Debloat #32
Debloat #32
Conversation
broughtonkkornl
requested review from
camposeddie,
DavisGauntUAH and
ckd002
as code owners
|
Locally snyk gives me this: Testing /home/5kb/git/edpub/earthdata-pub-dashboard... Organization: broughtonkkornl-87Cv7soFuvHYUu4XqGFmVJ ✔ Tested 403 dependencies for known issues, no vulnerable paths found. Next steps:
So I'm not sure what this is about. Maybe needs a new package-lock first? |
To fix this push with the package-lock file included. |
Description
Applied lib updates and changes to some code for same. I had gone through and updated or removed unused or outdated libraries that had warnings, vulnerabilites or were deprecated. I did this months ago and did one lib at a time to ensure no breakage from on the frontend. This was awhile back, but I did not want to loose the updates. It is unknown if there are certain libs that are only being used on the server and will need extra eyes to figure that bit out.
Added:
vm: require.resolve('vm-browserify') to webpack common so no breakage on clean build.
Removed:
"browser-env": "^3.3.0",
"precss": "^4.0.0",
"cssnano": "^5.0.9",
"react-flow-renderer": "^10.3.17", (added "reactflow": "^11.8.3", to replace)
"sanitize-html": "^2.7.0", (never ended up using)
"sanitize-html-react": "^1.13.0", (never ended up using)
"shortid": "^2.2.6" (nanoid replaced)
Updated:
"sinon": "^16.1.1",
"css-loader": "^6.5.1",
I do not know how useful these are so I don't know if we need them. Removing them removes css warnings and the program works fine without them (short change to webpack.common required.)
"postcss": "^8.3.11",
"postcss-loader": "^6.2.1",
From my old notes, I suspect the following can be removed but did not want to make too many changes at once and these did not raise any warnings anymore:
"autoprefixer": "^10.4.0",
"hash-wasm": "4.9.0",
"ace-builds": "^1.15.2",
Remaining warnings after:
npm WARN deprecated @npmcli/move-file@1.1.2: This functionality has been moved to @npmcli/fs
npm WARN deprecated har-validator@5.1.5: this library is no longer supported
npm WARN deprecated abab@2.0.6: Use your platform's native atob() and btoa() methods instead
npm WARN deprecated request-promise@2.0.1: request-promise has been deprecated because it extends the now deprecated request package, see request/request#3142
npm WARN deprecated w3c-hr-time@1.0.2: Use your platform's native performance.now() and performance.timeOrigin.
npm WARN deprecated domexception@4.0.0: Use your platform's native DOMException instead
npm WARN deprecated request@2.88.2: request has been deprecated, see request/request#3142
Warnings before:
npm WARN deprecated @npmcli/move-file@1.1.2: This functionality has been moved to @npmcli/fs
npm WARN deprecated stable@0.1.8: Modern JS already guarantees Array#sort() is a stable sort, so this library is deprecated. See the compatibility table on MDN: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/sort#browser_compatibility
npm WARN deprecated flatten@1.0.3: flatten is deprecated in favor of utility frameworks such as lodash.
npm WARN deprecated request-promise-native@1.0.9: request-promise-native has been deprecated because it extends the now deprecated request package, see request/request#3142
npm WARN deprecated har-validator@5.1.5: this library is no longer supported
npm WARN deprecated abab@2.0.6: Use your platform's native atob() and btoa() methods instead
npm WARN deprecated precss@4.0.0: Package no longer supported. Contact Support at https://www.npmjs.com/support for more info.
npm WARN deprecated domexception@1.0.1: Use your platform's native DOMException instead
npm WARN deprecated request-promise@2.0.1: request-promise has been deprecated because it extends the now deprecated request package, see request/request#3142
npm WARN deprecated w3c-hr-time@1.0.2: Use your platform's native performance.now() and performance.timeOrigin.
npm WARN deprecated domexception@4.0.0: Use your platform's native DOMException instead
npm WARN deprecated shortid@2.2.16: Package no longer supported. Contact Support at https://www.npmjs.com/support for more info.
npm WARN deprecated uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
npm WARN deprecated request@2.88.2: request has been deprecated, see request/request#3142
npm WARN deprecated sinon@12.0.1: 16.1.1
npm WARN deprecated react-flow-renderer@10.3.17: react-flow-renderer has been renamed to reactflow, please use this package from now on https://reactflow.dev/docs/guides/migrate-to-v11/
Validation
To Validate
Change Log