You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Deprecated Packages Several packages such as @lerna/package, @lerna/project, and @lerna/validation-error are marked as deprecated. Using deprecated packages can lead to future compatibility issues and lack of support. Consider finding alternatives or updating to supported versions if available.
Engine Restrictions Some packages have specific engine restrictions, such as node_modules/@testing-library/dom which requires node version >=18. This could potentially limit the project's compatibility with certain Node.js versions. Ensure that these restrictions align with the project's deployment environments.
Peer Dependencies Multiple packages have been added with the peer: true flag, indicating they are peer dependencies. This setup requires the consuming projects to have these dependencies installed. It's crucial to document these requirements or reconsider if they should be direct dependencies instead.
Replace deprecated package with a supported alternative
It's recommended to avoid using deprecated packages as they may not receive updates or security patches. The package @lerna/package is marked as deprecated. Consider finding an alternative package or verify if a newer, supported version is available.
-"deprecated": "Package no longer supported. Contact Support at https://www.npmjs.com/support for more info."+"deprecated": false
Suggestion importance[1-10]: 8
Why: The suggestion correctly identifies the use of a deprecated package, which is a significant issue as it may not receive updates or security patches. Replacing it with a supported alternative is important for maintaining the security and stability of the project.
8
Ensure correct setting of the dev property for production dependencies
The dev property is set to true for the @lerna/project package, which might not be intended for production dependencies. If this package is required for production, consider setting dev to false.
Why: The suggestion addresses a potential issue where a package might be incorrectly marked as a development dependency. Ensuring the correct setting of the dev property is important for proper dependency management, especially in production environments.
7
Enhancement
Broaden the node version compatibility in the engines field
The engines field for @testing-library/dom specifies a node version that is too restrictive ("node": ">=18"). This could lead to compatibility issues with projects using an earlier version of node. Consider supporting a wider range of node versions.
Why: The suggestion to broaden the node version compatibility is valid as it can prevent compatibility issues for users with earlier node versions. However, the decision to support older versions should be balanced with the need for newer features and security updates.
6
Best practice
Pin the graphql dependency to an exact version to ensure stability
The version of graphql added is specified with a caret (^), which allows minor updates. Given the critical nature of this dependency, consider pinning it to an exact version to avoid unexpected issues from automatic updates.
Why: Pinning the graphql dependency to an exact version can help avoid unexpected issues from automatic updates. However, this suggestion is more of a best practice rather than a critical change, as it limits the ability to receive minor updates that may include important fixes.
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
bh2smith
requested review from
GAllen98,
marcelokunze,
tifrel,
SurgeCode,
sainthiago,
microchipgnu,
nategeier,
Jxnis and
rubenmarcus
as code owners
mintbase-codium-pr-agent
bot
added
enhancement
User description
Ideally this resolve the missing peer dependency issue experienced in bh2smith/neareth-tunnel#10
Closes #549
PR Type
enhancement, dependencies
Description
graphqlas a direct dependency to resolve missing peer dependency issues.@mintbase-js/sdkfrom version 0.6.2 to 0.6.5 to ensure compatibility and improvements.@lerna/package,@lerna/project, and@testing-library/domto support development and testing.graphqlversion from 16.8.1 to 16.9.0 for better performance and features.Changes walkthrough 📝
package-lock.json
Update dependencies and add `graphql` as a direct dependencypackage-lock.json
graphqlas a direct dependency.@mintbase-js/sdkfrom version 0.6.2 to 0.6.5.@lerna/package,@lerna/project, and@testing-library/dom.graphqlversion from 16.8.1 to 16.9.0.package.json
Add `graphql` as a direct dependency in package.jsonpackages/data/package.json
graphqlas a direct dependency.@mintbase-js/sdkfrom version 0.6.2 to 0.6.5.