1397384812
Bumps [json5](https://github.com/json5/json5) from 2.2.1 to 2.2.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/json5/json5/releases">json5's releases</a>.</em></p> <blockquote> <h2>v2.2.3</h2> <ul> <li>Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (<a href="https://github-redirect.dependabot.com/json5/json5/issues/299">#299</a>)</li> </ul> <h2>v2.2.2</h2> <ul> <li>Fix: Properties with the name <code>__proto__</code> are added to objects and arrays. (<a href="https://github-redirect.dependabot.com/json5/json5/issues/199">#199</a>) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (<a href="https://github-redirect.dependabot.com/json5/json5/issues/295">#295</a>).</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/json5/json5/blob/main/CHANGELOG.md">json5's changelog</a>.</em></p> <blockquote> <h3>v2.2.3 [<a href="https://github.com/json5/json5/tree/v2.2.3">code</a>, <a href="https://github.com/json5/json5/compare/v2.2.2...v2.2.3">diff</a>]</h3> <ul> <li>Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (<a href="https://github-redirect.dependabot.com/json5/json5/issues/299">#299</a>)</li> </ul> <h3>v2.2.2 [<a href="https://github.com/json5/json5/tree/v2.2.2">code</a>, <a href="https://github.com/json5/json5/compare/v2.2.1...v2.2.2">diff</a>]</h3> <ul> <li>Fix: Properties with the name <code>__proto__</code> are added to objects and arrays. (<a href="https://github-redirect.dependabot.com/json5/json5/issues/199">#199</a>) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (<a href="https://github-redirect.dependabot.com/json5/json5/issues/295">#295</a>).</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|---|---|---|
| .. | ||
| ast | ||
| .gitignore | ||
| build-shared-dep.js | ||
| install-dependencies.js | ||
| package.json | ||
| Readme.md | ||
| run-tests.js | ||
| shared-dependencies.json | ||
| verify-shared-dep.js | ||
Shared Dependencies
We wanted to share common logic with different applications within our repo, so we picked yarn symlinks as our approach to tackle this problem. Following are the way in which you can take advantage of the module sharing architecture.
Creation of a Shared Module
- Create a directory inside
shareddirectory with name eg.abc - Inside
package.jsonof module, keep the name like@shared/abc - Add a rollup config to generate
package.jsonafter the module is build
Installation of Shared Modules
- Add an entry for an application inside
shared-dependencies.jsoneg. forclientthere should be an entry"client": [] - Add the name of the shared module in the entry of the application in the above file eg.
"client": ["@shared/abc"] - If the application does not have any postinstall or preinstall scripts for shared modules then add the two commands described below in the application's (eg.
client)package.json:"postinstall": "CURRENT_SCOPE=client node ../shared/install-dependencies.js""preinstall": "CURRENT_SCOPE=client node ../shared/build-shared-dep.js"CURRENT_SCOPE is the environment variable that's being used in the scripts
Verifying the Installed Shared Modules
- Run
yarn run verifyinsideshareddirectory to verify shared dependencies for an application.
Command link-package
yarn install: installs packagesrollup -c: Module bundler bundles the package and creates a buildcd build: Change the present working directorycp -R ../node_modules ./node_modules: copies its own node_modules directory to its build directory to make sure its own version dependencies do not mismatch when its installed in other directories as shared moduleyarn link: Creates a link for the package to make it available for other directories to use.