fix(deps): update wordpress monorepo

[renovate]

Closes #39508 (merged).

This PR contains the following updates:

Package	Type	Update	Change
@wordpress/api-fetch	dependencies	minor	3.9.0 -> 3.11.0
@wordpress/babel-plugin-import-jsx-pragma	dependencies	minor	2.4.0 -> 2.5.0
@wordpress/babel-plugin-makepot	devDependencies	minor	3.3.0 -> 3.4.0
@wordpress/base-styles	dependencies	minor	1.2.0 -> 1.4.0
@wordpress/block-editor	dependencies	minor	3.5.0 -> 3.7.1
@wordpress/block-library	dependencies	minor	2.12.0 -> 2.14.1
@wordpress/blocks	dependencies	minor	6.10.0 -> 6.12.0
@wordpress/components	dependencies	minor	9.0.0 -> 9.2.1
@wordpress/compose	dependencies	minor	3.10.0 -> 3.11.0
@wordpress/core-data	dependencies	minor	2.10.0 -> 2.12.0
@wordpress/data	dependencies	minor	4.12.0 -> 4.14.0
@wordpress/data-controls	dependencies	minor	1.6.0 -> 1.8.0
@wordpress/dependency-extraction-webpack-plugin	dependencies	minor	2.1.0 -> 2.2.0
@wordpress/dependency-extraction-webpack-plugin	devDependencies	minor	2.1.0 -> 2.2.0
@wordpress/dom	dependencies	minor	2.7.0 -> 2.8.0
@wordpress/edit-post	dependencies	minor	3.11.0 -> 3.13.1
@wordpress/editor	dependencies	minor	9.10.0 -> 9.12.1
@wordpress/element	dependencies	minor	2.10.0 -> 2.11.0
@wordpress/format-library	dependencies	minor	1.12.0 -> 1.14.1
@wordpress/i18n	dependencies	minor	3.8.0 -> 3.9.0
@wordpress/is-shallow-equal	dependencies	minor	1.7.0 -> 1.8.0
@wordpress/jest-preset-default	devDependencies	minor	5.3.1 -> 5.4.0
@wordpress/keycodes	dependencies	minor	2.8.0 -> 2.9.0
@wordpress/notices	dependencies	major	1.11.0 -> 2.0.0
@wordpress/npm-package-json-lint-config	devDependencies	minor	2.1.0 -> 2.2.0
@wordpress/nux	dependencies	minor	3.10.0 -> 3.12.1
@wordpress/plugins	dependencies	minor	2.10.0 -> 2.12.0
@wordpress/redux-routine	dependencies	minor	3.6.2 -> 3.7.0
@wordpress/rich-text	dependencies	minor	3.10.0 -> 3.12.0
@wordpress/scripts	devDependencies	major	6.2.0 -> 7.1.0
@wordpress/server-side-render	dependencies	minor	1.6.0 -> 1.8.1
@wordpress/shortcode	dependencies	minor	2.5.0 -> 2.6.0
@wordpress/url	dependencies	minor	2.9.0 -> 2.11.0
@wordpress/viewport	dependencies	minor	2.11.0 -> 2.13.0

---

Release Notes

WordPress/gutenberg

v3.11.0

Compare Source

v3.10.0

Compare Source

---

Renovate configuration

📅 Schedule: At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻️ Rebasing: Whenever PR becomes conflicted, or if you tick the rebase/retry checkbox below.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by WhiteSource Renovate. View repository job log here.

[matticbot]

Test live: https://calypso.live/?branch=renovate/wordpress-monorepo

[yansern]

Doing select( USER_STORE ) is returning null, this file is breaking /gutenboarding/components/header/index.tsx.

[ockham]

Doing select( USER_STORE ) is returning null, this file is breaking /gutenboarding/components/header/index.tsx.

Sounds like this issue again 🙁 (tl;dr Multiple versions of @wordpress/data in the module tree.)

[ockham]

Was also present on this PR's predecessor: #39243 (comment)

[simison]

BTW "Reviewers" automation worked only for team Luna?

Edit: ohh blind me, Jon already requested a review from "Create" so I just double -pinged everyone. 🤦‍♂

[sirreal]

This is broken but we know what the fix is. Please don't rush to review it 🙂

#39368 is intended to ensure these PRs don't fail in the future.

