Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: More lodash deps cleanup #246

Merged
merged 2 commits into from
Dec 2, 2024
Merged

Conversation

adityachoudhari26
Copy link
Contributor

@adityachoudhari26 adityachoudhari26 commented Dec 2, 2024

Summary by CodeRabbit

  • New Features

    • Introduced a catalog-based dependency management approach for several packages, enhancing flexibility in dependency resolution.
  • Bug Fixes

    • Updated dependencies for improved compatibility and management across various projects.
  • Chores

    • Added @types/lodash to the catalog in pnpm-workspace.yaml, expanding type definitions for the lodash library.
    • Updated @types/lodash and other dependencies to use catalog references in multiple package configurations.

Copy link
Contributor

coderabbitai bot commented Dec 2, 2024

Walkthrough

The pull request introduces updates to several package.json files across various projects within the @ctrlplane organization. The primary change involves transitioning the version specifications for certain dependencies, particularly lodash and @types/lodash, from specific versions to catalog references. This shift affects projects such as event-worker, jobs, pty-proxy, and others, indicating a move towards a centralized dependency management approach. Additionally, new catalog references were added for other dependencies like eslint, prettier, tsx, and typescript in some projects.

Changes

File Path Change Summary
apps/event-worker/package.json Updated lodash from ^4.17.21 to catalog:; updated @types/lodash from ^4.17.5 to catalog:.
apps/jobs/package.json Updated @types/lodash from ^4.17.5 to catalog:; added eslint, prettier, tsx, and typescript as catalog:.
apps/pty-proxy/package.json Added @types/lodash as catalog: in devDependencies.
integrations/google-compute-scanner/package.json Updated @types/lodash from ^4.17.5 to catalog:; updated eslint, prettier, and typescript to catalog:.
integrations/kubernetes-job-agent/package.json Updated @types/lodash from ^4.17.5 to catalog:; updated eslint, prettier, and typescript to catalog:.
integrations/terraform-cloud-scanner/package.json Updated @types/lodash from ^4.17.5 to catalog:.
packages/api/package.json Updated @types/lodash from ^4.17.5 to catalog:.
packages/job-dispatch/package.json Updated @types/lodash from ^4.17.5 to catalog:.
pnpm-workspace.yaml Added @types/lodash: ^4.17.5 under the catalog section.
packages/auth/package.json Added @types/lodash as catalog: in devDependencies.

Possibly related PRs

  • fix: Refactor tf scanner to reference resources #245: The changes in apps/jobs/package.json involve updating the @types/lodash dependency to a catalog reference, similar to the changes made in the main PR for apps/event-worker/package.json, which also updated @types/lodash to a catalog reference.

Suggested reviewers

  • jsbroks

📜 Recent review details

Configuration used: .coderabbit.yaml
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between a695f3f and e9fc1a1.

⛔ Files ignored due to path filters (1)
  • pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml
📒 Files selected for processing (1)
  • packages/auth/package.json (1 hunks)
🔇 Additional comments (2)
packages/auth/package.json (2)

49-49: LGTM! Adding type definitions for lodash

The addition of @types/lodash using catalog versioning aligns well with the existing lodash dependency and maintains consistency across the monorepo.


49-49: Verify catalog version compatibility

Ensure that the catalog version of @types/lodash is compatible with the catalog version of lodash.

✅ Verification successful

Based on the shell script results, I can generate the final response as we have sufficient information about the versions. The output shows that across the repository, the catalog versions resolve to:

  • lodash: version 4.17.21
  • @types/lodash: version 4.17.13

These versions are compatible as TypeScript type definitions for lodash 4.17.x are covered by @types/lodash 4.17.x. The minor version difference (21 vs 13) is not a concern as type definitions often lag behind the main package, and the major.minor versions match (4.17).

Catalog versions of lodash and @types/lodash are compatible

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check the versions of lodash and @types/lodash in the catalog
# and verify their compatibility

# Look for catalog version definitions
rg -A 1 "lodash.*catalog" 

# Check package-lock.json or yarn.lock for resolved versions
fd -g '*lock*' -x cat {} \; | rg -A 5 "lodash"

Length of output: 11032


Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share
🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Generate unit testing code for this file.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai generate unit testing code for this file.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and generate unit testing code.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🧹 Outside diff range and nitpick comments (1)
packages/api/package.json (1)

Inconsistent lodash dependency version found in packages/job-dispatch

Most packages use catalog: for both lodash and @types/lodash, but packages/job-dispatch uses ^4.17.21 for lodash. Additionally, packages/auth is missing @types/lodash, and apps/pty-proxy is missing the runtime lodash dependency.

