Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update yarn from version 1.22.21 to 3.4.1 and webpack-dev-server from 3.11.1 to 4.0.0 #895

Merged
merged 2 commits into from
Jan 19, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 3 additions & 3 deletions .github/workflows/ci-cd.yml
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ jobs:
scope: '@RaspberryPiFoundation'

- name: Install code
run: yarn install --frozen-lock-file
run: yarn install --immutable
env:
NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}

Expand All @@ -50,7 +50,7 @@ jobs:
scope: '@RaspberryPiFoundation'

- name: Install code
run: yarn install --frozen-lock-file
run: yarn install --immutable
env:
NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}

Expand Down Expand Up @@ -80,7 +80,7 @@ jobs:
scope: '@RaspberryPiFoundation'

- name: Install code
run: yarn install --frozen-lock-file
run: yarn install --immutable
env:
NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}

Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/deploy.yml
Original file line number Diff line number Diff line change
Expand Up @@ -117,7 +117,7 @@ jobs:
scope: '@RaspberryPiFoundation'

- name: Install code
run: yarn install --frozen-lock-file
run: yarn install --immutable
env:
NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}

Expand Down
2 changes: 2 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -27,5 +27,7 @@ node_modules
npm-debug.log*
yarn-debug.log*
yarn-error.log*
.yarn/cache
.yarn/install-state.gz

.vscode/settings.json
873 changes: 873 additions & 0 deletions .yarn/releases/yarn-3.4.1.cjs

Large diffs are not rendered by default.

5 changes: 5 additions & 0 deletions .yarnrc.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
nodeLinker: node-modules

yarnPath: .yarn/releases/yarn-3.4.1.cjs

checksumBehavior: "update"
2 changes: 2 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),

- Minor copy changes to HTML add file modal
- Toggle errors sent via apiCallHandler off (#890)
- Upgrade webpack-dev-server to 4.0.0 to support conditional headers
- Upgrade yarn to 3.4.1 to workaround a string-width issue

## [0.21.1] - 2024-01-11

Expand Down
123 changes: 53 additions & 70 deletions config/webpackDevServer.config.js
Original file line number Diff line number Diff line change
Expand Up @@ -14,49 +14,11 @@ const sockHost = process.env.WDS_SOCKET_HOST;
const sockPath = process.env.WDS_SOCKET_PATH; // default: '/sockjs-node'
const sockPort = process.env.WDS_SOCKET_PORT;

