remove tar and nanoid #12014
remove tar and nanoid #12014
Conversation
JonHolman
requested review from
BearHanded,
braxex,
jessabean and
karla-vm
as code owners
|
Code Climate has analyzed commit 0b936c8 and detected 0 issues on this pull request. The test coverage on the diff in this pull request is 100.0% (90% is the threshold). This pull request will bring the total coverage in the repository to 96.7% (0.0% change). View more on Code Climate. |
| @@ -3854,11 +3854,6 @@ nanoid@^3.3.7: | |||
| resolved "https://registry.yarnpkg.com/nanoid/-/nanoid-3.3.7.tgz#d0c301a691bc8d54efa0a2226ccf3fe2fd656bd8" | |||
| integrity sha512-eSRppjcPIatRIMC1U6UngP8XFcz8MQWGQdt1MTBQ7NaAmvXDfvNxbvWV3x2y6CdEUciCSsDHDQZbhYaB8QEo2g== | |||
|
|
|||
| nanoid@^3.3.8: | |||
There was a problem hiding this comment.
Looks like nanoid is a transitive dependency that bubbles up eventually to the serverless-bundle package. The entry right above for nanoid^3.3.7 could be upgraded 3.3.8.
| @@ -13882,18 +13882,6 @@ tar@^6.1.15: | |||
| mkdirp "^1.0.3" | |||
| yallist "^4.0.0" | |||
|
|
|||
| tar@^6.2.1: | |||
There was a problem hiding this comment.
This is a transitive dependency of serverless. The entry above for tar@^6.1.15 can be upgraded to 6.2.1.
There was a problem hiding this comment.
@bangbay-bluetiger since its not used directly by our code, we don't need it in our package.json though, right? I'm sure there are many other dependencies that this applies to as well, that are not in our package.json.
There was a problem hiding this comment.
No, it doesn't need to be put in package.json. I put some additional comments in #12013 about updating just the lock file versions.
| @@ -601,11 +601,6 @@ nanoid@^3.3.6: | |||
| resolved "https://registry.yarnpkg.com/nanoid/-/nanoid-3.3.6.tgz#443380c856d6e9f9824267d960b4236ad583ea4c" | |||
| integrity sha512-BGcqMMJuToF7i1rt+2PWSNVnWIkGCU78jBG3RxO/bZlnZPK2Cmi2QaffxGO/2RvWi9sL+FAiRiXMgsyxQ1DIDA== | |||
|
|
|||
| nanoid@^3.3.8: | |||
There was a problem hiding this comment.
nanoid@^3.3.6 above can be upgraded to 3.3.8.
Description
Remove tar and nanoid dependencies
Related ticket(s)
n/a
How to test
Open deployed environment and confirm application is still working as expected:
https://d1815t2zyr7le0.cloudfront.net/
Notes
Pre-review checklist
Pre-merge checklist
Review
Security
If either of the following are true, notify the team's ISSO (Information System Security Officer).
convert to a different template: test → val | val → prod