tea icon indicating copy to clipboard operation
tea copied to clipboard
verified publisher icon FriendsOfTYPO3

Fix the `package.json` for Dependabot

Open oliverklee opened this issue 1 year ago • 4 comments

Goal

The package.json is fixed

Acceptance criteria

  • [x] no errors related to package.json in Dependabot

Additional information

It seems we have broken package.json in a way that throws Dependabot off: https://github.com/FriendsOfTYPO3/tea/network/updates/886067788

Dependabot failed to update your dependencies because there was an error resolving your JavaScript dependency files.

Dependabot encountered the following error:

Dependabot uses Node.js v20.17.0 and NPM 10.8.2. Due to the engine-strict setting, the update will not succeed.

oliverklee avatar Jun 06 '24 14:06 oliverklee

We'll probably need to allow Node.js 20 in package.json as well to unbreak Dependabot.

oliverklee avatar Sep 17 '24 09:09 oliverklee

Fixed by #1457.

oliverklee avatar Sep 17 '24 10:09 oliverklee

Reopening as Dependabot still has problems:

https://github.com/FriendsOfTYPO3/tea/network/updates/886128238 Dependabot uses Node.js v20.17.0 and NPM 10.8.2. Due to the engine-strict setting, the update will not succeed.

oliverklee avatar Sep 17 '24 10:09 oliverklee

No, still not solved: https://github.com/FriendsOfTYPO3/tea/network/updates/886222075

Reopening.

We should find out what this "engine-strict setting" is and how to work with it.

oliverklee avatar Sep 17 '24 13:09 oliverklee

Found this https://github.com/dependabot/dependabot-core/issues/4072. As far as I understand best would be to include the version dependabot needs.

linxpinx avatar Oct 18 '24 15:10 linxpinx