-
Notifications
You must be signed in to change notification settings - Fork 199
/
package.json
150 lines (150 loc) · 7.21 KB
/
package.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
{
"name": "teams-js-monorepo",
"private": true,
"author": "Microsoft Teams",
"engines": {
"pnpm": ">=9.0.6",
"node": ">=18.0.0"
},
"scripts": {
"build": "lerna run build --stream",
"build-force-blazor": "pnpm build && pnpm build-blazor-app",
"build:clean": "pnpm clean && pnpm build",
"bundleAnalyze": "pnpm --filter @microsoft/bundle-analysis-app webpack:profile",
"bundleAnalyze:collect": "pnpm bundleAnalyze && node tools/cli/collectBundleAnalysis.js --folderName bundleAnalysis",
"build-blazor-app": "pnpm --filter blazor-test-app blazor-build",
"build-test-app-CDN": "pnpm --filter teams-test-app build:CDN",
"build-test-app-local": "pnpm --filter teams-test-app build:local",
"changefile": "pnpm beachball --no-commit",
"clean": "lerna run clean --stream",
"clean:full": "pnpm clean && pnpm clean:modules",
"clean:modules": "lerna clean -y && rimraf node_modules",
"docs": "pnpm --filter @microsoft/teams-js docs",
"docs:validate": "pnpm --filter @microsoft/teams-js docs:validate",
"lint": "lerna run lint",
"start-blazor-app": "pnpm --filter blazor-test-app start",
"start-perf-app": "pnpm --filter teams-perf-test-app start",
"start-ssr-app": "pnpm --filter ssr-test-app start",
"start-test-app": "pnpm --filter teams-test-app start",
"start-test-app-CDN": "pnpm --filter teams-test-app start:CDN",
"start-test-app-local": "pnpm --filter teams-test-app start:local",
"test": "lerna run test --stream"
},
"devDependencies": {
"@babel/core": "^7.24.4",
"@babel/plugin-transform-runtime": "^7.24.3",
"@babel/preset-env": "^7.24.4",
"@babel/preset-react": "^7.24.1",
"@babel/preset-typescript": "^7.24.1",
"@babel/runtime": "^7.24.4",
"@microsoft/eslint-plugin-sdl": "^0.2.2",
"@mixer/webpack-bundle-compare": "^0.1.1",
"@next/eslint-plugin-next": "^14.2.4",
"@octokit/core": "^3.6.0",
"@rollup/plugin-commonjs": "^26.0.1",
"@rollup/plugin-json": "^6.1.0",
"@rollup/plugin-node-resolve": "^15.2.3",
"@rollup/plugin-replace": "5.0.7",
"@rollup/plugin-terser": "0.4.4",
"@rollup/plugin-typescript": "^11.1.6",
"@types/fs-extra": "^9.0.13",
"@types/jest": "^27.5.2",
"@types/jscodeshift": "^0.11.11",
"@types/msgpack-lite": "^0.1.11",
"@types/node": "^16.18.96",
"@types/pako": "^1.0.7",
"@types/react": "^17.0.80",
"@types/react-dom": "^17.0.25",
"@types/webpack": "^4.41.40",
"@typescript-eslint/eslint-plugin": "^7.13.1",
"@typescript-eslint/parser": "^7.13.1",
"babel-loader": "^9.2.1",
"beachball": "^2.43.0",
"copy-webpack-plugin": "12.0.2",
"cross-env": "^7.0.3",
"css-loader": "^6.11.0",
"eslint": "^8.57.0",
"eslint-config-prettier": "^9.1.0",
"eslint-plugin-node": "^11.1.0",
"eslint-plugin-only-error": "^1.0.2",
"eslint-plugin-prettier": "^5.1.3",
"eslint-plugin-react": "^7.34.3",
"eslint-plugin-react-hooks": "^4.6.2",
"eslint-plugin-security": "^3.0.1",
"eslint-plugin-simple-import-sort": "^12.1.0",
"eslint-plugin-strict-null-checks": "^0.1.2",
"filemanager-webpack-plugin": "^8.0.0",
"fs-extra": "^9.1.0",
"html-webpack-plugin": "^5.6.3",
"jest": "^29.7.0",
"jest-environment-jsdom": "^29.7.0",
"jest-junit": "^15.0.0",
"jsdom": "^24.1.0",
"lerna": "^8.1.5",
"merge2": "1.0.2",
"path": "^0.12.7",
"prettier": "^3.3.2",
"rimraf": "^5.0.7",
"rollup": "^4.24.4",
"rollup-plugin-polyfill-node": "^0.13.0",
"shx": "^0.3.4",
"style-loader": "^3.3.4",
"ts-jest": "^29.1.2",
