From a80cc2971b43291bddbbdf5558d994724ab11215 Mon Sep 17 00:00:00 2001 From: Ethan Bell Date: Fri, 6 May 2022 14:22:12 -0700 Subject: [PATCH] Pin swagger-client dependency to exact version On at least 3 occasions, including this morning, updates to swagger-client have caused versions of swagger-ui to stop working. This morning, [changes to swagger-client's usage of `btoa`](https://github.com/swagger-api/swagger-js/commit/4832f3249df3415b168fcd3ac45eb1a463c038b8) were [released](https://github.com/swagger-api/swagger-js/commits/v3.18.5). Our build, depending on swagger-ui-react 4.1.0, failed with errors about the absence of the btoa module. We traced these errors to swagger-ui's bundled `swagger-ui.js`, which included some code from an older swagger-client version that expected `btoa` to still be present. Previous [issues include](https://github.com/swagger-api/swagger-ui/issues/7436) the removal of [isomorphic-form-data](https://github.com/swagger-api/swagger-js/pull/2154) around swagger-ui release 3.51.2, and the removal of [querystring-browser](https://github.com/swagger-api/swagger-js/pull/2288) around swagger-ui [release 3.52.5](https://github.com/swagger-api/swagger-ui/issues/7556) By pinning the swagger-client dependency to an exact version, issues with transitive dependencies should be mitigated. Of course, other dependencies may still pose similar problems, but swagger-client has been the recurring theme so far. --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 349f1c87dda..873177d144c 100644 --- a/package.json +++ b/package.json @@ -91,7 +91,7 @@ "reselect": "^4.1.5", "serialize-error": "^8.1.0", "sha.js": "^2.4.11", - "swagger-client": "^3.18.4", + "swagger-client": "=3.18.4", "url-parse": "^1.5.8", "xml": "=1.0.1", "xml-but-prettier": "^1.0.1",