Every minor release we update dependencies to get the latest fixes and improvements. We do this early in the release cycle so that we have some more time to find regressions and issues. This is done on all folders with a package.json, including:
git checkout master && git pull
- get the latest codegit checkout -b "<issue>-update-dendencies"
- make a branchThen for each folder go through these steps.
npm ci
- update your local node_modules to match expectednpm outdated
- report on any dependencies which aren’t at the latestnpm install --save[-dev] package@version
- install the latest version (be careful and read the release notes if the new version is a major change from the current)npm dedupe
- remove duplicated dependenciesnpm audit fix
- automatically fix any nested dependencies with vulnerabilitiesnpm audit
- get a report on any remaining vulnerabilities and manually scan it to see if there’s anything else you can doapi/enketo-xslt
is the same as webapp/enketo-core/enketo-transformer/enketo-xslt
.webapp/jquery
is the same as webapp/enketo-core/jquery
.If npm ci
errors with “errno -17” in shared-libs you may need to manually remove the nested dependencies from the package-lock.json. This needs move investigation to work out why this is happening.
If you get TypeError: "$(...).select2 is not a function"
then either:
run dedupe
to remove the enketo-core copy.Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.