[sirreal]

#39368 is landed. If we land #39420 we'll be able to rebase this and could land it without manually curating the package-lock 🙏 🙏 🙏

[sirreal]

#39368 is landed. If we land #39420 we'll be able to rebase this and could land it without manually curating the package-lock 🙏 🙏 🙏

I've landed #39420, this should be viable now.

[noahtallen]

Hm, considering that the test-full-site-editing check fails with this:

FAIL full-site-editing-plugin/starter-page-templates/page-template-modal/components/test/template-selector-preview.test.js
  ● Test suite failed to run
    Cannot find module '@wordpress/components' from 'template-selector-preview.js'
    However, Jest was able to find:
    	'../template-selector-preview.js'
    You might want to include a file extension in your import, or update your 'moduleFileExtensions', which is currently ['js', 'json', 'jsx', 'ts', 'tsx', 'node'].
    See https://jestjs.io/docs/en/configuration#modulefileextensions-array-string
      12 | /* eslint-disable import/no-extraneous-dependencies */
      13 | import { __ } from '@wordpress/i18n';
    > 14 | import { Disabled } from '@wordpress/components';
         | ^
      15 | import {
      16 | 	useState,
      17 | 	useEffect,
      at Resolver.resolveModule (node_modules/jest-resolve/build/index.js:259:17)
      at Object.<anonymous> (apps/full-site-editing/full-site-editing-plugin/starter-page-templates/page-template-modal/components/template-selector-preview.js:14:1)

I'm guessing we'll need to fix something. I'll look into it :)

[noahtallen]

Verified that the bug does not happen on master, but does happen on this branch with npm ci. Can test by running npx lerna run test:js --scope='@automattic/full-site-editing' --stream --no-prefix in wp-calypso root

[noahtallen]

I think I found the issue. On this branch, after npm ci, @wordpress/components does not exist in the root node_modules. (Which explains why the test errors indicate that it cannot find @wordpress/components.)

I will note that build-full-site-editing does still complete successfully because it is using the dependency extraction plugin, so it never tries to import from node_modules.

~/source/wp-calypso(renovate/wordpress-monorepo) » ls node_modules/@wordpress/components
ls: node_modules/@wordpress/components: No such file or directory

# I don't understand why npm ls shows the same thing in both cases.
~/source/wp-calypso(renovate/wordpress-monorepo) » npm ls @wordpress/components                                                                                                                                                                        noah.allen@Noahs-MacBook-Pro
wp-calypso-monorepo@0.17.0 /Users/noah.allen/source/wp-calypso
└─┬ wp-calypso@0.17.0 -> /Users/noah.allen/source/wp-calypso/client
  ├─┬ @wordpress/block-editor@3.7.0
  │ └── @wordpress/components@9.2.0  deduped
  ├─┬ @wordpress/block-library@2.14.0
  │ └── @wordpress/components@9.2.0  deduped
  ├── @wordpress/components@9.2.0 
  ├─┬ @wordpress/edit-post@3.13.0
  │ └── @wordpress/components@9.2.0  deduped
  ├─┬ @wordpress/editor@9.12.0
  │ ├─┬ @wordpress/block-directory@1.5.0
  │ │ └── @wordpress/components@9.2.0  deduped
  │ └── @wordpress/components@9.2.0  deduped
  ├─┬ @wordpress/format-library@1.14.0
  │ └── @wordpress/components@9.2.0  deduped
  ├─┬ @wordpress/nux@3.12.0
  │ └── @wordpress/components@9.2.0  deduped
  └─┬ @wordpress/server-side-render@1.8.0
    └── @wordpress/components@9.2.0  deduped

On master, after npm ci, it is installed:

~/source/wp-calypso(master) » ls node_modules/@wordpress/components
CHANGELOG.md    CONTRIBUTING.md LICENSE.md      README.md       build           build-module    build-style     node_modules    package.json    src

