search

seppevs / migrate-mongo

A database migration tool for MongoDB in Node
MIT License
926 stars 163 forks source link

Replace Lodash with Smaller Modular Packages for Improved Performance and to remove security vulnerabilities #447

Open prashantswami opened 3 months ago

prashantswami commented 3 months ago

Summary:

This PR replaces the use of the full Lodash library with smaller, modular Lodash packages. The goal is to optimize our application by reducing its bundle size, improving load times, and ensuring more efficient dependency management.

Details:

Benefits:

  1. Reduced Bundle Size: By importing only the specific functions we need, we significantly reduce the overall size of our application's bundle.
  2. Improved Load Times: Smaller bundles result in faster load times, enhancing the user experience, especially for users with slower network connections.
  3. Better Performance: Less code to parse and execute can lead to performance improvements in the application.
  4. Efficient Dependency Management: Using only necessary parts of a library promotes more efficient and maintainable code.

Security Concern:

We do use this package and blackduck (security scan) has identified issues in some of the files of loadsh.

Checklist
prashantswami commented 3 months ago

@seppevs Can we get this in as soon as possible. We are using this package and loadsh has security vulnerabilities.

Let me know if you need any help in this.

prashantswami commented 3 months ago

@seppevs can we get this in?

theogravity commented 2 months ago

I patched in your PR minus the i package into my fork (which also has way more features than this lib):

https://github.com/theogravity/migrate-mongo-alt