Make WordPress Core

Opened 11 months ago

Closed 8 months ago

Last modified 7 months ago

#58863 closed task (blessed) (fixed)

Update/Audit NPM Dependencies for 6.4

Reported by: desrosj's profile desrosj Owned by: desrosj's profile desrosj
Milestone: 6.4 Priority: normal
Severity: normal Version:
Component: Build/Test Tools Keywords: has-patch
Focuses: Cc:

Description

Previously:

Attachments (2)

58863.diff (385 bytes) - added by Hareesh Pillai 11 months ago.
cssnano updated
58863.2.diff (3.0 KB) - added by rajinsharwar 10 months ago.
Updating framer-motion and @emotion/is-prop-valid

Download all attachments as: .zip

Change History (17)

#1 @desrosj
11 months ago

  • Type changed from defect (bug) to task (blessed)

To carry over a few unaddressed items from #57657:

This pull request updates a few dependencies, but some overlap preexisting tickets such as #56731 for imagesloaded.

cssnano is also out of date, and several updates are blocked by raising the minimum version of NodeJS to >= 16.0. This will be addressed in #56658.

Props to @tanjimtc71 and @hareesh-pillai for calling these out.

Last edited 11 months ago by Hareesh Pillai (previous) (diff)

@Hareesh Pillai
11 months ago

cssnano updated

@rajinsharwar
10 months ago

Updating framer-motion and @emotion/is-prop-valid

#3 @desrosj
10 months ago

In 56390:

Build/Test Tools: Update all build tool related dependencies.

This updates the following dependencies to their latest versions:

  • chalk
  • cssnano
  • dotenv
  • grunt-contrib-cssmin
  • grunt-contrib-qunit
  • grunt-webpack
  • jest-image-snapshot
  • postcss
  • sass
  • sinon
  • webpack

Additionally, npm audit fix has been run to automatically fix as many issues as possible.

See #58863.

#4 @desrosj
9 months ago

In 56533:

Bundled Themes: Update npm dependencies for Twenty Nineteen and Twenty Twenty.

This updates the npm dependencies for Twenty Nineteen and Twenty Twenty to their latest versions. This also includes the results of running npm audit fix.

There are no changes in any built files as a result.

See #58863.

This ticket was mentioned in PR #5264 on WordPress/wordpress-develop by @desrosj.


8 months ago
#5

  • Keywords has-patch added

This includes Webpack and React related updates to accompany WordPress/Gutenberg#54657.

Trac ticket: https://core.trac.wordpress.org/ticket/58863

#6 @desrosj
8 months ago

  • Owner set to desrosj
  • Resolution set to fixed
  • Status changed from new to closed

In 56647:

Build/Test Tools: Update build related dependencies to their latest versions.

This updates the following npm dependencies:

  • autoprefixer to version 10.4.16.
  • grunt-contrib-qunit to version 8.0.1.
  • postcss to version 8.4.30.
  • react-refresh to version 0.14.0.
  • sass to version 1.68.0.
  • sinon to version 16.0.0.
  • uuid to version 9.0.1.
  • tslib to version 2.6.2.

This change accompanies a similar one in the Gutenberg repository: https://github.com/WordPress/gutenberg/pull/54657.

Props gziolo, desrosj.
Fixes #58863.

#7 @desrosj
8 months ago

  • Resolution fixed deleted
  • Status changed from closed to reopened

@rajinsharwar Sorry, I missed your patch above for framer-motion and @emotion/is-prop-valid.

I just opened an upstream issue on GitHub to update framer-motion in Gutenberg first to ensure there are no issues. @emotion/is-prop-valid also should be investigated there first.

Running npm list @emotion/is-prop-valid results in this:

├── @emotion/is-prop-valid@0.8.8
├─┬ @wordpress/block-editor@12.3.14
│ └─┬ @emotion/styled@11.10.6
│   └── @emotion/is-prop-valid@1.2.1
└─┬ framer-motion@10.11.6
  └── @emotion/is-prop-valid@0.8.8 d

I'm not that it's necessary to include this as a direct dependency.

This ticket was mentioned in PR #5273 on WordPress/wordpress-develop by @desrosj.


8 months ago
#9

Since version 20.0.0, puppeteer uses Chrome instead of Chromium for testing. The PUPPETEER_SKIP_CHROMIUM_DOWNLOAD environment variable was removed in favor of PUPPETEER_SKIP_DOWNLOAD.

puppeteer is a peer dependency of grunt-contrib-qunit, which was updated in [56647].

This changes PUPPETEER_SKIP_CHROMIUM_DOWNLOAD to PUPPETEER_SKIP_DOWNLOAD in order to restore the previous behavior of not downloading the desired binary in workflows where it's not required.

Trac ticket: https://core.trac.wordpress.org/ticket/58863

#10 @desrosj
8 months ago

In 56659:

Build/Test Tools: Update the environment variable for skipping browser binaries.

This changes the environment variable used in GitHub Action workflows to skip downloading the browser binary that’s a peer dependency when it’s not needed.

In [56647], the version of puppeteer peer-dependency was bumped to >= 20.0.0. Starting in version 20.0.0, puppeteer switched to using Chrome for testing instead of Chromium. With this release, the PUPPETEER_SKIP_CHROMIUM_DOWNLOAD environment variable was removed in favor of the more generic PUPPETEER_SKIP_DOWNLOAD.

All workflows that do not need a browser binary now contain the correct PUPPETEER_SKIP_CHROMIUM_DOWNLOAD variable.

Follow up to [56647].

See #58863.

#12 @afercia
8 months ago

I just wanted to note that one of the changes here (I think [56647]) in combination with gutenberg https://github.com/WordPress/gutenberg/pull/52993 suddenly made the gutenberg build fail on my local environment this morning. Very likely, I'm not the only one who faced this issue. For more details, please see this comment: https://github.com/WordPress/gutenberg/pull/52993#issuecomment-1735409085

Contributors may have very different local development environments. Cloning the gutenberg repository inside the core plugins directory is a legitimate way to set up a dev environment, in my opinion. Ideally, changes in core and gutenberg should never break the build process, whatever the development environment is. I do realize managing packages versions across two projects is complicated but I'd really like to see more coordination to avoid a frustrating development experience for many contributors.

#13 @desrosj
8 months ago

In 56944:

Build/Test Tools: Downgrade grunt-contrib-qunit dependency.

grunt-contrib-qunit was upgraded from version 7.0.1 to 8.0.1 in [56647]. However, this update causes a strange failure when running the build script for the Gutenberg plugin when checked out within a wordpress-develop checkout.

This reverts the related change in [56647] and downgrades the dependency back to 7.0.1 until the exact reason for the failure is narrowed down.

Props afercia, kevin940726, antonvlasenko, desrosj.
See #59634, #58863.

#14 @desrosj
8 months ago

  • Resolution set to fixed
  • Status changed from reopened to closed

In 56957:

Build/Test Tools: Update build related dependencies.

This updates the following development dependencies to their latest versions:

  • postcss
  • qunit
  • sass
  • webpack

Additionally, npm audit fix has been run.

Fixes #58863.

#15 @desrosj
7 months ago

In 56973:

Build/Test Tools: Skip Puppeteer download in build workflow.

This adds the PUPPETEER_SKIP_DOWNLOAD environment variable to the Build WordPress workflow to skip downloading Puppeteer browser binaries unnecessarily.

Follow up to [56958].

See #59416, #59517, #58863.

Note: See TracTickets for help on using tickets.