Update npm dependencies #2098
Update npm dependencies #2098
Conversation
@mui/* would need to release a react 18.x update. TypeScript dependencies have been bumped, but not the actual React version. react-script still triggers high npm audit vulnerability warnings. react-script is also all but unmaintained. Migration to Vite seems to be popular, but idk
| "start": "react-scripts --openssl-legacy-provider start", | ||
| "build": "react-scripts --openssl-legacy-provider build", | ||
| "test": "react-scripts --openssl-legacy-provider test", | ||
| "eject": "react-scripts --openssl-legacy-provider eject" |
There was a problem hiding this comment.
Why do we need this? (Didn't do the research myself :-))
There was a problem hiding this comment.
Node v17+ also wouldn't allow react-scripts build etc. and an apparent fix is to disable the security check:
https://stackoverflow.com/questions/69692842/error-message-error0308010cdigital-envelope-routinesunsupported
Without this, it just crashes.
Alternative: downgrade Node.
There was a problem hiding this comment.
I think v17 doesn't bring us further. The LTS for v16 just has come to an end, the recommended version ist now v20. Have you tried this? Or at least the previous LTS v18?
This is independenz from the flag you have added here. I would have to double down on it in order to find a resolution.
There was a problem hiding this comment.
I just noticed that you are not actually changing the Node version with your commit. My comment remains valid though it's irrelevant for the PR :-)
There was a problem hiding this comment.
I've used node v21.1 for the process. That's the default that was installed, btw, when grabbing future3/develop (or my branch) and building from scratch.
Can bump node to 20, too, if you like.
(I'm not even sure how far back it's technically possible to go, maybe on old hardware or OS's.)
|
@pabera Of course on another fresh install, things don't go as smooth today! So no need to test anything on your end just yet. I'll play around with this until it's fixed a.t.m. |
|
No worries. |
|
The error was a fluke -- a user problem :) I didn't notice that the |
|
I had a look at this PR. There are a few major version updates which can be risky. Specifically i18next v23 is a breaking version update and we can't guarantee that everything works smoothly. If you don't mind, I would like to stick to the same major versions for now and only update minor versions. I have a new branch/PR open where I am updating dependencies for all aspects (node 20, python venv, bookworm) |
* add --break-system-packages option to pip3 install as required for bookworm, see #2050 (comment) * install libasound2-dev to fix installation of pyalsaaudio via pip3 * install NodeJS and npm via official recommendation see https://github.com/nodesource/distributions * configure break-system-packages option globally see discussion in #2100 (review) * allow nginx (and others) to access /home/pi
|
Alright, thanks for looking into this! |
Addresses all low hanging fruit for #2095, bumping versions that work well together.
I ran a couple of clean
npm installand alsonpm updateandnpm auditchanges.Node v17+ also wouldn't allow
react-scripts buildetc. and an apparent fix is to disable the security check:https://stackoverflow.com/questions/69692842/error-message-error0308010cdigital-envelope-routinesunsupported
I did that in the package scripts section, too. Thing is:
react-scriptsprobably need to go anyway because there's effectively no maintenance and dependency updates have been unaddressed for years. react.dev recomment Vite nowadays instead of "Create React App", so supposedly, Vite is going to be the future? https://cathalmacdonnacha.com/migrating-from-create-react-app-cra-to-vite -- but that's not for today :)Oh,
npm run buildandnpm run startwork fine 👍