Closed valefar-on-discord closed 7 months ago
On yarn install
, I'm seeing:
➤ YN0000: ┌ Post-resolution validation
➤ YN0002: │ wagyukeygen@workspace:. doesn't provide react-is (pc32ff), requested by styled-components.
➤ YN0086: │ Some peer dependencies are incorrectly met; run yarn explain peer-requirements <hash> for details, where <hash> is the six-letter p-prefixed code.
➤ YN0000: └ Completed
but I'm guessing this is unrelated to this PR.
Running yarn npm audit
reveals that we have a few package worth upgrading:
├─ @material-ui/core
│ ├─ ID: @material-ui/core (deprecation)
│ ├─ Issue: Material UI v4 doesn't receive active development since September 2021. See the guide https://mui.com/material-ui/migration/migration-v4/ to upgrade to v5.
│ ├─ Severity: moderate
│ ├─ Vulnerable Versions: 4.12.3
│ │
│ ├─ Tree Versions
│ │ └─ 4.12.3
│ │
│ └─ Dependents
│ └─ wagyukeygen@workspace:.
│
├─ @material-ui/icons
│ ├─ ID: @material-ui/icons (deprecation)
│ ├─ Issue: You can now upgrade to @mui/icons. See the guide: https://mui.com/guides/migration-v4/
│ ├─ Severity: moderate
│ ├─ Vulnerable Versions: 4.11.2
│ │
│ ├─ Tree Versions
│ │ └─ 4.11.2
│ │
│ └─ Dependents
│ └─ wagyukeygen@workspace:.
│
└─ @material-ui/lab
├─ ID: @material-ui/lab (deprecation)
├─ Issue: Material UI v4 doesn't receive active development since September 2021. See the guide https://mui.com/material-ui/migration/migration-v4/ to upgrade to v5.
├─ Severity: moderate
├─ Vulnerable Versions: 4.0.0-alpha.60
│
├─ Tree Versions
│ └─ 4.0.0-alpha.60
│
└─ Dependents
└─ wagyukeygen@workspace:.
This could be in another PR or as part of another effort.
On
yarn install
, I'm seeing:➤ YN0000: ┌ Post-resolution validation ➤ YN0002: │ wagyukeygen@workspace:. doesn't provide react-is (pc32ff), requested by styled-components. ➤ YN0086: │ Some peer dependencies are incorrectly met; run yarn explain peer-requirements <hash> for details, where <hash> is the six-letter p-prefixed code. ➤ YN0000: └ Completed
but I'm guessing this is unrelated to this PR.
This is a result of styled-components
version we are using 5.3.3
. They moved react-is
as a devDependency requiring others to install it or use packageExtensions
in yarnrc - https://github.com/styled-components/styled-components/pull/2187#issuecomment-602057373
A bit annoying but I added a commit to fix this issue.
Running
yarn npm audit
reveals that we have a few package worth upgrading:This could be in another PR or as part of another effort.
Yeah, I think upgrading to material v5 should be a separate effort. I'll look into it.
Upgrading to yarn v4.1.0 and adding
enableHardenedMode: true
to.yarnrc.yml
to protect against lockfile dependency injection attacks: https://github.com/yarnpkg/berry/discussions/4136To test: Pull refresh version of this branch Make sure running >= Node v18
yarn install
yarn buildcli
yarn build
yarn start
Should run with no regressions and no local files should be modified