search

Budibase / budibase

Low code platform for building business apps and workflows in minutes. Supports PostgreSQL, MySQL, MariaDB, MSSQL, MongoDB, Rest API, Docker, K8s, and more 🚀
https://budibase.com
Other
22.84k stars 1.58k forks source link

The yarn.lock file of @budibase/server shows dependencies that have been removed. #10113

Closed zhengtulymGh closed 1 year ago

zhengtulymGh commented 1 year ago

@budibase/server relies on @budibase/backend-core. I have already removed bcrypt "5.0.1" in @budibase/backend-core. Why does the yarn.lock file of @budibase/server still show a dependency onbcrypt "5.0.1" when I execute lerna bootstrap -- --production --no-optional && lerna link?`

I have already tried deleting the yarn.lock file and running yarn clean", then executing "lerna bootstrap -- --production --no-optional && lerna link, but the problem still occurs.

system: MacOS Monterey 12.2.1 node: v16.19.1 lerna: v6.5.1 yarn: v1.22.19

dependencies of @budibase/backend-core

{
    "@budibase/types": "^1.3.11",
    "@shopify/jest-koa-mocks": "5.0.1",
    "@techpass/passport-openidconnect": "0.3.2",
    "aws-sdk": "2.1030.0",
    "dotenv": "16.0.1",
    "emitter-listener": "1.1.2",
    "ioredis": "4.28.0",
    "joi": "17.6.0",
    "jsonwebtoken": "8.5.1",
    "koa-passport": "4.1.4",
    "lodash": "4.17.21",
    "lodash.isarguments": "3.1.0",
    "node-fetch": "2.6.7",
    "passport-google-auth": "1.0.2",
    "passport-google-oauth": "2.0.0",
    "passport-jwt": "4.0.0",
    "passport-local": "1.0.0",
    "passport-oauth2-refresh": "^2.1.0",
    "posthog-node": "1.3.0",
    "pouchdb": "7.3.0",
    "pouchdb-adapter-memory": "7.2.2",
    "pouchdb-find": "7.2.2",
    "pouchdb-replication-stream": "1.2.9",
    "redlock": "4.2.0",
    "sanitize-s3-objectkey": "0.0.1",
    "semver": "7.3.7",
    "soap": "^0.45.0",
    "tar-fs": "2.1.1",
    "uuid": "8.3.2",
    "winston": "^3.8.1",
    "winston-daily-rotate-file": "^4.7.1",
    "zlib": "1.0.5"
}

dependencies of @budibase/server

{
        "@apidevtools/swagger-parser": "10.0.3",
        "@budibase/backend-core": "^1.3.11",
        "@budibase/client": "^1.3.11",
        "@budibase/pro": "1.3.11",
        "@budibase/string-templates": "^1.3.11",
        "@budibase/types": "^1.3.11",
        "@bull-board/api": "3.7.0",
        "@bull-board/koa": "3.9.4",
        "@elastic/elasticsearch": "7.10.0",
        "@koa/router": "8.0.0",
        "@sendgrid/mail": "7.1.1",
        "@sentry/node": "6.17.7",
        "@vivo/ks3": "^0.4.1",
        "airtable": "0.10.1",
        "arangojs": "7.2.0",
        "aws-sdk": "2.1030.0",
        "bull": "4.8.5",
        "chmodr": "1.2.0",
        "crypto": "^1.0.1",
        "csvtojson": "2.0.10",
        "curlconverter": "^3.21.0",
        "dayjs": "^1.10.5",
        "docker-compose": "0.23.6",
        "dotenv": "8.2.0",
        "download": "8.0.0",
        "elastic-apm-node": "3.38.0",
        "fix-path": "3.0.0",
        "fs-extra": "8.1.0",
        "global-agent": "3.0.0",
        "ioredis": "4.28.0",
        "is-wsl": "^2.2.0",
        "jimp": "0.16.1",
        "joi": "17.6.0",
        "js-yaml": "4.1.0",
        "jsonschema": "1.4.0",
        "knex": "0.95.15",
        "koa": "2.7.0",
        "koa-body": "4.2.0",
        "koa-compress": "4.0.1",
        "koa-connect": "2.1.0",
        "koa-pino-logger": "3.0.0",
        "koa-send": "5.0.0",
        "koa-session": "5.12.0",
        "koa-static": "5.0.0",
        "koa2-ratelimit": "1.1.1",
        "lodash": "4.17.21",
        "memorystream": "0.3.1",
        "mongodb": "3.6.3",
        "mssql": "6.2.3",
        "mysql2": "2.3.3",
        "node-fetch": "2.6.7",
        "open": "8.4.0",
        "pg": "8.5.1",
        "pino-pretty": "4.0.0",
        "posthog-node": "1.3.0",
        "pouchdb": "7.3.0",
        "pouchdb-adapter-memory": "7.2.2",
        "pouchdb-all-dbs": "1.0.2",
        "pouchdb-find": "7.2.2",
        "pouchdb-replication-stream": "1.2.9",
        "redis": "4",
        "request": "^2.88.2",
        "server-destroy": "1.0.1",
        "snowflake-promise": "^4.5.0",
        "svelte": "3.49.0",
        "swagger-parser": "10.0.3",
        "to-json-schema": "0.2.5",
        "uuid": "3.3.2",
        "validate.js": "0.13.1",
        "vm2": "3.9.6",
        "worker-farm": "1.7.0",
        "xml2js": "0.4.23",
        "yargs": "13.2.4",
        "zlib": "1.0.5"
    }

yarn.lock of @budibase/server

"@budibase/backend-core@1.3.11":
  version "1.3.11"
  resolved "http://npm.vivo.com.cn/@budibase%2fbackend-core/-/backend-core-1.3.11.tgz#ecd2125a97d7edd8c290caea659af01b08d456f7"
  integrity sha512-JwZlHml5E4BCSRc94dUvM88ZWb6ZKogdaws366XQy0aa70z7M191LpsPP3x3mKZDg4H2hNNv2k4mQZBQBv0l8A==
  dependencies:
    "@budibase/types" "^1.3.11"
    "@shopify/jest-koa-mocks" "5.0.1"
    "@techpass/passport-openidconnect" "0.3.2"
    aws-sdk "2.1030.0"
    bcrypt "5.0.1"
    dotenv "16.0.1"
    emitter-listener "1.1.2"
    ioredis "4.28.0"
    joi "17.6.0"
    jsonwebtoken "8.5.1"
    koa-passport "4.1.4"
    lodash "4.17.21"
    lodash.isarguments "3.1.0"
    node-fetch "2.6.7"
    passport-google-auth "1.0.2"
    passport-google-oauth "2.0.0"
    passport-jwt "4.0.0"
    passport-local "1.0.0"
    passport-oauth2-refresh "^2.1.0"
    posthog-node "1.3.0"
    pouchdb "7.3.0"
    pouchdb-find "7.2.2"
    pouchdb-replication-stream "1.2.9"
    redlock "4.2.0"
    sanitize-s3-objectkey "0.0.1"
    semver "7.3.7"
    tar-fs "2.1.1"
    uuid "8.3.2"
    zlib "1.0.5"
mike12345567 commented 1 year ago

Hi @zhengtulymGh - the yarn.lock file is auto-generated based on all the dependencies that will need to be installed to make the package function, this includes dependents of dependents. If you look into the server's node_modules you'll find bcrypt has been installed and is in use - this is expected behaviour for the yarn.lock file.