web: Update Deprecated NPM Packages#18335
Conversation
✅ Deploy Preview for authentik-docs canceled.
|
✅ Deploy Preview for authentik-storybook ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
✅ Deploy Preview for authentik-integrations canceled.
|
| dispatcher.addEventListener("esbuild:error", listener); | ||
| dispatcher.addEventListener("esbuild:end", listener); | ||
|
|
||
| const keepAliveInterval = setInterval(() => { |
There was a problem hiding this comment.
Fixes linter error about variable hoisting
| "no-func-assign": "error", | ||
| "no-implied-eval": "error", | ||
| "no-implicit-coercion": "error", | ||
| "no-implicit-coercion": ["error", { allow: ["!!"] }], |
There was a problem hiding this comment.
This is more consistent with the usage we use in web where the rule is disabled.
| * ESLint configuration for JavaScript authentik projects. | ||
| */ | ||
| export const javaScriptConfig = tseslint.config({ | ||
| export const javaScriptConfig = defineConfig({ |
There was a problem hiding this comment.
Fixes TSLint's warning about the deprecated config helper.
| { | ||
| ignores: ignorePatterns, | ||
| languageOptions: { | ||
| parserOptions, |
There was a problem hiding this comment.
Allows consumer of this package to provide a root directory to resolve types. This allows VS Code's ESLint extension to correctly report errors.
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #18335 +/- ##
==========================================
+ Coverage 92.71% 92.97% +0.25%
==========================================
Files 894 894
Lines 48920 48920
==========================================
+ Hits 45356 45482 +126
+ Misses 3564 3438 -126
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
| "@goauthentik/prettier-config": "../prettier-config", | ||
| "@goauthentik/tsconfig": "../tsconfig", |
There was a problem hiding this comment.
*-config packages are published without developer dependencies, allowing us to avoid a hard version here. This also fixes an timing issue when attempting to bump the version of multiple packages at the same time.
| @@ -0,0 +1,17 @@ | |||
| /** | |||
There was a problem hiding this comment.
This technically isn't used, but it is a transitive dependency of rapidoc via Swagger API. The original package is a linchpin for several legacy dependencies which are either no longer in use, or have a more recent patch without reported vulnerabilities.
|
authentik PR Installation instructions Instructions for docker-composeAdd the following block to your AUTHENTIK_IMAGE=ghcr.io/goauthentik/dev-server
AUTHENTIK_TAG=gh-2c02f853270d0e472f8fd2d3804d263a20df0995
AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)sAfterwards, run the upgrade commands from the latest release notes. Instructions for KubernetesAdd the following block to your authentik:
outposts:
container_image_base: ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s
global:
image:
repository: ghcr.io/goauthentik/dev-server
tag: gh-2c02f853270d0e472f8fd2d3804d263a20df0995Afterwards, run the upgrade commands from the latest release notes. |
Details
This PR upgrades several long-standing packages which report outdated and deprecation warnings during installation.
Web packages
SFE Rollup
FormDatapolyfill package has been vendored to remove several warnings about dependencies which the author needed to build the package. The code executed during runtime is quite small.rollup-plugin-copywith Node's built-infsAPI. We're only copying a single Bootstrap.css file so this was pretty painless.Lex (QL Search)
This package has been marked as deprecated but is required for our QL search. Lex is quite small and has been vendored into a single JS file.
*-configpackagesOur shared config files for ESLint, Prettier, and TypeScript have had all their peer dependencies bumped to the latest ranges, allowing Dependabot's PRs to work again.
Additionally, each of these dependencies now supports linting and formatting before publishing.
E2E Test Dependencies
The diamond-shaped dependency graph of ESBuild, Vitest, Storybook, and Playwright has been detangled, for now. ESBuild's sub-zero package numbers continues to make this a recurring issue, but this gets us on the latest everything.