Opened 5 years ago
Closed 5 years ago
#46039 closed task (blessed) (fixed)
Update package.json
| Reported by: |
|
Owned by: |
|
|---|---|---|---|
| Milestone: | 5.1 | Priority: | normal |
| Severity: | normal | Version: | 5.1 |
| Component: | Build/Test Tools | Keywords: | has-patch |
| Focuses: | Cc: |
Description
While working on #45645 had to (re)generate package.json and package-lock.json (on a Mac) and noticed quite a few packages and dependencies were updated. Also a lot of "optional": true, were added.
Not sure how critical that may be but would probably be better to use the newer packages.
Attachments (3)
Change History (12)
#2
@
5 years ago
https://github.com/WordPress/gutenberg/blob/master/packages/element/package.json#L27-L28
Gutenberg is still on React 16.6.x - it's probably fine to bump to 16.7, however it wasn't tested this way. I would suggest staying at whatever is in the lock file of g-master branch. I can double check tomorrow.
#3
@
5 years ago
- Keywords has-patch added
- Type changed from defect (bug) to task (blessed)
- Version set to trunk
I am going to make this a task so that it can be explored after beta 2. I agree that package versions should stay in sync with those upstream in Gutenberg, though.
#4
@
5 years ago
In general, we should stop using ranges for dependencies listed in the main package.json file to limit the number of packages updated in the lock file whenever any change gets applied. This should bring more stability to the whole process.
We should also closely align with Gutenberg for vendor packages which are provided in PHP files. See:
https://github.com/WordPress/gutenberg/blob/master/lib/client-assets.php#L586-L633
All the versions used there should match in WordPress core:
- @babel/polyfill
- lodash
- moment
- react
- reac-dom
and other polyfills
This ticket was mentioned in Slack in #core-js by desrosj. View the logs.
5 years ago
#6
@
5 years ago
Running npm outdated after running npm install on a fresh checkout of master:
Running npm outdated after running npm update:
This brings most things up-to-date without a significant risk of breakage.
I didn't scan through every single package.json file in every package in the Gutenberg repo, but with some spot checking, I think the versions we end up with on update match what Gutenberg is expecting.
Does anyone see something that shouldn't be updated? Or that wasn't updated and should be?
#7
@
5 years ago
Sorry, just realized that the reason I didn't see a specific React version in the Gutenberg package-lock.json file is because the entire file can't be loaded in the browser on GitHub. Closer inspection does reveal that we are at exactly version 16.6.3 of React. Updated patch to come shortly with closer cross-checking of package-lock.json file on my local instead of in the browser. ;)
@
5 years ago
Explicitly match versions to what is in Gutenberg package-lock.json file. Note: Gutenberg is on underscore version 1.4.4 whereas WordPress is already running version 1.8.3. Also, whatwg-fetch in Gutenberg is at version 2.0.4 and WordPress is already running version 3.0.0. The version for moment in the package.json file appears to be downgraded, but it brings it in sync with the existing version already installed in both WordPress and Gutenberg.
In 46039.diff: updated (auto-generated) package.json and package-lock.json.