Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[IDS-5273] Chore: Update deps to ensure using core-js 3.x #399

Merged
merged 6 commits into from
Jan 13, 2025
Merged

[IDS-5273] Chore: Update deps to ensure using core-js 3.x #399

merged 6 commits into from
Jan 13, 2025

Conversation

sauntimo
Copy link
Contributor

@sauntimo sauntimo commented Jan 6, 2025
edited
Loading

Warning

this build produces a static asset which is too big to deploy using the extensions deployment tool and will be fixed in the next PR to update the fsevents dependency. Don't roll back to this version.

✏️ Changes

  • We don't use core-js as a top level dependency but it is a sub-dependency a few times over, and in particular through babel.
  • I've used npm overrides to force babel-runtime, @babel/runtime and @babel/runtime-corejs2 to use @babel/runtime-corejs3, and to override any other usage of core-js to [email protected]
  • I've removed several babel plugins in favour of @babel/preset-env which includes them
  • A couple of other dependencies are updated to avoid outdated version of core-js
  • a few "browserfiy" dependencies are removed in favour of node-polyfill-webpack-plugin which is easier than managing them all separately.
  • Note that I pushed a commit to https://github.com/auth0-extensions/auth0-extensions-cli/tree/hacky-fix which you will need to npm link to build the extension.
  • note, this fixes the socket.dev issue that the previous 2.x version of core-js is deprecated. It does not fix the socket.dev issue that core-js uses install scripts, because the most recent version still does.

🔗 References

🎯 Testing

  • ✅ 40/40 integration tests passing against a layer0 dev space
  • ✅ 145/145 unit tests passing locally
  • ✅ installed in a prod tenant (eu2) and smoke test manually using demozero extensions page

🚀 Deployment

✅ This can be deployed any time

🎡 Rollout

In order to verify that the deployment was successful we will test in a prod space both before and after we make this version available to customers.

🔥 Rollback

If there are issues with this version we will follow the disaster recovery plan for the authz extension.

@sauntimo sauntimo added the dependencies Pull requests that update a dependency file label Jan 6, 2025
@sauntimo sauntimo self-assigned this Jan 6, 2025
@sauntimo sauntimo mentioned this pull request Jan 10, 2025
Merged
fbgoode
fbgoode approved these changes Jan 10, 2025
View reviewed changes
Copy link

@fbgoode fbgoode left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, did exploratory testing in dev space

@sauntimo sauntimo marked this pull request as ready for review January 13, 2025 09:05
@sauntimo sauntimo merged commit 24014d1 into master Jan 13, 2025
4 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fbgoode fbgoode fbgoode approved these changes

Assignees

@sauntimo sauntimo

Labels
dependencies Pull requests that update a dependency file security
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@sauntimo @fbgoode