[Bug 39151] New: xt/verify-yarnlock.t creates a lot of warnings
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=39151 Bug ID: 39151 Summary: xt/verify-yarnlock.t creates a lot of warnings Change sponsored?: --- Product: Koha Version: Main Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 - low Component: Test Suite Assignee: chris@bigballofwax.co.nz Reporter: katrin.fischer@bsz-bw.de QA Contact: testopia@bugs.koha-community.org Depends on: 38664 xt/verify-yarnlock.t ............. warning "@babel/code-frame##js-tokens@^4.0.0" could be deduped from "4.0.0" to "js-tokens@4.0.0" warning "@babel/code-frame##picocolors@^1.0.0" could be deduped from "1.0.0" to "picocolors@1.0.0" warning "@babel/parser##@babel/types@^7.26.8" could be deduped from "7.26.8" to "@babel/types@7.26.8" warning "@jridgewell/gen-mapping##@jridgewell/set-array@^1.2.1" could be deduped from "1.2.1" to "@jridgewell/set-array@1.2.1" warning "@jridgewell/gen-mapping##@jridgewell/sourcemap-codec@^1.4.10" could be deduped from "1.4.14" to "@jridgewell/sourcemap-codec@1.4.14" warning "@jridgewell/gen-mapping##@jridgewell/trace-mapping@^0.3.24" could be deduped from "0.3.25" to "@jridgewell/trace-mapping@0.3.25" warning "@jridgewell/trace-mapping##@jridgewell/resolve-uri@^3.1.0" could be deduped from "3.1.2" to "@jridgewell/resolve-uri@3.1.2" warning "@types/express##@types/body-parser@*" could be deduped from "1.19.2" to "@types/body-parser@1.19.2" warning "@types/express##@types/express-serve-static-core@^4.17.18" could be deduped from "4.17.31" to "@types/express-serve-static-core@4.17.31" warning "@types/express##@types/qs@*" could be deduped from "6.9.7" to "@types/qs@6.9.7" warning "@types/express##@types/serve-static@*" could be deduped from "1.15.0" to "@types/serve-static@1.15.0" warning "@types/express-serve-static-core##@types/node@*" could be deduped from "18.11.2" to "@types/node@18.11.2" warning "@types/express-serve-static-core##@types/qs@*" could be deduped from "6.9.7" to "@types/qs@6.9.7" warning "@types/express-serve-static-core##@types/range-parser@*" could be deduped from "1.2.4" to "@types/range-parser@1.2.4" warning "@types/serve-static##@types/mime@*" could be deduped from "3.0.1" to "@types/mime@3.0.1" warning "@types/serve-static##@types/node@*" could be deduped from "18.11.2" to "@types/node@18.11.2" warning "ajv##fast-deep-equal@^3.1.1" could be deduped from "3.1.3" to "fast-deep-equal@3.1.3" warning "ajv##fast-json-stable-stringify@^2.0.0" could be deduped from "2.1.0" to "fast-json-stable-stringify@2.1.0" ... Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=38664 [Bug 38664] Tidy the whole codebase -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=39151 Jonathan Druart <jonathan.druart@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED CC| |jonathan.druart@gmail.com Resolution|--- |MOVED --- Comment #1 from Jonathan Druart <jonathan.druart@gmail.com> --- This is reported already. https://gitlab.com/koha-community/prettier-plugin-template-toolkit/-/issues/... -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=39151 Jonathan Druart <jonathan.druart@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|MOVED |--- Status|RESOLVED |REOPENED --- Comment #2 from Jonathan Druart <jonathan.druart@gmail.com> --- (In reply to Jonathan Druart from comment #1)
This is reported already.
https://gitlab.com/koha-community/prettier-plugin-template-toolkit/-/issues/...
Sorry, those are different. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=39151 Jonathan Druart <jonathan.druart@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|REOPENED |NEW -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=39151 --- Comment #3 from Jonathan Druart <jonathan.druart@gmail.com> --- I have found https://github.com/yarnpkg/yarn/issues/7568 That points to https://stackoverflow.com/questions/41789887/dont-understand-yarn-check-warn... Which suggests to remove yarn.lock and try again. It works (ie. yarn check does not show the "dedupe" warnings) but the yarn install show other warnings: root@kohadevbox:koha$ yarn install --modules-folder /kohadevbox/node_modules yarn install v1.22.22 info No lockfile found. [1/4] Resolving packages... warning @redocly/cli > glob@7.2.3: Glob versions prior to v9 are no longer supported warning @redocly/cli > glob > inflight@1.0.6: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful. warning cypress > @cypress/request > qs@6.10.5: when using stringify with arrayFormat comma, `[]` is appended on single-item arrays. Upgrade to v6.11.0 or downgrade to v6.10.4 to fix. warning gulp > glob-watcher > chokidar > fsevents@1.2.13: Upgrade to fsevents v2 to mitigate potential security issues warning gulp > vinyl-fs > glob-stream > glob@7.2.3: Glob versions prior to v9 are no longer supported warning gulp > glob-watcher > chokidar > braces > snapdragon > source-map-resolve@0.5.3: See https://github.com/lydell/source-map-resolve#deprecated warning gulp > vinyl-fs > glob-stream > unique-stream > through2-filter@3.1.0: this package has been deprecated for breaking semver major warning gulp > glob-watcher > chokidar > braces > snapdragon > source-map-resolve > resolve-url@0.2.1: https://github.com/lydell/resolve-url#deprecated warning gulp > glob-watcher > chokidar > braces > snapdragon > source-map-resolve > source-map-url@0.4.1: See https://github.com/lydell/source-map-url#deprecated warning gulp > glob-watcher > chokidar > braces > snapdragon > source-map-resolve > urix@0.1.0: Please see https://github.com/lydell/urix#deprecated warning gulp-autoprefixer > autoprefixer > browserslist@2.11.3: Browserslist 2 could fail on reading Browserslist >3.0 config used in other tools. warning gulp-exec > lodash.template@4.5.0: This package is deprecated. Use https://socket.dev/npm/package/eta instead. warning gulp-sourcemaps > css > source-map-resolve@0.5.3: See https://github.com/lydell/source-map-resolve#deprecated warning gulp-sourcemaps > css > urix@0.1.0: Please see https://github.com/lydell/urix#deprecated warning @koha-community/prettier-plugin-template-toolkit > glob@7.2.3: Glob versions prior to v9 are no longer supported warning @koha-community/prettier-plugin-template-toolkit > inflight@1.0.6: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful. warning @koha-community/prettier-plugin-template-toolkit > jest-config > glob@7.2.3: Glob versions prior to v9 are no longer supported warning @koha-community/prettier-plugin-template-toolkit > jest-runtime > glob@7.2.3: Glob versions prior to v9 are no longer supported warning @koha-community/prettier-plugin-template-toolkit > test-exclude > glob@7.2.3: Glob versions prior to v9 are no longer supported warning @koha-community/prettier-plugin-template-toolkit > jest-cli > @jest/core > @jest/reporters > glob@7.2.3: Glob versions prior to v9 are no longer supported warning browserify > glob@7.2.3: Glob versions prior to v9 are no longer supported warning clean-webpack-plugin > del > rimraf@2.7.1: Rimraf versions prior to v4 are no longer supported warning clean-webpack-plugin > del > rimraf > glob@7.2.3: Glob versions prior to v9 are no longer supported warning clean-webpack-plugin > del > globby > glob@7.2.3: Glob versions prior to v9 are no longer supported warning stylelint > file-entry-cache > flat-cache > rimraf@3.0.2: Rimraf versions prior to v4 are no longer supported warning stylelint > file-entry-cache > flat-cache > rimraf > glob@7.2.3: Glob versions prior to v9 are no longer supported warning swagger-cli > @apidevtools/swagger-cli@4.0.4: This package has been abandoned. Please switch to using the actively maintained @redocly/cli warning webpack-dev-server > rimraf@3.0.2: Rimraf versions prior to v4 are no longer supported warning webpack-dev-server > webpack-dev-middleware > memfs@3.6.0: this will be v4 [2/4] Fetching packages... [3/4] Linking dependencies... warning "@redocly/cli > @redocly/respect-core > better-ajv-errors@1.2.0" has unmet peer dependency "ajv@4.11.8 - 8". warning " > datatables.net-vue3@2.1.3" has unmet peer dependency "datatables.net@^1.13.1". warning " > datatables.net-vue3@2.1.3" has unmet peer dependency "jquery@^3.6.0". warning "swagger-cli > @apidevtools/swagger-cli > @apidevtools/swagger-parser@10.1.1" has unmet peer dependency "openapi-types@>=7". [4/4] Building fresh packages... success Saved lockfile. Done in 60.82s. I don't think this is caused by bug 38664. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=39151 Jonathan Druart <jonathan.druart@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |paul.derscheid@lmscloud.de -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=39151 --- Comment #4 from Katrin Fischer <katrin.fischer@bsz-bw.de> --- Should we remove dependency? And is there something I can do on my end? -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=39151 --- Comment #5 from Paul Derscheid <paul.derscheid@lmscloud.de> --- Newer: I found that usage of `yarn check` is discouraged and has better alternatives. Might be worth a try. https://classic.yarnpkg.com/lang/en/docs/cli/check/ I think the below still applies, though: Wrote this first: Can we formalize this a bit more? We need to regularly update npm packages when they become outdated and should then rebuild the lockfile and run CI on it. For the warnings generated in comment #3, this can't really be avoided. A lot of the libraries we use, use outdated dependencies and there's really nothing we can do about that except to hope for upstream dependency updates. We could also fix the warnings about missing peer dependencies by moving the packages which are currently untracked by package.json into node_modules if applicable and silence warnings (but maybe not a good idea) about peer-dependencies that we don't use and therefore don't want. But then we'd need to update a lot of things, not sure whether this is going to resonate well right now :D But I think w/ Vue and so on, we should really put a process for managing js dependencies in place, or rather formalize and improve the process we currently have. --- Just another example, yesterday I looked into the changelog for rspack and noticed that there were some very nice improvements regarding bundle size and bundling speed. I then wondered what the best way to introduce that singular dependency update on bz was. And I nor anyone else should have to wonder about that. No criticism, just an observation :) -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=39151 Bug 39151 depends on bug 38664, which changed state. Bug 38664 Summary: Tidy the whole codebase https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=38664 What |Removed |Added ---------------------------------------------------------------------------- Status|Needs documenting |RESOLVED Resolution|--- |FIXED -- You are receiving this mail because: You are watching all bug changes.
participants (1)
-
bugzilla-daemon@bugs.koha-community.org