Update and pin dependencies #770
Conversation
|
Not sure why it failed. There is a 401 error in the Task log. Tests run fine locally. |
|
I'm asking around about the task log failure. I do have a separate curiosity question: why increase the nodejs version requirement, which presumably stops people still using older versions using an up-to-date version of this library? From a quick web search it seems Node 14 is still supported as LTS (though 12 isn't anymore). |
|
@gijsk Thanks! You're right, 14 is still maintained. I wasn't sure if it works with updated dependencies under 10 anymore and wanted to push people in the direction of a current LTS (which is 18 now). Happy to change it to 14 or keep it at 10 if there are no side-effects! |
|
Matrix for taskcluster suggests that the reason the PR fails tests is:
@tholu Perhaps this is an internal thing setup in your NPM setup that isn't externally accessible? |
|
Looks like I can't push to your PR but I pastebin'd a diff with just deleting package-lock.json and regenerating it, which produced this: https://paste.mozilla.org/VyeUu6vT I think just applying this should make things work? But my npm-fu is pretty weak, and I'm traveling so it's possible I'm missing some git/github options that would have made this easier. |
|
(Oh, and I have no idea why that removes the SRI bits and some license bits from package-lock - maybe because I used |
|
@gijsk That makes sense, the registry in my local config was not the official one, so I fixed that now. Unclear to me why it strips the license bits - my guess is that newer npm versions strip it by default. |
I have updated the dependencies to the latest available version and pinned them, which I believe to be a best practice in dependency management.