# Interestingly, this is the same structure as above.
~/source/wp-calypso(master) » npm ls @wordpress/components                                                                                                                                                                                             noah.allen@Noahs-MacBook-Pro
wp-calypso-monorepo@0.17.0 /Users/noah.allen/source/wp-calypso
└─┬ wp-calypso@0.17.0 -> /Users/noah.allen/source/wp-calypso/client
  ├─┬ @wordpress/block-editor@3.5.0
  │ └── @wordpress/components@9.0.0  deduped
  ├─┬ @wordpress/block-library@2.12.0
  │ └── @wordpress/components@9.0.0  deduped
  ├── @wordpress/components@9.0.0 
  ├─┬ @wordpress/edit-post@3.11.0
  │ └── @wordpress/components@9.0.0  deduped
  ├─┬ @wordpress/editor@9.10.0
  │ ├─┬ @wordpress/block-directory@1.3.0
  │ │ └── @wordpress/components@9.0.0  deduped
  │ └── @wordpress/components@9.0.0  deduped
  ├─┬ @wordpress/format-library@1.12.0
  │ └── @wordpress/components@9.0.0  deduped
  ├─┬ @wordpress/nux@3.10.0
  │ └── @wordpress/components@9.0.0  deduped
  └─┬ @wordpress/server-side-render@1.6.0
    └── @wordpress/components@9.0.0  deduped

I'm not really familiar with the wp dependency changes you were working on @sirreal. Do you think it would be fixed by adding it as a peer dependency? I was not able to fix this error by adding @wordpress/components to the FSE app package.json. I am able to fix this issue by adding @wordpress/components as a normal dependency in the root package.json. (But that does not appear to be our approach for other wp dependencies :))

[matticbot]

Here is how your PR affects size of JS and CSS bundles shipped to the user's browser:

Webpack Runtime (~92 bytes removed 📉 [gzipped])

name      parsed_size           gzip_size
manifest       -875 B  (-0.5%)      -92 B  (-0.3%)

Webpack runtime for loading modules. It is included in the HTML page as an inline script. Is downloaded and parsed every time the app is loaded.

App Entrypoints (~26453 bytes added 📈 [gzipped])

name                   parsed_size            gzip_size
entry-gutenboarding      -304366 B  (-11.7%)   -88306 B  (-13.0%)
entry-domains-landing    +270209 B  (+71.7%)   +73906 B  (+73.7%)
entry-login              +130191 B  (+14.6%)   +34712 B  (+14.6%)
entry-main                +18577 B   (+1.2%)    +3090 B   (+0.8%)
entry-jetpack-cloud       +18577 B   (+1.3%)    +3051 B   (+0.8%)

Common code that is always downloaded and parsed every time the app is loaded, no matter which route is used.

Sections (~529817 bytes removed 📉 [gzipped])

name                   parsed_size             gzip_size
preview                  -662442 B   (-86.1%)  -165402 B   (-84.3%)
post-editor              +550941 B   (+41.6%)  +175910 B   (+51.6%)
gutenberg-editor         -548454 B   (-39.4%)  -135212 B   (-37.4%)
settings-writing         -522972 B   (-54.1%)  -171850 B   (-60.3%)
checkout                 -509868 B   (-27.6%)  -122862 B   (-27.2%)
woocommerce              +504500 B   (+32.7%)  +164244 B   (+43.2%)
people                   -206190 B   (-36.2%)   -47638 B   (-33.8%)
marketing                -206179 B   (-32.4%)   -48006 B   (-30.8%)
privacy                  -112883 B   (-33.8%)   -25973 B   (-30.5%)
site-blocks              -111861 B   (-29.5%)   -27687 B   (-28.1%)
stats                    -110770 B   (-12.2%)   -26321 B   (-11.7%)
import                   +100332 B   (+85.9%)   +25749 B   (+79.7%)
settings                  -95004 B   (-15.2%)   -24101 B   (-14.8%)
settings-discussion       -85160 B   (-32.1%)   -21192 B   (-30.7%)
reader                    -83648 B   (-16.4%)   -21182 B   (-16.0%)
devdocs                   +82506 B  (+123.1%)   +22120 B  (+121.5%)
jetpack-connect           -77931 B   (-12.2%)   -19873 B   (-11.7%)
security                  +75427 B   (+22.7%)   +15062 B   (+16.5%)
plugins                   -75044 B   (-13.2%)   -18264 B   (-12.5%)
activity                  -68696 B   (-12.7%)   -16108 B   (-11.8%)
wp-super-cache            +65595 B   (+39.3%)   +13299 B   (+28.1%)
pages                     -46406 B   (-15.0%)   -15474 B   (-17.7%)
settings-performance      +42457 B   (+24.1%)   +11291 B   (+23.2%)
home                      -41814 B   (-12.2%)   -10203 B   (-11.2%)
google-my-business        -41806 B   (-13.3%)   -10186 B   (-11.7%)
notification-settings     +40651 B   (+15.5%)    +7898 B   (+11.5%)
comments                  -28257 B    (-5.1%)    -5783 B    (-4.5%)
hosting                   -21115 B    (-7.5%)    -5261 B    (-6.8%)
themes                    -21023 B    (-5.7%)    -5229 B    (-5.3%)
posts                     -20419 B    (-6.5%)    -5105 B    (-6.2%)
me                        -19336 B    (-8.2%)    -2973 B    (-4.9%)
domains                   +18051 B    (+2.1%)     -160 B    (-0.1%)
media                     -17476 B    (-4.5%)    -5222 B    (-4.9%)
happychat                 -13291 B    (-5.2%)    -3465 B    (-5.0%)
zoninator                  -9865 B    (-3.4%)    -3945 B    (-4.9%)
mailing-lists              -8713 B   (-57.1%)    -2735 B   (-59.4%)
hello-dolly                +8507 B    (+8.4%)    +3032 B   (+10.6%)
sensei                     -1322 B    (-1.2%)     -748 B    (-2.4%)
posts-custom                +284 B    (+0.1%)      +33 B    (+0.0%)
theme                       +276 B    (+0.1%)      +19 B    (+0.0%)
settings-security           +276 B    (+0.1%)      +18 B    (+0.0%)
export                      +259 B    (+0.1%)       +8 B    (+0.0%)
customize                   +242 B    (+0.1%)       +0 B
checklist                   +242 B    (+0.1%)       -1 B    (-0.0%)
plans                       +224 B    (+0.1%)      -34 B    (-0.0%)
email                       +224 B    (+0.1%)      -34 B    (-0.0%)
earn                        +155 B    (+0.1%)      +25 B    (+0.0%)
account                     +150 B    (+0.1%)      +12 B    (+0.0%)
sites                       +138 B    (+0.1%)      +15 B    (+0.1%)
migrate                     +138 B    (+0.1%)      +11 B    (+0.0%)
feature-upsell              +138 B    (+0.1%)      +14 B    (+0.0%)
concierge                   +138 B    (+0.0%)      +16 B    (+0.0%)
accept-invite               +138 B    (+0.1%)       -4 B    (-0.0%)
purchases                   +134 B    (+0.0%)     -347 B    (-0.1%)
help                        +121 B    (+0.0%)       +1 B    (+0.0%)
account-close               +121 B    (+0.0%)       +0 B
signup                      +104 B    (+0.1%)      -14 B    (-0.0%)

Sections contain code specific for a given set of routes. Is downloaded and parsed only when a particular route is navigated to.

Async-loaded Components (~448892 bytes added 📈 [gzipped])

name                                                      parsed_size            gzip_size
async-load-design                                           +637820 B  (+55.6%)  +152131 B  (+58.7%)
async-load-design-playground                                +637679 B  (+59.7%)  +152120 B  (+63.7%)
async-load-design-blocks                                    +636910 B  (+30.1%)  +150193 B  (+30.4%)
async-load-lib-preferences-helper                            -61273 B  (-78.4%)   -12957 B  (-72.3%)
async-load-components-web-preview-component                  +20951 B   (+5.8%)    +4646 B   (+5.0%)
async-load-reader-search-stream                              +18444 B  (+28.3%)    +3343 B  (+18.0%)
async-load-reader-following-manage                             -817 B   (-0.7%)     -540 B   (-1.8%)
async-load-apps-notifications-index-jsx                        +271 B   (+0.2%)       -6 B   (-0.0%)
async-load-my-sites-site-settings-seo-settings-form            +230 B   (+0.1%)       +8 B   (+0.0%)
async-load-blocks-support-article-dialog-dialog                +152 B   (+0.2%)      +32 B   (+0.1%)
async-load-signup-steps-plans-atomic-store                     +139 B   (+0.1%)      +18 B   (+0.1%)
async-load-signup-steps-plans                                  +139 B   (+0.1%)      +13 B   (+0.0%)
async-load-my-sites-current-site-stale-cart-items-notice       +104 B   (+0.3%)       -7 B   (-0.1%)
async-load-blocks-inline-help-popover                          +104 B   (+0.0%)       -6 B   (-0.0%)
async-load-post-editor-media-modal                              +66 B   (+0.0%)     -179 B   (-0.2%)
async-load-reader-list-stream                                   +34 B   (+0.3%)      +10 B   (+0.3%)
async-load-signup-steps-domains                                 +17 B   (+0.0%)      +11 B   (+0.0%)
async-load-reader-tag-stream-main                               +17 B   (+0.1%)       +9 B   (+0.2%)
async-load-reader-sidebar                                       +17 B   (+0.0%)      +11 B   (+0.1%)
async-load-my-sites-current-site-notice                         +17 B   (+0.0%)       +9 B   (+0.1%)
async-load-blocks-reader-full-post                              +17 B   (+0.0%)      +11 B   (+0.1%)
async-load-blocks-jitm-templates-sidebar-banner                 +17 B   (+0.1%)      +11 B   (+0.2%)
async-load-blocks-jitm-templates-default                        +17 B   (+0.1%)      +11 B   (+0.2%)