module.exports = function (proxy, allowedHost) {
module.exports = function (proxy, _allowedHost) {
return {
// WebpackDevServer 2.4.3 introduced a security fix that prevents remote
// websites from potentially accessing local content through DNS rebinding:
// https://github.com/webpack/webpack-dev-server/issues/887
// https://medium.com/webpack/webpack-dev-server-middleware-security-issues-1489d950874a
// However, it made several existing use cases such as development in cloud
// environment or subdomains in development significantly more complicated:
// https://github.com/facebook/create-react-app/issues/2271
// https://github.com/facebook/create-react-app/issues/2233
// While we're investigating better solutions, for now we will take a
// compromise. Since our WDS configuration only serves files in the `public`
// folder we won't consider accessing them a vulnerability. However, if you
// use the `proxy` feature, it gets more dangerous because it can expose
// remote code execution vulnerabilities in backends like Django and Rails.
// So we will disable the host check normally, but enable it if you have
// specified the `proxy` setting. Finally, we let you override it if you
// really know what you're doing with a special environment variable.
disableHostCheck:
!proxy || process.env.DANGEROUSLY_DISABLE_HOST_CHECK === 'true',
allowedHosts: "all",
// Enable gzip compression of generated files.
compress: true,
// Silence WebpackDevServer's own logs since they're generally not useful.
// It will still show compile warnings and errors with this setting.
clientLogLevel: 'none',
// By default WebpackDevServer serves physical files from current directory
// in addition to all the virtual build products that it serves from memory.
// This is confusing because those files won’t automatically be available in
// production build folder unless we copy them. However, copying the whole
// project directory is dangerous because we may expose sensitive files.
// Instead, we establish a convention that only files in `public` directory
// get served. Our build script will copy `public` into the `build` folder.
// In `index.html`, you can get URL of `public` folder with %PUBLIC_URL%:
// <link rel="icon" href="%PUBLIC_URL%/favicon.ico">
// In JavaScript code, you can access it with `process.env.PUBLIC_URL`.
// Note that we only recommend to use `public` folder as an escape hatch
// for files like `favicon.ico`, `manifest.json`, and libraries that are
// for some reason broken when imported through webpack. If you just want to
// use an image, put it in `src` and `import` it from JavaScript instead.
contentBase: paths.appPublic,
contentBasePublicPath: paths.publicUrlOrPath,
// By default files from `contentBase` will not trigger a page reload.
watchContentBase: true,
// Enable hot reloading server. It will provide WDS_SOCKET_PATH endpoint
// for the WebpackDevServer client so it can learn when the files were
// updated. The WebpackDevServer client is included as an entry point
Expand All @@ -65,71 +27,92 @@ module.exports = function (proxy, allowedHost) {
hot: true,
// Use 'ws' instead of 'sockjs-node' on server since we're using native
// websockets in `webpackHotDevClient`.
transportMode: 'ws',
// Prevent a WS client from getting injected as we're already including
// `webpackHotDevClient`.
injectClient: false,
// Enable custom sockjs pathname for websocket connection to hot reloading server.
// Enable custom sockjs hostname, pathname and port for websocket connection
// to hot reloading server.
sockHost,
sockPath,
sockPort,
webSocketServer: 'ws',
// It is important to tell WebpackDevServer to use the same "publicPath" path as
// we specified in the webpack config. When homepage is '.', default to serving
// from the root.
// remove last slash so user can land on `/test` instead of `/test/`
publicPath: paths.publicUrlOrPath.slice(0, -1),
// WebpackDevServer is noisy by default so we emit custom message instead
// by listening to the compiler events with `compiler.hooks[...].tap` calls above.
quiet: true,
// Reportedly, this avoids CPU overload on some systems.
// https://github.com/facebook/create-react-app/issues/293
// src/node_modules is not ignored to support absolute imports
// https://github.com/facebook/create-react-app/issues/1065
watchOptions: {
ignored: ignoredFiles(paths.appSrc),
devMiddleware: {
publicPath: paths.publicUrlOrPath.slice(0, -1),
},
static: {
// By default WebpackDevServer serves physical files from current directory
// in addition to all the virtual build products that it serves from memory.
// This is confusing because those files won’t automatically be available in
// production build folder unless we copy them. However, copying the whole
// project directory is dangerous because we may expose sensitive files.
// Instead, we establish a convention that only files in `public` directory
// get served. Our build script will copy `public` into the `build` folder.
// In `index.html`, you can get URL of `public` folder with %PUBLIC_URL%:
// <link rel="icon" href="%PUBLIC_URL%/favicon.ico">
// In JavaScript code, you can access it with `process.env.PUBLIC_URL`.
// Note that we only recommend to use `public` folder as an escape hatch
// for files like `favicon.ico`, `manifest.json`, and libraries that are
// for some reason broken when imported through webpack. If you just want to
// use an image, put it in `src` and `import` it from JavaScript instead.
directory: paths.appPublic,
publicPath: paths.publicUrlOrPath,
// By default files from `directory` will not trigger a page reload.
// Reportedly, this avoids CPU overload on some systems.
// https://github.com/facebook/create-react-app/issues/293
// src/node_modules is not ignored to support absolute imports
// https://github.com/facebook/create-react-app/issues/1065
watch: {
ignored: ignoredFiles(paths.appSrc),
},
},
https: getHttpsConfig(),
host,
overlay: false,
historyApiFallback: {
// Paths with dots should still use the history fallback.
// See https://github.com/facebook/create-react-app/issues/387.
disableDotRule: true,
index: paths.publicUrlOrPath,
},
headers: {
headers: {
"Access-Control-Allow-Origin": "*",
"Access-Control-Allow-Methods": "GET, POST, PUT, DELETE, PATCH, OPTIONS",
"Access-Control-Allow-Headers": "X-Requested-With, content-type, Authorization"
},
public: allowedHost,
client: {
// Silence WebpackDevServer's own logs since they're generally not useful.
// It will still show compile warnings and errors with this setting.
logging: 'none',
overlay: false,
webSocketURL: {
// Enable custom sockjs pathname for websocket connection to hot reloading server.
// Enable custom sockjs hostname, pathname and port for websocket connection
// to hot reloading server.
hostname: sockHost,
pathname: sockPath,
port: sockPort,
},
},
// `proxy` is run between `before` and `after` `webpack-dev-server` hooks
proxy,
before(app, server) {
onBeforeSetupMiddleware(devServer) {
// Keep `evalSourceMapMiddleware` and `errorOverlayMiddleware`
// middlewares before `redirectServedPath` otherwise will not have any effect
// This lets us fetch source contents from webpack for the error overlay
app.use(evalSourceMapMiddleware(server));
devServer.app.use(evalSourceMapMiddleware(devServer));
// This lets us open files from the runtime error overlay.
app.use(errorOverlayMiddleware());
devServer.app.use(errorOverlayMiddleware());

