-
Notifications
You must be signed in to change notification settings - Fork 4
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
build(854): switch frontend package manager from yarn to npm #1538
Conversation
a5f2954
to
ad9ad26
Compare
ad9ad26
to
581a6bf
Compare
Codecov Report
@@ Coverage Diff @@
## raft-tdp-main #1538 +/- ##
==============================================
Coverage 97.58% 97.58%
==============================================
Files 80 80
Lines 1901 1901
Branches 249 249
==============================================
Hits 1855 1855
Misses 22 22
Partials 24 24
Flags with carried forward coverage won't be shown. Click here to find out more. Continue to review full report at Codecov.
|
@ADPennington what is the QASP review status of this? This PR is blocking #1506 #1511 #1551 #1460 |
f269355
to
c0d2c68
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
thanks @jorgegonzalez 🚀
Some notes:
During the tabletop for this PR, we discussed the new "security vulnerabilities" that are being reported from npm audit
(by way of npm ci
) as part of the frontend build.
npm audit
results can be unreliable (ref), and it is unclear why running this report locally yields inconsistent results. So, we decided that these results should be suppressed, since we rely on Dependabot for dependency management and, this tool is sourced by the same dB (ref). So we should get the same information (if it is valid) via the Security tab of this repo. This suppression is accounted for with the merge of this PR. cc: @abottoms-coder @lfrohlich
Good point on the GitHub Advisories db being the same as the npm audit one 👍 |
Summary of Changes
Provide a brief summary of changes
Pull request closes #854
Acceptance criteria as stated in the issue
How to Test
List the steps to test the PR
These steps are generic, please adjust as necessary.
npm install
andnpm test
in the local frontend directory and ensure they succeed gracefullyDeliverable 1: Accepted Features
As Product Owner, @lfrohlich will decide if ACs are met.
Deliverable 2: Tested Code
Deliverable 3: Properly Styled Code
Deliverable 4: Accessible
n/a
Deliverable 5: Deployed
Deliverable 6: Documented
Deliverable 7: Secure
no new issues detected
Deliverable 8: Context