React components that are loaded lazily, when a certain part of UI is displayed for the first time.

Moment.js Locales (~11478 bytes added 📈 [gzipped])

name                    parsed_size              gzip_size
moment-locale-af           +42107 B  (+3161.2%)   +10762 B  (+1478.3%)
moment-locale-az           +16302 B   (+927.3%)    +4888 B   (+534.8%)
moment-locale-en-au        -11339 B    (-82.0%)    -3678 B    (-75.1%)
moment-locale-ru            -3231 B    (-71.1%)     -904 B    (-56.3%)
moment-locale-se            +3191 B   (+235.3%)     +851 B   (+112.7%)
moment-locale-my            +2074 B   (+152.2%)     +556 B    (+77.3%)
moment-locale-mr            -2074 B    (-60.3%)     -556 B    (-43.6%)
moment-locale-uk            -2053 B    (-63.3%)     -869 B    (-60.6%)
moment-locale-te            +1865 B   (+160.6%)     +533 B    (+84.3%)
moment-locale-ta            -1744 B    (-57.6%)     -466 B    (-40.0%)
moment-locale-br            +1702 B   (+109.9%)     +237 B    (+28.3%)
moment-locale-be            -1514 B    (-51.3%)     -610 B    (-47.3%)
moment-locale-ka            -1444 B    (-52.4%)     -274 B    (-27.5%)
moment-locale-nn            +1391 B   (+117.3%)     +467 B    (+72.9%)
moment-locale-ne            -1352 B    (-52.5%)     -463 B    (-41.8%)
moment-locale-kk            +1341 B    (+94.8%)     +257 B    (+34.8%)
moment-locale-ar            -1331 B    (-50.0%)     -458 B    (-38.6%)
moment-locale-bn            -1227 B    (-49.6%)     -416 B    (-39.6%)
moment-locale-bg            +1219 B    (+70.5%)     +375 B    (+41.0%)
moment-locale-ar-dz         +1212 B    (+83.5%)     +500 B    (+72.9%)
moment-locale-cv            +1189 B    (+70.2%)     +357 B    (+43.9%)
moment-locale-tet           -1126 B    (-49.2%)     -327 B    (-34.1%)
moment-locale-ar-ma         +1074 B    (+75.0%)     +429 B    (+62.9%)
moment-locale-ar-ly         -1074 B    (-42.9%)     -430 B    (-38.7%)
moment-locale-tl-ph         +1069 B    (+87.8%)     +302 B    (+46.0%)
moment-locale-cs            -1059 B    (-36.7%)     -313 B    (-26.8%)
moment-locale-ss             +999 B    (+65.8%)     +286 B    (+35.5%)
moment-locale-es             -936 B    (-42.7%)     -253 B    (-26.9%)
moment-locale-uz             +935 B    (+65.3%)     +310 B    (+43.7%)
moment-locale-ml             -927 B    (-38.5%)     -210 B    (-21.9%)
moment-locale-tlh            -925 B    (-43.2%)     -234 B    (-26.3%)
moment-locale-el             -910 B    (-36.6%)     -402 B    (-33.0%)
moment-locale-km             -907 B    (-39.1%)     -272 B    (-26.9%)
moment-locale-ur             +876 B    (+37.0%)     +415 B    (+40.7%)
moment-locale-es-do          -870 B    (-39.4%)     -212 B    (-22.4%)
moment-locale-sr             +858 B    (+66.4%)     +230 B    (+32.7%)
moment-locale-ro             +842 B    (+68.7%)     +282 B    (+39.6%)
moment-locale-mi             +842 B    (+57.0%)     +353 B    (+47.1%)
moment-locale-ko             +839 B    (+56.6%)     +277 B    (+37.8%)
moment-locale-it-ch          -834 B    (-39.0%)     -248 B    (-25.7%)
moment-locale-fo             +833 B    (+69.1%)     +280 B    (+42.4%)
moment-locale-eu             +832 B    (+60.4%)     +253 B    (+36.6%)
moment-locale-ms-my          +813 B    (+59.3%)     +248 B    (+34.3%)
moment-locale-nl-be          -807 B    (-40.5%)     -296 B    (-31.6%)
moment-locale-bo             -777 B    (-23.9%)      -23 B     (-2.1%)
moment-locale-pt-br          -760 B    (-36.8%)     -292 B    (-29.3%)
moment-locale-sr-cyrl        -735 B    (-36.3%)     -249 B    (-26.2%)
moment-locale-sk             -733 B    (-35.6%)     -155 B    (-18.0%)
moment-locale-et             +711 B    (+47.5%)     +178 B    (+23.2%)
moment-locale-pt             +695 B    (+53.2%)     +237 B    (+33.7%)
moment-locale-id             +668 B    (+49.5%)     +214 B    (+29.8%)
moment-locale-tzl            +656 B    (+44.1%)      +92 B    (+11.5%)
moment-locale-mn             +655 B    (+37.4%)      +49 B     (+5.4%)
moment-locale-tzm-latn       +632 B    (+53.2%)      +87 B    (+15.4%)