  • packages/job-dispatch/package.json: Update "lodash": "^4.17.21" to "lodash": "catalog:"
  • packages/auth/package.json: Add "@types/lodash": "catalog:" to devDependencies
  • apps/pty-proxy/package.json: Add "lodash": "catalog:" to dependencies if the package uses lodash runtime functions
🔗 Analysis chain

Line range hint 29-29: Verify lodash dependency consistency across all packages

Let's ensure all packages follow the same pattern for lodash dependencies.

Also applies to: 39-39, 48-48, 54-54

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check consistency of lodash dependencies across all package.json files

echo "Checking lodash dependencies in all package.json files..."
find . -name "package.json" -type f -exec sh -c '
    echo "\nAnalyzing: {}"
    jq -r ". | select(.dependencies.lodash != null or .devDependencies[\"@types/lodash\"] != null) | 
    {
        path: \"$(dirname {})\",
        lodash: .dependencies.lodash,
        types_lodash: .devDependencies[\"@types/lodash\"]
    }" {} \;
' \;

Length of output: 4134

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between 67e3817 and a695f3f.

⛔ Files ignored due to path filters (1)
  • pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml
📒 Files selected for processing (9)
  • apps/event-worker/package.json (2 hunks)
  • apps/jobs/package.json (1 hunks)
  • apps/pty-proxy/package.json (1 hunks)
  • integrations/google-compute-scanner/package.json (1 hunks)
  • integrations/kubernetes-job-agent/package.json (1 hunks)
  • integrations/terraform-cloud-scanner/package.json (1 hunks)
  • packages/api/package.json (1 hunks)
  • packages/job-dispatch/package.json (1 hunks)
  • pnpm-workspace.yaml (1 hunks)
🔇 Additional comments (8)
pnpm-workspace.yaml (1)

21-21: Consider aligning @types/lodash version with lodash

The catalog defines lodash as ^4.17.21 but @types/lodash is set to ^4.17.5. To ensure type definition compatibility, consider updating @types/lodash to match the major.minor version of lodash.

apps/jobs/package.json (1)

Line range hint 29-33: LGTM! Dependencies properly aligned with workspace catalog

The migration of dependencies to use catalog references is consistent with the workspace configuration and helps centralize version management.

integrations/kubernetes-job-agent/package.json (1)

40-43: LGTM! Consistent dependency management approach

The migration to catalog references maintains consistency with the workspace configuration and other packages in the monorepo.

integrations/google-compute-scanner/package.json (1)

Line range hint 41-45: LGTM! Consistent dependency management approach.

The changes align well with the lodash cleanup initiative. The transition to catalog references for both lodash and @types/lodash maintains proper type safety while centralizing version management.

Let's verify the consistency of lodash-related dependencies across the workspace:

apps/pty-proxy/package.json (1)

38-38: Verify the necessity of @types/lodash dependency.

I notice that @types/lodash is added as a dev dependency, but there's no direct lodash dependency. Let's verify if this type definition is actually needed.

integrations/terraform-cloud-scanner/package.json (1)

41-41: LGTM! Proper dependency structure maintained.

The update to use catalog reference for @types/lodash is consistent with the runtime lodash dependency, maintaining proper typing support while centralizing version management.

apps/event-worker/package.json (1)

29-29: LGTM: Consistent dependency management approach

The changes to both lodash and @types/lodash dependencies align with the catalog-based dependency management strategy. This is consistent with other dependencies in the file and helps centralize version control.

Also applies to: 39-39

packages/api/package.json (1)

54-54: LGTM: Consistent catalog reference usage

The update to @types/lodash maintains consistency with the main lodash dependency, both using catalog references. This alignment ensures proper type safety and version management.

@@ -45,7 +45,7 @@
"@ctrlplane/eslint-config": "workspace:*",
"@ctrlplane/prettier-config": "workspace:*",
"@ctrlplane/tsconfig": "workspace:*",
"@types/lodash": "^4.17.5",
"@types/lodash": "catalog:",
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Align lodash runtime dependency with its type definitions

While @types/lodash has been updated to use a catalog reference, the main lodash dependency (line 34) still uses a fixed version ^4.17.21. Consider updating the runtime dependency to also use a catalog reference for consistency.

Apply this change to align with the dependency cleanup initiative:

-    "lodash": "^4.17.21",
+    "lodash": "catalog:",

Committable suggestion skipped: line range outside the PR's diff.

@adityachoudhari26 adityachoudhari26 merged commit 7a156d2 into main Dec 2, 2024
14 checks passed
@adityachoudhari26 adityachoudhari26 deleted the lodash-deps-cleanup branch December 2, 2024 20:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant