Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-72440

Rebuild npm-shrinkwrap.json (to fix some small inconsistencies)

    XMLWordPrintable

Details

    • Bug
    • Status: Closed
    • Minor
    • Resolution: Fixed
    • 3.9.9, 3.10.6, 3.11.2, 4.0
    • 3.9.10, 3.10.7, 3.11.3
    • General, JavaScript
    • MOODLE_310_STABLE, MOODLE_311_STABLE, MOODLE_39_STABLE, MOODLE_400_STABLE
    • MOODLE_310_STABLE, MOODLE_311_STABLE, MOODLE_39_STABLE
    • MDL-72440_311
    • Hide

      Devs don't need to use npm install normally, a simple npm ci should, always, lead to consistent and stable stuff installed, ready to run everything in "gruntland".

      Show
      Devs don't need to use npm install normally, a simple npm ci should, always, lead to consistent and stable stuff installed, ready to run everything in "gruntland".
    • Hide

      Really there aren't any package changes with this issue, so no feature testing is needed. So just:

      1. Delete node_modules dir: rm -fr node_modules
      2. Remove npm caches: npm cache clear --force
      3. Run npm install, once it finishes and, apart from any warning, audit results:
        1. Verify that there aren't changes to the npm-shrinkwrap.json file
        2. Execute grunt and verify that it runs all tasks ok: npx grunt
      Show
      Really there aren't any package changes with this issue, so no feature testing is needed. So just: Delete node_modules dir: rm -fr node_modules Remove npm caches: npm cache clear --force Run npm install , once it finishes and, apart from any warning, audit results: Verify that there aren't changes to the npm-shrinkwrap.json file Execute grunt and verify that it runs all tasks ok: npx grunt

    Description

      Few days ago (MDL-72014) a good number of nodejs stuff was updated.

      At the time of rebuilding the lock file (npm-shrinkwrap.json) it all was apparently ok and stable. But it has started to generate some changes to the lock file when npm install is used. These are the changes:

      diff --git a/npm-shrinkwrap.json b/npm-shrinkwrap.json
      index 8b75c7b79c1..758fb023909 100644
      --- a/npm-shrinkwrap.json
      +++ b/npm-shrinkwrap.json
      @@ -311,7 +311,8 @@
               },
               "lodash": {
                 "version": "4.17.15",
      -          "resolved": "",
      +          "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.15.tgz",
      +          "integrity": "sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A==",
                 "dev": true
               }
             }
      @@ -1304,7 +1305,8 @@
               },
               "lodash": {
                 "version": "4.17.15",
      -          "resolved": "",
      +          "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.15.tgz",
      +          "integrity": "sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A==",
                 "dev": true
               }
             }
      @@ -1394,7 +1396,8 @@
               },
               "lodash": {
                 "version": "4.17.15",
      -          "resolved": "",
      +          "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.15.tgz",
      +          "integrity": "sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A==",
                 "dev": true
               }
             }
      

      It seems that the "lodash" package has got some integrity checks that was missing last week. I've looked for more cases in the lock file and that's the unique one.

      So this issue is about to:

      Attachments

        Issue Links

          Activity

            People

              stronk7 Eloy Lafuente (stronk7)
              stronk7 Eloy Lafuente (stronk7)
              Sara Arjona (@sarjona) Sara Arjona (@sarjona)
              Jun Pataleta Jun Pataleta
              Jun Pataleta Jun Pataleta
              Adrian Greeve, Jake Dallimore, Mathew May, Mihail Geshoski, Andrew Lyons, Huong Nguyen, Jun Pataleta, Michael Hawkins, Shamim Rezaie, Simey Lameze, Stevani Andolo
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:
                13/Sep/21

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 1 hour, 41 minutes
                  1h 41m