Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

deps: rebuild package-lock #6143

Merged
merged 1 commit into from
Feb 7, 2023
Merged

deps: rebuild package-lock #6143

merged 1 commit into from
Feb 7, 2023

Conversation

wraithgar
Copy link
Member

@wraithgar wraithgar commented Feb 7, 2023
edited
Loading

This is a total rebuild of the package-lock. The diff of the
package-lock was audited line by line and changes were assessed. In all
but one case the only changes were semver-compatible bumps of
subdependencies, and a shuffling of the hoisting of some dev
dependencies (which don't affect the published package).

The only package that had to be manually re-hoisted was
normalize-package-data. This was done by installing then uninstalling
the version we wanted hoisted (in this case it was semver major version
5).

@wraithgar wraithgar requested a review from a team as a code owner February 7, 2023 19:10
@wraithgar wraithgar requested review from fritzy and removed request for a team February 7, 2023 19:10
lukekarrys
lukekarrys suggested changes Feb 7, 2023
View reviewed changes
Copy link
Contributor

@lukekarrys lukekarrys left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The changed files in workspaces/arborist/test/fixtures/ were moved in 4c5bd6e and probably got re-added in this PR. Can those be removed?

@wraithgar
deps: rebuild package-lock
484c606 
This is a total rebuild of the package-lock.  The diff of the
package-lock was audited line by line and changes were assessed.  In all
but one case the only changes were semver-compatible bumps of
subdependencies, and a shuffling of the hoisting of some dev
dependencies (which don't affect the published package).

The only package that had to be manually re-hoisted was
`normalize-package-data`.  This was done by installing then uninstalling
the version we wanted hoisted (in this case it was semver major version
5).
@lukekarrys lukekarrys merged commit cb6713d into latest Feb 7, 2023
@lukekarrys lukekarrys deleted the gar/lock-test branch February 7, 2023 19:41
@github-actions github-actions bot mentioned this pull request Feb 7, 2023
Merged
@npm-cli-bot npm-cli-bot mentioned this pull request Feb 7, 2023
Closed
@npm-cli-bot npm-cli-bot mentioned this pull request Feb 15, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lukekarrys lukekarrys lukekarrys approved these changes

@fritzy fritzy Awaiting requested review from fritzy fritzy is a code owner automatically assigned from npm/cli-team

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@wraithgar @lukekarrys