moment-locale-fi             -605 B    (-30.5%)     -202 B    (-22.6%)
moment-locale-fr             +594 B    (+42.8%)     +167 B    (+23.0%)
moment-locale-gom-latn       -590 B    (-30.0%)     -207 B    (-21.5%)
moment-locale-fa             -540 B    (-26.5%)     -172 B    (-18.3%)
moment-locale-he             -538 B    (-21.5%)     -127 B    (-11.7%)
moment-locale-ar-sa          -500 B    (-25.9%)     -239 B    (-26.0%)
moment-locale-ar-tn          +497 B    (+34.6%)     +241 B    (+35.4%)
moment-locale-sw             -491 B    (-19.5%)     -139 B    (-12.7%)
moment-locale-bm             +484 B    (+38.8%)     +280 B    (+44.1%)
moment-locale-pa-in          -468 B    (-19.0%)      -85 B     (-8.3%)
moment-locale-pl             +459 B    (+22.9%)      +82 B     (+8.7%)
moment-locale-ms             -435 B    (-19.9%)      -60 B     (-6.2%)
moment-locale-hr             +431 B    (+22.2%)     +198 B    (+22.5%)
moment-locale-bs             -427 B    (-21.6%)      -40 B     (-4.6%)
moment-locale-me             -425 B    (-18.3%)     -253 B    (-23.0%)
moment-locale-sl             -402 B    (-16.3%)     -130 B    (-13.1%)
moment-locale-ja             +392 B    (+25.6%)     +126 B    (+16.3%)
moment-locale-x-pseudo       +375 B    (+32.4%)     +172 B    (+28.7%)
moment-locale-vi             -375 B    (-24.5%)     -172 B    (-22.3%)
moment-locale-zh-hk          -350 B    (-20.0%)     -203 B    (-22.4%)
moment-locale-tzm            -334 B    (-18.3%)     +146 B    (+22.4%)
moment-locale-lo             -318 B    (-15.2%)      -84 B     (-8.6%)
moment-locale-sq             +312 B    (+14.5%)      +60 B     (+6.4%)
moment-locale-de-at          -306 B    (-20.8%)     -127 B    (-16.7%)
moment-locale-de             +298 B    (+20.4%)     +161 B    (+21.4%)
moment-locale-ky             -290 B    (-16.4%)     -159 B    (-17.8%)
moment-locale-lb             +279 B    (+15.4%)      +34 B     (+3.6%)
moment-locale-cy             +274 B    (+19.3%)      +52 B     (+6.8%)
moment-locale-da             +254 B    (+21.8%)     +128 B    (+20.2%)
moment-locale-sv             +237 B    (+18.5%)     +106 B    (+15.2%)
moment-locale-lt             -232 B    (-11.4%)     +130 B    (+16.0%)
moment-locale-jv             +221 B    (+16.8%)      +50 B     (+6.9%)
moment-locale-is             +212 B    (+11.0%)      +69 B     (+7.7%)
moment-locale-en-SG          +210 B    (+16.8%)      +57 B     (+8.3%)
moment-locale-mt             +197 B    (+16.8%)      +43 B     (+6.3%)
moment-locale-ca             +152 B     (+8.3%)      +20 B     (+2.3%)
moment-locale-lv             +149 B     (+7.9%)      -37 B     (-4.4%)
moment-locale-fr-ca          -149 B    (-11.0%)      -53 B     (-7.4%)
moment-locale-hi             +134 B     (+5.7%)      +12 B     (+1.1%)
moment-locale-fy             +132 B    (+10.5%)      +41 B     (+6.0%)
moment-locale-eo             -122 B     (-9.1%)      -67 B     (-9.1%)
moment-locale-dv             -103 B     (-6.5%)      -58 B     (-7.1%)
moment-locale-sd              -91 B     (-6.9%)      +11 B     (+1.6%)
moment-locale-hu              -78 B     (-3.9%)      -53 B     (-5.7%)
moment-locale-uz-latn         +74 B     (+5.5%)      -21 B     (-2.9%)
moment-locale-nb              -50 B     (-4.1%)      +34 B     (+5.3%)
moment-locale-it              +47 B     (+3.6%)       +0 B
moment-locale-yo              -45 B     (-3.2%)      +26 B     (+3.7%)
moment-locale-ga              -38 B     (-2.7%)      -45 B     (-5.9%)
moment-locale-en-il           +35 B     (+2.9%)      +19 B     (+2.8%)
moment-locale-gd              +34 B     (+2.5%)      +14 B     (+1.9%)
moment-locale-si              +29 B     (+2.2%)      +47 B     (+6.6%)
moment-locale-fr-ch           -19 B     (-1.4%)      -11 B     (-1.5%)
moment-locale-ar-kw           +19 B     (+1.3%)       +5 B     (+0.7%)
moment-locale-es-us           -17 B     (-0.8%)       -5 B     (-0.5%)
moment-locale-en-ca           +12 B     (+1.0%)      +12 B     (+1.8%)
moment-locale-en-ie           -11 B     (-0.9%)      -11 B     (-1.6%)

