Upgrade strong-globalize to the latest version

[bajtos]

In a typical application, there are multiple versions (and copies) of strong-globalize in the dependency tree.

Take our examples/todo as an example:

$ npm ls strong-globalize
@loopback/example-todo@2.0.0 /private/tmp/loopback4-example-todo
├─┬ @loopback/repository@1.19.1
│ └─┬ loopback-datasource-juggler@4.18.1
│   ├─┬ loopback-connector@4.10.1
│   │ └── strong-globalize@5.0.5  deduped
│   └── strong-globalize@5.0.5
├─┬ @loopback/rest@2.0.0
│ └─┬ strong-error-handler@3.4.0
│   └── strong-globalize@5.0.5  deduped
└─┬ loopback-connector-rest@3.6.0
  └── strong-globalize@4.1.3

At the moment, require('strong-globalize') is taking about 0.3s (see https://github.com/strongloop/strong-globalize/issues/158). Every copy of the module adds another 1/3 of a second to the application load time.

Let's upgrade strong-globalize to the latest version in LB modules maintained by StrongLoop (unless they are in Active or Maintenance LTS mode).

Acceptance criteria

• [ ] Figure out a solution for the node version's compatibility first, see comment https://github.com/strongloop/loopback-next/issues/4585#issuecomment-584802077

• [ ] Check the following packages and update strong-globalize dependency if needed. The list is based on https://github.com/strongloop-internal/scrum-apex/issues/372:

Connectors

• [x] loopback-connector
• [ ] loopback-connector-cassandra
• [x] loopback-connector-cloudant
• [x] loopback-connector-couchdb2 https://github.com/strongloop/loopback-connector-couchdb2/pull/75
• [x] loopback-connector-dashdb
• [x] loopback-connector-db2
• [ ] loopback-connector-db2iseries
• [ ] loopback-connector-db2z
• [x] loopback-connector-ibmi
• [ ] loopback-connector-grpc
• [ ] loopback-connector-informix
• [x] loopback-connector-jsonrpc
• [ ] loopback-connector-kv-extreme-scale
• [ ] loopback-connector-kv-redis
• [x] loopback-connector-mongodb
• [ ] loopback-connector-mqlight
• [x] loopback-connector-mssql
• [x] loopback-connector-mysql
• [x] loopback-connector-oracle
• [x] loopback-connector-postgresql https://github.com/strongloop/loopback-connector-postgresql/pull/426
• [x] loopback-connector-remote
• [x] loopback-connector-rest
• [x] loopback-connector-soap
• [x] loopback-connector-swagger
• [x] loopback-connector-openapi
• [x] loopback-connector-zosconnectee
• [x] loopback-connector-jsonrpc
• [x] loopback-connector

Others

• [ ] strong-remoting
• [ ] loopback-phase
• [ ] loopback-datasource-juggler
• [ ] loopback
• [ ] loopback-filters
• [ ] loopback-sdk-angular
• [ ] loopback-sdk-angular-cli
• [ ] grunt-loopback-sdk-angular
• [ ] gulp-loopback-sdk-angular
• [ ] loopback-workspace
• [ ] loopback-sandbox
• [ ] generator-loopback
• [ ] loopback-boot
• [ ] loopback-swagger
• [ ] loopback-component-explorer
• [ ] loopback-component-push
• [ ] loopback-component-storage
• [ ] loopback-cli
• [ ] loopback-context
• [ ] loopback-soap
• [ ] loopback-component-passport

[dhmlau]

@bajtos, I've updated the original description with the list of repos. I'm not sure whether we need to update for *loopback-sdk* repos.

[bajtos]

The following modules are in LTS modes, I am not sure if it's a good idea to update them - I am not sure about the impact of breaking changes made in strong-globalize on the consumers of those modules.

Maybe we can leave them out from the first wave of upgrades?

• strong-remoting
• loopback-phase
• loopback
• loopback-filters
• loopback-sdk-angular
• loopback-sdk-angular-cli
• grunt-loopback-sdk-angular
• gulp-loopback-sdk-angular
• loopback-workspace
• loopback-sandbox
• generator-loopback
• loopback-boot
• loopback-swagger
• loopback-component-explorer
• loopback-component-push
• loopback-component-storage
• loopback-cli
• loopback-context
• loopback-soap
• loopback-component-passport

Important: loopback-datasource-juggler is used by LB4, we need to update it.

[jannyHou]

The latest strong-globalize requires node>=8.9, but not all repos are compatible, e.g. loopback-connector-cloudant's node version limit is >8.

A possible solution: upgrade the strong-globalize version and node engine then make a major release.

Another thing to consider: all connectors have juggler3.x as dev-dependency, which also has the engine limit as >8.

[bajtos]

Thank you @jannyHou for pointing out important details we should keep in consideration.

Since Node.js 8.x has reached end of life in December 2019, it's perfectly fine to stop supporting in actively developed repositories (e.g. connectors) and it's probably ok to drop it from repos in LTS mode too.

upgrade the strong-globalize version and node engine then make a major release.

+1, I agree with your proposal. While bumping up the minimal supported Node.js version, let's set it to Node.js 10.x, the oldest major version that's still maintained.

[bajtos]

As part of releasing a new semver-major version of the connectors, we should update LTS information README files. Move the Current version to Active LTS, the Active LTS version to Maintenance LTS, and check which Maintenance LTS versions has reached end of life. See https://loopback.io/doc/en/contrib/Long-term-support.html

[stale[bot]]

This issue has been marked stale because it has not seen activity within six months. If you believe this to be in error, please contact one of the code owners, listed in the CODEOWNERS file at the top-level of this repository. This issue will be closed within 30 days of being stale.

[stale[bot]]

This issue has been closed due to continued inactivity. Thank you for your understanding. If you believe this to be in error, please contact one of the code owners, listed in the CODEOWNERS file at the top-level of this repository.