Edit-Flow icon indicating copy to clipboard operation
Edit-Flow copied to clipboard
verified publisher icon Automattic

Upgrade npm packages to their latest versions

Open htdat opened this issue 4 years ago • 0 comments

From this comment https://github.com/Automattic/Edit-Flow/pull/659#issuecomment-860532572

Reasoning

We tried a recent round of updating npm packages in https://github.com/Automattic/Edit-Flow/pull/645

However, https://github.com/Automattic/Edit-Flow/pull/645 was only to update package versions that satisfy what is mentioned in package.json. That is, ^4.0.2 means npm update will only look for versions between 4.0.2 and any newer version with this format 4.x.x.

Some of packages become out-of-date very soon, for example, @wordpress/scripts(code ref) is using ^7.2.0 while its latest version is 16.1.2 (npmjs link).

@nielslange somewhat mentioned this here https://github.com/Automattic/Edit-Flow/pull/645#pullrequestreview-672889493

How to do

npm does not support this by default. Instead, we need to use another package to do that. I tried this guide https://flaviocopes.com/update-npm-dependencies/

  • Install ncu https://www.npmjs.com/package/npm-check-updates
  • ncu -u
  • npm install
  • npm audit fix

Here is the PR and its tests (I used my repo to avoid dumping so many GitHub Actions to our main repo here):

  • https://github.com/htdat/Edit-Flow/commit/dabdc713a7adeb0ba27d422038731c25d3db3105
  • https://github.com/htdat/Edit-Flow/runs/2790243683?check_suite_focus=true

htdat avatar Jun 15 '21 04:06 htdat