Locale data for moment.js. Unless you are upgrading the moment.js library, changes in these chunks are suspicious.

Legend

What is parsed and gzip size?

Parsed Size: Uncompressed size of the JS and CSS files. This much code needs to be parsed and stored in memory.
Gzip Size: Compressed size of the JS and CSS files. This much data needs to be downloaded over network.

Generated by performance advisor bot at iscalypsofastyet.com.

[sirreal]

I'm not really familiar with the wp dependency changes you were working on @sirreal. Do you think it would be fixed by adding it as a peer dependency?

This is interesting. @wordpress/components is used in FSE, but it's an externalized module in the bundled application? Then it's missing when it's imported for testing.

I would expect the module to deduplicate to the root, but this does highlight the fragility.

Let's not use a peer dependency for this, that's not a good fit for app dependencies.

You could argue that this is a development dependency on @wordpress/components in @automattic/full-site-editing. However, development dependencies are only for the root, so we'd create a root development dependency (and dev/non-dev dependency distinction in the root looses meaning). A root dev dependency on @wordpress/components seems odd.

Instead, I'd say that @automattic/full-site-editing should declare the externalized dependencies it depends on.

What do you think?

I was not able to fix this error by adding @wordpress/components to the FSE app package.json. I am able to fix this issue by adding @wordpress/components as a normal dependency in the root package.json. (But that does not appear to be our approach for other wp dependencies :))

This is pretty concerning… did you npm install? Repeatedly? cc: @blowery

[jsnajdr]

Apps and packages should be able to install their own versions. Duplication between apps isn't an issue, duplication within a single app is.

@sirreal As you found out, this is not true and my earlier answer was wrong.

A duplicate version of @wordpress/data gets installed into packages/data-stores/node_modules and because of symlinks, that directory is also accessible as client/node_modules/@automattic/data-stores/node_modules. Therefore, there are two versions of the package under client/, if you follow symlinks.

[sirreal]

Rebased, added webpack alias to client, more installing, updating and deduping of dependencies.

