WordPress.org

Make WordPress Core

Opened 10 months ago

Closed 9 months ago

#46039 closed task (blessed) (fixed)

Update package.json

Reported by: azaozz Owned by: pento
Milestone: 5.1 Priority: normal
Severity: normal Version: 5.1
Component: Build/Test Tools Keywords: has-patch
Focuses: Cc:
PR Number:

Description

While working on #45645 had to (re)generate package.json and package-lock.json (on a Mac) and noticed quite a few packages and dependencies were updated. Also a lot of "optional": true, were added.

Not sure how critical that may be but would probably be better to use the newer packages.

Attachments (3)

46039.diff (146.2 KB) - added by azaozz 10 months ago.
46039.1.diff (144.9 KB) - added by wpscholar 9 months ago.
Ran npm update. Sets specific versions in package.json file.
46039.2.diff (151.9 KB) - added by wpscholar 9 months ago.
Explicitly match versions to what is in Gutenberg package-lock.json file. Note: Gutenberg is on underscore version 1.4.4 whereas WordPress is already running version 1.8.3. Also, whatwg-fetch in Gutenberg is at version 2.0.4 and WordPress is already running version 3.0.0. The version for moment in the package.json file appears to be downgraded, but it brings it in sync with the existing version already installed in both WordPress and Gutenberg.

Download all attachments as: .zip

Change History (12)

@azaozz
10 months ago

#1 @azaozz
10 months ago

In 46039.diff: updated (auto-generated) package.json and package-lock.json.

#2 @gziolo
10 months ago

https://github.com/WordPress/gutenberg/blob/master/packages/element/package.json#L27-L28

Gutenberg is still on React 16.6.x - it's probably fine to bump to 16.7, however it wasn't tested this way. I would suggest staying at whatever is in the lock file of g-master branch. I can double check tomorrow.

#3 @desrosj
10 months ago

  • Keywords has-patch added
  • Type changed from defect (bug) to task (blessed)
  • Version set to trunk

I am going to make this a task so that it can be explored after beta 2. I agree that package versions should stay in sync with those upstream in Gutenberg, though.

#4 @gziolo
10 months ago

In general, we should stop using ranges for dependencies listed in the main package.json file to limit the number of packages updated in the lock file whenever any change gets applied. This should bring more stability to the whole process.

We should also closely align with Gutenberg for vendor packages which are provided in PHP files. See:

https://github.com/WordPress/gutenberg/blob/master/lib/client-assets.php#L586-L633

All the versions used there should match in WordPress core:

  • @babel/polyfill
  • lodash
  • moment
  • react
  • reac-dom

and other polyfills

This ticket was mentioned in Slack in #core-js by desrosj. View the logs.


10 months ago

#6 @wpscholar
9 months ago

Running npm outdated after running npm install on a fresh checkout of master:

https://i.ibb.co/yWPYrtb/before.png

Running npm outdated after running npm update:

https://i.ibb.co/m5cfyH6/after.png

This brings most things up-to-date without a significant risk of breakage.

I didn't scan through every single package.json file in every package in the Gutenberg repo, but with some spot checking, I think the versions we end up with on update match what Gutenberg is expecting.

Does anyone see something that shouldn't be updated? Or that wasn't updated and should be?

Last edited 9 months ago by wpscholar (previous) (diff)

@wpscholar
9 months ago

Ran npm update. Sets specific versions in package.json file.

#7 @wpscholar
9 months ago

Sorry, just realized that the reason I didn't see a specific React version in the Gutenberg package-lock.json file is because the entire file can't be loaded in the browser on GitHub. Closer inspection does reveal that we are at exactly version 16.6.3 of React. Updated patch to come shortly with closer cross-checking of package-lock.json file on my local instead of in the browser. ;)

@wpscholar
9 months ago

Explicitly match versions to what is in Gutenberg package-lock.json file. Note: Gutenberg is on underscore version 1.4.4 whereas WordPress is already running version 1.8.3. Also, whatwg-fetch in Gutenberg is at version 2.0.4 and WordPress is already running version 3.0.0. The version for moment in the package.json file appears to be downgraded, but it brings it in sync with the existing version already installed in both WordPress and Gutenberg.

#8 @pento
9 months ago

  • Owner set to pento
  • Status changed from new to assigned

#9 @pento
9 months ago

  • Resolution set to fixed
  • Status changed from assigned to closed

In 44728:

Build: Update package.json dependencies to match Gutenberg.

Props wpscholar, azaozz, gziolo.
Fixes #46039.

Note: See TracTickets for help on using tickets.