-
Notifications
You must be signed in to change notification settings - Fork 3.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
refactor(deps)!: remove swagger-ui-react
#13818
refactor(deps)!: remove swagger-ui-react
#13818
Conversation
swagger-ui-react
if swagger ui is removed from each operator's server should there be an entry in breaking changes/upgrading guide? |
It is breaking, so we could, although the UI itself tells you what to do and there is no upgrade instruction otherwise. The impacted UI page having a message for a deprecation window for the Archived List UI could have made sense too, i.e. a better option than #13371 I'm inclined to agree and note it in this case, although we do want to be careful about making the UI a "breakable" surface area and where to draw boundaries as it's not quite the same as the schema / API / etc "Public API" (also I noticed metrics are missing there) but rather a consumer of those. |
Could this be added to |
- replace with a versioned link to the Swagger UI in the Docs - and downloads of the current API spec and JSON schema to use your exact version locally - Note: the `download` doesn't seem to be working in my browser for some reason... Signed-off-by: Anton Gilgur <[email protected]>
- could leave them as-is, but they seem to be intended for use with the Swagger UI Signed-off-by: Anton Gilgur <[email protected]>
- client auth and access tokens are already described in other pages, can remove these and just link - remove bullet about interactive usage in the UI - update bullet about the swagger reference as it is always up-to-date (it pulls from `main`) and can be versioned now as well Signed-off-by: Anton Gilgur <[email protected]>
- shaves off a ton from the bundle (2nd biggest dep, only after Monaco Editor) - resolves CVEs that were specific to Swagger UI's deps by just removing them entirely Signed-off-by: Anton Gilgur <[email protected]>
Signed-off-by: Anton Gilgur <[email protected]>
Signed-off-by: Anton Gilgur <[email protected]>
Signed-off-by: Anton Gilgur <[email protected]>
51e58b3
to
d706239
Compare
Added an upgrading note in d706239 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, thanks for sorting this one
@agilgur5, could you resolve the conflicts and then we can merge and cut a 3.6.0-rc4 with this in? |
@Joibel I can take this over if you'd like, though I don't have access to push to https://github.com/agilgur5/argo-workflows/tree/refactor-remove-swagger-ui (which I'm assuming I'll get when my membership request goes through). I'm assuming the best way forward is to create a new PR with a branch forked from https://github.com/agilgur5/argo-workflows/tree/refactor-remove-swagger-ui. Does that sound reasonable? |
It requires write access on GH to push to PR, or Approver in Argoproj terms. I just added you as a collaborator to my fork for simplicity
Otherwise that would be the general process that has been done in the past and tends to be an easy way to give proper attribution |
Signed-off-by: Mason Malone <[email protected]>
@agilgur5 Thanks! It works, and I resolved the conflicts |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks!
Partial fix for #13410 -- see #13821 for the other half to downgrade
react
that is a pure fix (vs this is a breaking change that is sizeable in its own right)Replaces #13069 to resolve CVEs by just removing
swagger-ui-react
entirelyMotivation
Removes the Swagger UI entirely from the UI as it is a gigantic dep (2nd largest only behind Monaco Editor) and often has vulnerable dependencies that are difficult to resolve without affecting other deps. According to #12061, this would shave off ~2MB / 826KB minified / 250KB gzipped from the UI bundle and will also speed up builds and installs as such.
It also no longer necessary to have in the UI as there is a Swagger UI in the docs after #10923 and the docs are versioned after #11390
Modifications
swagger-ui-react
dep@types/swagger-ui-react
devDep/apidocs
UI page with a few links: download the OpenAPI / Swagger spec, download the JSON schema, and go to the Swagger UI in the versioned documentationZeroState
component same as other pages, namely the Plugins pagetarget='blank'
andrel='noreferrer'
consistent with existing links in the UIDocs update
update and simplify REST API page
main
) and can be versioned now as wellVerification
Manually tested and confirmed the page works as intended. Screenshot of new API docs page:
Future Work
main