have the changes been tested?

Tested every starter locally.
Tested every package locally.

Additional information

This should lead to less scary output from the terminal when setting up the monorepo for the first time.
Note: Keep an eye on dicer and update the override when the new version is released. Our CI script may do this for us, but since we already have an override I'm not certian.

Also there are some deprecated packages still in use, most of them by our docs aka web workspace, but there are some coming from gatsby which I would love to fix at some point!
Don't forget to add a changeset if needed!

@CobyPear
Resolve rollup warnings on package build
adc4012
@CobyPear
Clean up peer dependency warnings
7f39447 
- Add relevant peer dependencies
- Ignore irrelevant peer dependency warnings
- Add pnpm audit --fix manually to fix failing CI since
there is not yet a new version for dicer, use the current version.
- Clean up tailwind warnings from gatsby-wordpress-starter
@CobyPear
Merge branch 'canary' of github.com:CobyPear/decoupled-kit-js into de…
ec24a84 
…pendency-management
@CobyPear CobyPear added security dependencies Dependency management labels Jun 17, 2022
@changeset-bot
Copy link

changeset-bot bot commented Jun 17, 2022
edited
Loading

⚠️ No Changeset found

Latest commit: 7956842

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@CobyPear CobyPear marked this pull request as draft June 18, 2022 13:04
@CobyPear CobyPear marked this pull request as ready for review June 27, 2022 13:00
@backlineint backlineint merged commit 8e2da74 into pantheon-systems:canary Jun 27, 2022
@CobyPear CobyPear deleted the dependency-management branch June 27, 2022 14:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@backlineint backlineint backlineint approved these changes

Assignees
No one assigned
Labels
dependencies Dependency management security
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@CobyPear @backlineint