[wp-trac] [WordPress Trac] #57657: Update/Audit NPM Dependencies for 6.3

WordPress Trac noreply at wordpress.org
Thu Jul 20 17:40:08 UTC 2023 

#57657: Update/Audit NPM Dependencies for 6.3
-------------------------------------+---------------------
 Reporter:  desrosj                  |       Owner:  (none)
     Type:  task (blessed)           |      Status:  closed
 Priority:  normal                   |   Milestone:  6.3
Component:  Build/Test Tools         |     Version:
 Severity:  normal                   |  Resolution:  fixed
 Keywords:  has-patch needs-refresh  |     Focuses:
-------------------------------------+---------------------
Changes (by desrosj):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 @tanjimtc71 Apologies that your pull request did not get the attention it
 needed for 6.3. There are still some outdated dependencies in the 6.3
 branch (including the ones addressed in the PR and mentioned above), but
 looking at what they are, I don't feel strongly enough to update them
 during RC. I'm going to close this out and we can circle back to them in
 #58863.

 One rule of thumb to keep in mind for the future. There are currently two
 types of dependencies for WordPress: ones that are used in the build
 processes and development tools (`cssnano`, `dotenv`, `grunt-contrib-
 clean`, etc.), and ones that include an external library that is processed
 within the build process (polyfills such as `imagesloaded`, `moment`,
 `jquery`, etc.).

 Updates for the former are usually handled here because their impact on
 the built software that's eventually released to the world is typically
 minimal to zero. Updates to the latter are usually handled in either
 individual separate tickets (such as #58083 for `jquery` or #56731 for
 `imagesloaded`), or a separate overarching ticket for updating lesser used
 ones (such as #56670 or #57646). External library updates like these
 usually require more visibility since updates could potentially impact
 3rd-party code.

 #56658 will also be addressing the problems with NodeJS version
 constraints (requiring 16.x+) in the next few weeks, so dependencies can
 be updated more comprehensively after that.

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/57657#comment:11>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list