fix: add undeclared dependency lodash
#43
Conversation
|
Can we get this merged? This is breaking some of our builds where we rely on "strictness" i.e. all packages requiring their dependencies to be declared. Thanks so much! |
|
@alexiscordova think you can take a look? Thanks! |
|
Yarn v3 ships with this fix builtin, if you're on v2 you can use https://yarnpkg.com/configuration/yarnrc#packageExtensions, and if you're using pnpm you can use https://pnpm.io/package_json#pnpmpackageextensions |
package.json
Outdated
| @@ -19,7 +19,8 @@ | |||
| "lint": "standard" | |||
| }, | |||
| "dependencies": { | |||
| "invariant": "2.2.4" | |||
| "invariant": "2.2.4", | |||
| "lodash": "^4.17.21" | |||
There was a problem hiding this comment.
If you can remove the ^ character, this should be good to go
There was a problem hiding this comment.
I don't get why you want that but sure
There was a problem hiding this comment.
Internally we use specific version numbers for security purposes. It's something we're hoping to change in the future once we can convince the right teams, but for the time being this is the approach we have to take. Thanks for making this change!
|
Are we going to be able to get this merged now? This and the other one salesforce-ux/query-ast#25 too. Thanks! |
|
@alexiscordova - can you follow-up on this? |
|
@iclanton I don't work for Salesforce anymore, but @Dottenpixel might be able to help |
|
Thanks for your contribution @merceyz! We'll look to publish a new NPM package version asap. |
|
No rush on my end, Yarn has been shipping this fix for a while. |
What's the problem this PR addresses?
scss-parserdepends onlodashbut doesn't declare it as a dependencyHow did you fix it?
Added
lodashas a dependency