"ts-loader": "^9.5.1",
"ts-node": "^10.9.2",
"tslib": "^2.3.1",
"typedoc": "^0.24.8",
"typescript": "^4.9.5",
"webpack": "^5.96.1",
"webpack-assets-manifest": "^5.2.1",
"webpack-bundle-analyzer": "^4.10.2",
"webpack-cli": "^5.1.4",
"webpack-dev-server": "^5.1.0",
"webpack-merge": "^6.0.1",
"webpack-subresource-integrity": "^5.1.0",
"yargs": "^17.7.2"
},
"pnpm": {
"overrides": {
"@azure/identity": ">=4.2.1",
"cookie": ">=0.7.0",
"dns-packet": "^1.3.2",
"express": "^4.21.0",
"follow-redirects": "^1.15.6",
"glob-parent": "^5.1.2",
"http-proxy-middleware": ">=2.0.7",
"jsdom": "^24.0.0",
"ip": ">=2.0.1",
"lodash": "^4.17.21",
"merge": "^2.1.1",
"micromatch": ">=4.0.8",
"minimist": "^0.2.4",
"nth-check": ">=2.0.1",
"postcss": "^8.4.31",
"semver": "^7.5.2",
"serialize-javascript": "^3.1.0",
"set-value": "^2.0.1",
"socks": "^2.7.3",
"string_decoder": "^1.3.0",
"tar": ">=6.2.1",
"tough-cookie": "^4.1.3",
"underscore": "1.12.1",
"url-parse": "^1.5.0",
"word-wrap": "^1.2.4",
"y18n": "^4.0.1"
},
"overrides-explanation": {
"WHAT IS THIS SECTION": "pnpm ignores this section and comments aren't allowed in JSON files. This section documents why the above overrides have been put in place. If you add an override, describe it in this section.",
"cookie": "There is a vulnerability in older versions of the express package that is consumed by webpack, this has been patched in a later version of cookie that webpack has not updated yet. Once they update this package, we can remove this override",
"express": "There is a vulnerability in older versions of the express package that is consumed by webpack-dev-server, this has been patched in a later version of express that webpack-dev-server has not updated yet. Once they update this package, we can remove this override",
"follow-redirects": "There is a vulnerability in the follow-redirects package, and a fix has been provided. However, we consume the follow-redirects package via webpack-dev-server, Lerna, and wait-on, eventually. We are using this newer version of follow-redirects to avoid the vulnerability. If webpack-dev-server, Lerna, and wait-on packages are ever updated to a version of follow-redirects that fixes the vulnerability, we can remove this override and update the three packages accordingly.",
"http-proxy-middleware": "There is a vulnerability in older versions of the express package that is consumed by webpack-dev-server, this has been patched in a later version of http-proxy-middleware that webpack-dev-server has not updated yet. Once they update this package, we can remove this override",
"micromatch": "There is a vulnerability in older versions of the express package that is consumed by webpack, this has been patched in a later version of micromatch that webpack has not updated yet. Once they update this package, we can remove this override",
"socks": "There is a vulnerability in the ip package which has no fix. We consume ip via socks (eventually via lerna). Socks released a new version that removed the ip dependency. We are using this newer version of socks to avoid the vulnerability. If ip is ever updated or lerna (or any package in the chain) eventually updates to a version of socks that doesn't depend on ip, we can remove this override",
"tar": "There is a vulnerability in the tar package which is being used by lerna that hasn't yet been updated. Once this is patched in lerna we can remove this override"
}
},
"dependencies": {
"uuid": "^9.0.1"
}
}