Early Bird Registration for DrupalCon Portland 2024 is open! Register by 23:59 PST on 31 March 2024, to get $100 off your ticket.
Problem/Motivation
Follow-up to #2859663: Ignore core/node_modules. Should we recommend using yarn and should we check in the yarn.lock file?
Steps to create the yarn.lock file:
- Install yarn
- cd /core
- "yarn install"
Proposed resolution
Check in the resulting yarn.lock file so all javascript developers work of the same version of dependencies.
Remaining tasks
User interface changes
None
API changes
None
Data model changes
None
Comment | File | Size | Author |
---|---|---|---|
#4 | 2861497-11996860-check-in-yarn-lock-file.patch | 72.21 KB | natete |
Comments
Comment #2
natete CreditAttribution: natete commentedComment #3
natete CreditAttribution: natete commentedI'll be trying to work on it
Comment #4
natete CreditAttribution: natete at La Drupalera by Emergya commentedAdding Organization
Comment #5
natete CreditAttribution: natete commentedI totally agree, yarn is a huge improvement over plain npm and yarn.lock prevents problems with different versions of the libraries.
Comment #6
agomezmoron CreditAttribution: agomezmoron at La Drupalera by Emergya commentedI think it can be closed.
Comment #7
HazaComment #8
HazaTo manually check the yarn.lock file, I also followed the steps and generated my own yarn.lock and then performed a md5sum against the one in the patch in #4. They are the same.
I'm not sure if anything still needs to be done (documentation maybe ?), otherwise, I think we could RTBC this one.
Comment #9
agomezmoron CreditAttribution: agomezmoron at La Drupalera by Emergya commentedHi, I think it is enough because it is like a "yarn basic".
Thanks!
Comment #10
natete CreditAttribution: natete at La Drupalera by Emergya commentedComment #11
agomezmoron CreditAttribution: agomezmoron at La Drupalera by Emergya commentedComment #12
droplet CreditAttribution: droplet commentedcommitter should do it himself/herself once and checksum :)
It's too early to add it in my view (as JS Maintainer also). We haven't done any meaningful ES6 stuff to CORE. The JS tools are useless at the moment. When we started ES6, the packages are outdated. I think we will update these packages once before the first ES6 patch.
@natete is finished his job. Unassigned it :)
Comment #13
droplet CreditAttribution: droplet commentedduring the time, we could discuss where & how to document it.
Comment #14
alexpottLet's go with @droplet's point here and postpone this issue on actually using the build process.
Comment #17
martin107 CreditAttribution: martin107 as a volunteer commentedin the proposed section of the issue summary
Well that ship has sailed as we have commited a yarn.lock
I think we are in a maintenance phase, where we need to ensure we are keeping up with tool upgrades
in short run
a) yarn outdated,
b) get all packages up to date.
c) rebuild out javascript
d) in patch review get into the messy business of analysing how things are going to break given those changes.
I think this issue could be closed and a second maintenance issue created?
For example here is step a
yarn outdated
Comment #18
martin107 CreditAttribution: martin107 as a volunteer commentedComment #19
alexpott@martin107 you're right. We added the lock file in #2815077: Adopt airbnb javascript style guide v14.1 as new baseline javascript coding standards for Drupal 8 core and contrib so we should close this issue and open a new issue to update outdated dependencies.
Comment #20
martin107 CreditAttribution: martin107 as a volunteer commentedOk