diff --git a/.circleci/check_yarn_issues.sh b/.circleci/check_yarn_issues.sh new file mode 100755 index 000000000..8398a4dcf --- /dev/null +++ b/.circleci/check_yarn_issues.sh @@ -0,0 +1,21 @@ +#!/bin/bash + +rm -rf node_modules +yarn install --check-files --no-progress --no-colors 2> temp_yarn_output.txt 1>/dev/null +touch yarn_issues_assessed.txt +grep -E "^(error|warning)" temp_yarn_output.txt > yarn_issues.txt + +# skip all assessed errors and warnings +grep -vxFf yarn_issues_assessed.txt yarn_issues.txt > new_issues.txt + +if [ -s new_issues.txt ] +then + echo "New not yet assessed yarn issues found:" + cat new_issues.txt + rm temp_yarn_output.txt yarn_issues.txt new_issues.txt + exit 1 +fi + +rm temp_yarn_output.txt yarn_issues.txt new_issues.txt + + diff --git a/.circleci/config.yml b/.circleci/config.yml index 740efe876..13be281e1 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -44,6 +44,7 @@ jobs: - run: command: | export CONTEXT="production" + sh .circleci/check_yarn_issues.sh yarn install ./deploy.sh diff --git a/DEPENDENCY_MANAGEMENT.md b/DEPENDENCY_MANAGEMENT.md new file mode 100644 index 000000000..356b48851 --- /dev/null +++ b/DEPENDENCY_MANAGEMENT.md @@ -0,0 +1,11 @@ +# Dependency Management +This document describes the current status of our dependency management and dependency assessment. + +# Never ignore errors and warnings +If `ỳarn` issues a `warning` or `error`then act on it and do an assessment. +Our CI/CD pipeline will check if there are warnings or errors that are new and not yet assessed. + +# Assessment of warnings and errors +If you spot yarn errors and warnings then fix it. If you think it is safe to ignore them, then add the warning or error +message to our [ignore list](./yarn_issues_assessed.txt) and put a comment line above it to inform other developers +why it is safe to ignore this message. diff --git a/README.md b/README.md index e405743fa..f6d26d047 100644 --- a/README.md +++ b/README.md @@ -12,6 +12,7 @@ Live versions of the website are currently available in [German](https://www.dat ## Development Datenanfragen.de is designed as a static website, running on [Hugo](https://gohugo.io/) and [Preact](https://preactjs.com/). +Dependency management is done with yarn and a project-specific [dependency management](DEPENDENCY_MANAGEMENT.md) style. To build the project locally for development, follow these steps: diff --git a/yarn_issues_assessed.txt b/yarn_issues_assessed.txt new file mode 100644 index 000000000..05ed64c13 --- /dev/null +++ b/yarn_issues_assessed.txt @@ -0,0 +1,21 @@ +# This file contains a list of YARN warnings and errors that are allowed to be skipped by our CI/CD pipeline. +# All YARN warnings and errors not listed here will trigger a pipeline fail (by intention). +# Add comments above each line to describe the reason why it is save to ignore this YARN warning or error + +# Skip list incl reason: + +# as of 2024-01-17 the team ignores this warning without providing a reason. Reason may get provided at a later point in time +warning " > react-instantsearch-dom@6.26.0" has unmet peer dependency "algoliasearch@>= 3.1 < 5". +warning " > react-instantsearch-dom@6.26.0" has unmet peer dependency "react@>= 16.3.0 < 19". +warning " > react-instantsearch-dom@6.26.0" has unmet peer dependency "react-dom@>= 16.3.0 < 19". +warning "react-instantsearch-dom > algoliasearch-helper@3.8.2" has unmet peer dependency "algoliasearch@>= 3.1 < 5". +warning "react-instantsearch-dom > react-instantsearch-core@6.26.0" has unmet peer dependency "algoliasearch@>= 3.1 < 5". +warning "react-instantsearch-dom > react-instantsearch-core@6.26.0" has unmet peer dependency "react@>= 16.3.0 < 19". +warning " > react-scrollspy@3.4.3" has unmet peer dependency "react@>=0.14.0". +warning " > react-scrollspy@3.4.3" has unmet peer dependency "react-dom@>=0.14.0". +warning " > @this-dot/cypress-indexeddb@2.0.0" has incorrect peer dependency "cypress@< 12.6.0". +warning " > eslint-plugin-preact-i18n@1.1.0" has incorrect peer dependency "eslint@^4.0.0 || ^5.0.0". +warning " > postcss-fonticons@2.0.1" has incorrect peer dependency "postcss@^8.4.14". +warning " > postcss-loader@6.2.1" has incorrect peer dependency "webpack@^5.0.0". +warning " > stylelint-a11y@1.2.3" has incorrect peer dependency "stylelint@^8.0.0 || ^9.0.0 || ^10.0.0 || ^11.0.0 || ^12.0.0 || ^13.0.0". +warning " > stylelint-use-nesting@3.0.0" has incorrect peer dependency "stylelint@10 - 13".