if (fs.existsSync(paths.proxySetup)) {
// This registers user provided middleware for proxy reasons
require(paths.proxySetup)(app);
require(paths.proxySetup)(devServer.app);
}
},
after(app) {
onAfterSetupMiddleware(devServer) {
// Redirect to `PUBLIC_URL` or `homepage` from `package.json` if url not match
app.use(redirectServedPath(paths.publicUrlOrPath));
devServer.app.use(redirectServedPath(paths.publicUrlOrPath));

// This service worker file is effectively a 'no-op' that will reset any
// previous service worker registered for the same host:port combination.
// We do this in development to avoid hitting the production cache if
// it used the same host and port.
// https://github.com/facebook/create-react-app/issues/2272#issuecomment-302832432
app.use(noopServiceWorkerMiddleware(paths.publicUrlOrPath));
devServer.app.use(noopServiceWorkerMiddleware(paths.publicUrlOrPath));
},
};
};
7 changes: 4 additions & 3 deletions package.json
Original file line number Diff line number Diff line change
Expand Up @@ -80,7 +80,7 @@
"scripts": {
"start": "node scripts/start.js",
"build": "node scripts/build.js",
"build:dev": "yarn install --force && yarn run build-storybook && node scripts/build.js",
"build:dev": "yarn install --check-cache && yarn run build-storybook && node scripts/build.js",
"build-storybook": "cd ./storybook && yarn install && yarn run build-storybook -- -o ../public/storybook --loglevel warn",
"lint": "eslint \"src/**/*.{js,jsx,json}\"",
"lint:fix": "eslint --fix \"src/**/*.{js,jsx,json}\"",
Expand Down Expand Up @@ -186,7 +186,7 @@
"webgl-mock-threejs": "^0.0.1",
"webpack": "4.44.2",
"webpack-cli": "^4.9.2",
"webpack-dev-server": "3.11.1",
"webpack-dev-server": "4.0.0",
"webpack-manifest-plugin": "2.2.0",
"workbox-webpack-plugin": "5.1.4"
},
Expand Down Expand Up @@ -246,5 +246,6 @@
"jest-watch-typeahead/testname"
],
"resetMocks": true
}
},
"packageManager": "[email protected]"
}
10 changes: 5 additions & 5 deletions storybook/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -11,16 +11,16 @@
"@storybook/addon-actions": "6.5.10",
"@storybook/addon-essentials": "6.5.10",
"@storybook/addon-interactions": "6.5.10",
"@storybook/builder-webpack4": "6.5.10",
"@storybook/manager-webpack4": "6.5.10",
"@storybook/mdx2-csf": "0.0.3",
"@storybook/preset-scss": "^1.0.3",
"@storybook/react": "6.5.10",
"@storybook/blocks": "^7.5.3",
"@storybook/builder-webpack4": "6.5.10",
"@storybook/channels": "^7.5.3",
"@storybook/components": "^7.5.3",
"@storybook/core-events": "^7.5.3",
"@storybook/manager-webpack4": "6.5.10",
"@storybook/mdx2-csf": "0.0.3",
"@storybook/preset-scss": "^1.0.3",
"@storybook/preview-api": "^7.5.3",
"@storybook/react": "6.5.10",
"@storybook/theming": "^7.5.3",
"css-loader": "^5.2.6",
"i18next": "^23.7.6",
Expand Down
Loading
Loading