Commits on May 14, 2022

1. deps: upgrade tslib to 2.4.0, remove @yarn-tool/resolve-package …

   - tslib 2.4.0 is forward and backward-compatible with older and newer
     Node exports mechanisms, so the Node 17 error should no longer be
     present
     - it has the older `./` and the newer `./*` in its package exports,
       which should allow for `package.json` to be read in both older and
       newer implementations
   
   - this allows us to remove the extra dep on `@yarn-tool/resolve-package`
     as well
     - other than less unnecessary deps being good,
       `@yarn-tool/resolve-package` is also a not well-documented package
       with very few users, which does not make for a good security posture
       for rpt2 (which has historically prioritized supply chain security
       in other issues around deps) or, in particular, its consumers, which
       there are very many of (in contrast with `@yarn-tool`)
     - per my issue comment, we could also have avoided the extra dep prior
       to the tslib upgrade by resolving to absolute paths, as Node only
       does a "weak" encapsulation of relative imports
   
   - test: add a small unit test for tslib.ts to ensure that this method
     works and passes on different Node versions in CI
     - more a smoke test that it runs at all, the testing is additional
       and a bit duplicative of the source tbh

   

   agilgur5 committed May 14, 2022
   Configuration menu

   • View commit details
   • Copy full SHA for 189aaa5
   • Browse repository at this point

   Copy the full SHA

   189aaa5 View commit details

   Browse the repository at this point in the history