Make WordPress Core

Opened 4 months ago

Closed 11 days ago

#59658 closed task (blessed) (fixed)

Update/Audit NPM Dependencies for 6.5

Reported by: desrosj's profile desrosj Owned by:
Milestone: 6.5 Priority: normal
Severity: normal Version:
Component: Build/Test Tools Keywords: has-patch commit
Focuses: Cc:



Change History (17)

#1 @desrosj
3 months ago

In 57122:

Twenty Twenty-One: Update all dependencies.

In preparation for updating Core to use Node.js version 18.x, this updates the dependancies for the Twenty Twenty-One theme to the latest versions. This addresses an unsupported engine warning where packages within the dependency tree did not support Node.js > 16.x.

All changes to built files are included in this commit. These changes are a result of the following:

  • Identical sets of properties for multiple selectors are now consolidated into one.
  • The removal of a duplicate --branding--description--font-family definition.
  • The addition of the postcss-discard-empty dependency, which removes empty CSS rules within IE stylesheets after the previous consolidation is performed.
  • stylelint has only been updated to 14.x (15.x is the latest). This is because @wordpres/stylelint-config currently has a version constraint of ^14.2 and does not properly support 15.x.

The last change of note is the new configuration for the value-keyword-case rule in .stylelint-css.json. This was added as a way to prevent the currentColor from being changed to all lowercase.

Props jorbin, poena.
See #59663, #59658.

#2 @jorbin
2 months ago

In 57217:

Build/Test: Update Grunt Patch Wordpress for Node 20+.

Props jorbin, desrosj.
See #59658, #59663.

#3 @desrosj
3 weeks ago

In 57534:

Build/Test Tools: Update the codecov/codecov-action action.

This updates the codecov/codecov-action from version 3.1.5 to 4.0.1.

Version 4 switches to using the Codecov CLI to upload test report date, and changes the version of Node.js used for the action to 20.x. This fixes the notices currently shown for the test coverage workflow.

Props: mukesh27.
See #59658.

#4 @desrosj
3 weeks ago

In 57536:

Build/Test Tools: Pass a token to the Codecov action.

Version 4 of the action now requires a token to be provided in order to upload coverage results.

Follow up to [57534].

Props swissspidy.
See #59658.

This ticket was mentioned in PR #6090 on WordPress/wordpress-develop by @desrosj.

2 weeks ago

  • Keywords has-patch added

This ticket was mentioned in PR #6092 on WordPress/wordpress-develop by @desrosj.

2 weeks ago

While looking at #6090, I noticed that a few dependencies were out of date, but had no use within the actual code base or build scripts. Looking further, it seems that they are also dependencies for @wordpress block editor related packages. That should make them unnecessary as direct dependencies here.

Trac ticket:

#7 @gziolo
2 weeks ago

  • Keywords commit added

@huzaifaalmesbah commented on PR #6092:

2 weeks ago

Looks good. Thanks for removing unnecessary dependencies.

@desrosj commented on PR #6092:

2 weeks ago

Thanks! This is build tool related, so it can go in after beta 1.

#10 @desrosj
11 days ago

In 57634:

Build/Test Tools: Remove unnecessary direct dependencies.

This removes the @emotion/is-prop-valid, @emotion/memoize, and framer-motion packages as direct dependencies.

These were introduced in [56065], but do not appear to have been integrated into the build process. Instead, these are now installed as peer dependencies to the @wordpress/block-editor and @wordpress/components packages.

Props gziolo, huzaifaalmesbah.
See #59658.

#12 @desrosj
11 days ago

In 57635:

Build/Test Tools: Update several dependencies.

This updates the following dependencies:

  • @pmmmwh/react-refresh-webpack-plugin from 0.5.5 to 0.5.11.
  • autoprefixer from 10.4.16 to 10.4.17.
  • copy-webpack-plugin from 11.0.0 to 12.0.2.
  • cssnano from 6.0.1 to 6.0.3.
  • dotenv from 16.3.1 to 16.4.4.
  • dotenv-expand from 10.0.0 to 11.0.3.
  • postcss from 8.4.31 to 8.4.35.
  • sass from 1.69.3 to 1.70.0.
  • sinon from 16.0.3 to 16.1.3.
  • source-map-loader from 4.0.1 to 5.0.0.
  • terser-webpack-plugin from 5.3.9 to 5.3.10.
  • wait-on from 7.0.1 to 7.2.0.
  • webpack from 5.89.0 to 5.90.2.

Additionally, npm audit fix has been run.

See #59658.

@desrosj commented on PR #6090:

11 days ago

Merged in

#15 @desrosj
11 days ago

In 57636:

Build/Test Tools: Remove more unnecessary direct dependencies.

This removes the is-plain-object, memize, path-to-regexp, and tslib.

These were also introduced in [56065] and have been integrated into the build process. Instead, these are now installed as peer dependencies through the @/wordpress/* packages that actually require them.

Follow up to [57634].

Props swissspidy.
See #59658.

#17 @desrosj
11 days ago

  • Resolution set to fixed
  • Status changed from new to closed

Going to close this one out. If there are more updates needed before release, we can reopen.

Note: See TracTickets for help on using tickets.