blockworks-foundation
/
mango-v4-ui
mirror of https://github.com/blockworks-foundation/mango-v4-ui.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

separate dupe check and readme

This commit is contained in:
silas-x 2023-01-26 15:30:18 +00:00
parent e11f71bdd4
commit aa301c8562
3 changed files with 7 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.github/workflows/ci-code-review.yml vendored
View File

@ -19,6 +19,9 @@ jobs:
node-version: '18' node-version: '18'
cache: 'yarn' cache: 'yarn'
- name: Check dep dupes
run: yarn ci-dupe-check
- name: Install dependencies - name: Install dependencies
run: yarn ci run: yarn ci

6
README.md
View File

@ -8,13 +8,13 @@ When updating dependencies, there are various files that must be kept up-to-date
- Instead of running `yarn` or `yarn install`, run `yarn setup` to ensure the `yarn.lock` file is in sync and that dependency scripts are run according to the `allowScripts` policy (set in `packages.json`) - Instead of running `yarn` or `yarn install`, run `yarn setup` to ensure the `yarn.lock` file is in sync and that dependency scripts are run according to the `allowScripts` policy (set in `packages.json`)
- If `lavamoat` detects new scripts that are not explicitely allowed/denied, it'll throw and error with details (see below) - If `lavamoat` detects new scripts that are not explicitely allowed/denied, it'll throw and error with details (see below)
- The `postinstall` step will dedupe the `yarn.lock` file to rationalise the dependency tree - Running `yarn setup` will also dedupe the `yarn.lock` file to reduce the dependency tree. Note CI will fail if there are dupes in `yarn.lock`!
The `allowScripts` configuration in `package.json`: The `allowScripts` configuration in `package.json`:
- There are two ways to configure script policies: - There are two ways to configure script policies:
⋅⋅* Update the allow-scripts section manually by adding the missing package in the `allowScripts` section in `package.json` 1. Update the allow-scripts section manually by adding the missing package in the `allowScripts` section in `package.json`
⋅⋅* Run `yarn allow-scripts auto` to update the `allowScripts` configuration automatically 2. Run `yarn allow-scripts auto` to update the `allowScripts` configuration automatically
- Review each new package to determine whether the install script needs to run or not, testing if necessary. - Review each new package to determine whether the install script needs to run or not, testing if necessary.
- Use `npx can-i-ignore-scripts` to help assessing whether scripts are needed - Use `npx can-i-ignore-scripts` to help assessing whether scripts are needed

2
package.json
View File

@ -4,7 +4,7 @@
"private": true, "private": true,
"scripts": { "scripts": {
"setup": "yarn install && npx yarn-deduplicate && yarn allow-scripts && yarn bigint-fix", "setup": "yarn install && npx yarn-deduplicate && yarn allow-scripts && yarn bigint-fix",
"ci": "yarn ci-dupe-check && yarn install --frozen-lockfile --network-concurrency 1 --color=always && yarn allow-scripts && yarn bigint-fix", "ci": "yarn install --frozen-lockfile --network-concurrency 1 --color=always && yarn allow-scripts && yarn bigint-fix",
"ci-dupe-check": "npx yarn-deduplicate --list --fail", "ci-dupe-check": "npx yarn-deduplicate --list --fail",
"bigint-fix": "cd node_modules/bigint-buffer && yarn rebuild && cd ../../", "bigint-fix": "cd node_modules/bigint-buffer && yarn rebuild && cd ../../",
"dev": "rm -rf .next && next dev", "dev": "rm -rf .next && next dev",