[jsnajdr]

@wordpress/data continues to duplicate as a transitive dependency as @jsnajdr foresaw.

Maybe there is a solution: in root package.json, change the order of dependencies so that ./client is first and ./packages/data-stores second.

Then the pinned dependencies inside ./client will be installed first and all the other packages and apps will be installing on top of them.

We have a convention to sort the dependencies alphabetically, but I'm not sure where this is coming from. Internally, NPM iterates through Object.keys( package.dependencies ) without sorting them. Maybe NPM sorts the dependencies when writing an updated package.json after npm install of a new module?

Other than this, I don't think that NPM gives us any options how to ensure the tree is always installed the way we want it, without duplicates.

[sirreal]

@jsnajdr How do you feel about the webpack alias as a solution here? I'm tempted to add another for @wordpress/i18n and @wordpress/api-fetch. These (and others) will be broken and unpredictable it they don't come from a single module 😩

[noahtallen]

Holy cow this seems like a nightmare. Will yarn solve these problems?

#39508 looks good to me if it helps to get it in for this branch.

[jsnajdr]

How do you feel about the webpack alias as a solution here?

It's an ugly band-aid but yes, it solves the issue and we already use a webpack alias for deduping debug.

[sirreal]

This is working well in my testing in gutenboarding. I'd like to move ahead with it.

Addressed

[noahtallen]

Seems to be fine from the FSE side of things :)

[sirreal]

Maybe there is a solution: in root package.json, change the order of dependencies so that ./client is first and ./packages/data-stores second.

Then the pinned dependencies inside ./client will be installed first and all the other packages and apps will be installing on top of them.

[…] Maybe NPM sorts the dependencies when writing an updated package.json after npm install of a new module?

This is a good idea, but seems like another fragile solution. I do believe npm will sort the dependencies on any subsequent install, and relying on this sort of undocumented implementation detail seems risky.

[jsnajdr]

This is a good idea, but seems like another fragile solution.

Here's another solution: declare the pinned dependencies in the root package.json. I think that will work, and I believe it's not a hack, but a correct solution even from the "philosophical" angle 🙂

When pinning a dependency, we want to pin it for the whole monorepo, i.e., for the whole wp-calypso/node_modules tree. Pinning it in individual packages, even apps like client/, doesn't really make sense and is unreliable. Individual packages' dependencies should be loose, declared with ^.

If the root package.json declares a dependency, it's not because it uses it (the root package is empty, it doesn't really use anything), but because it wants to pin it to a certain version for the whole node_modules tree.

If an individual package declares a dependency, it's because it wants to use it. And the individual package almost never really needs a specific version. Declaring the expected API version (i.e., what ^x.y.z does) is always enough.

That applies to dependencies, but devDependencies are similar -- only they are all already collapsed (hoisted) into the root package.json.

Renovate's job is then a bit simpler: it will always change versions in root package.json, and the package.json files in subfolders need to be updated only when the ^ specifier no longer matches (i.e., on major updates)

Does that make sense? @blowery @sirreal @sgomes

[sgomes]

I don't have any objection to pinning on the root, and agree that it's probably the best option both from a practical and philosophical point of view. The root isn't a real project, but rather an aggregator, and as such its job is to make sure everything works together 👍

[sirreal]

That seems like a solution worth trying. Do these sound like the criteria for moving to root dependency:

• client or apps/* dependency
• should only have a single instance
  • react
  • ?? react-dom
  • @wordpress/i18n
  • @wordpress/data
  • @wordpress/api-fetch

[jsnajdr]

Do these sound like the criteria for moving to root dependency:

I think the criteria are even broader: every dependency that's pinned and managed by Renovate should be declared in root. Otherwise, pinning is not reliable.

Even when the package is side-effect-free and innocent, like, say left-pad, we still want controlled updates and having just a single instance bundled.

If packages/data-stores requires left-pad@^1.2.3, the client/ requires (pinned) left-pad@1.2.3, and the latest version is left-pad@1.9.9, then NPM:

• installs packages/data-stores subtree first and puts left-pad@1.9.9 into root node_modules
• installs client/ subtree second and puts left-pad@1.2.3 into client/node_modules. The root slot is already occupied by an incompatible version.

Then the Calypso bundle ships two versions of left-pad, and the upgrade to 1.9.9 sneaks in without being vetted in a Renovate PR.