[#42945] - [5.1] Updates the dependencies
- Fixed in Code Base
- 4 Mar 2024
- Medium
- Build: 5.1-dev
- # 42945
- Diff
- Digital-Peak:deps
- Pending continuous-integration/drone/pr Build is pending Details
User tests: Successful: Unsuccessful:
Updates the dependencies without major versions. Removed the strict vue version.
The data collector had a variable which needs to be public, otherwise you will get a compilation error.
Did run the following commands:
- composer update
- composer bump
- composer update
- npm update --save
- npm run update
| Status | New | ⇒ | Pending |
joomla-cms-bot
- | Category | ⇒ | External Library Composer Change NPM Change Front End Plugins |
Hmm, when checking for deleted files and folders with this PR, I get a lot from web-token. Here the output of my tool:
Comparing from "./tmp/update_deleted_files/previous-package/Joomla_4.4.4-dev-Development-Full_Package.zip"
to "./tmp/packages/Joomla_5.1.0-beta1-dev-Development-Full_Package.zip".
Comparing from "./tmp/update_deleted_files/packages/Joomla_5.1.0-alpha4-Alpha-Full_Package.zip"
to "./tmp/packages/Joomla_5.1.0-beta1-dev-Development-Full_Package.zip".
The following rows have to be added to the deleted files list:
'/libraries/vendor/web-token/jwt-core/Algorithm.php',
'/libraries/vendor/web-token/jwt-core/AlgorithmManager.php',
'/libraries/vendor/web-token/jwt-core/AlgorithmManagerFactory.php',
'/libraries/vendor/web-token/jwt-core/JWK.php',
'/libraries/vendor/web-token/jwt-core/JWKSet.php',
'/libraries/vendor/web-token/jwt-core/JWT.php',
'/libraries/vendor/web-token/jwt-core/LICENSE',
'/libraries/vendor/web-token/jwt-core/Util/BigInteger.php',
'/libraries/vendor/web-token/jwt-core/Util/ECKey.php',
'/libraries/vendor/web-token/jwt-core/Util/ECSignature.php',
'/libraries/vendor/web-token/jwt-core/Util/Hash.php',
'/libraries/vendor/web-token/jwt-core/Util/JsonConverter.php',
'/libraries/vendor/web-token/jwt-core/Util/KeyChecker.php',
'/libraries/vendor/web-token/jwt-core/Util/RSAKey.php',
'/libraries/vendor/web-token/jwt-signature-algorithm-ecdsa/ECDSA.php',
'/libraries/vendor/web-token/jwt-signature-algorithm-ecdsa/ES256.php',
'/libraries/vendor/web-token/jwt-signature-algorithm-ecdsa/ES384.php',
'/libraries/vendor/web-token/jwt-signature-algorithm-ecdsa/ES512.php',
'/libraries/vendor/web-token/jwt-signature-algorithm-eddsa/EdDSA.php',
'/libraries/vendor/web-token/jwt-signature-algorithm-experimental/Blake2b.php',
'/libraries/vendor/web-token/jwt-signature-algorithm-experimental/ES256K.php',
'/libraries/vendor/web-token/jwt-signature-algorithm-experimental/HS1.php',
'/libraries/vendor/web-token/jwt-signature-algorithm-experimental/HS256_64.php',
'/libraries/vendor/web-token/jwt-signature-algorithm-experimental/RS1.php',
'/libraries/vendor/web-token/jwt-signature-algorithm-hmac/HMAC.php',
'/libraries/vendor/web-token/jwt-signature-algorithm-hmac/HS256.php',
'/libraries/vendor/web-token/jwt-signature-algorithm-hmac/HS384.php',
'/libraries/vendor/web-token/jwt-signature-algorithm-hmac/HS512.php',
'/libraries/vendor/web-token/jwt-signature-algorithm-none/None.php',
'/libraries/vendor/web-token/jwt-signature-algorithm-rsa/PS256.php',
'/libraries/vendor/web-token/jwt-signature-algorithm-rsa/PS384.php',
'/libraries/vendor/web-token/jwt-signature-algorithm-rsa/PS512.php',
'/libraries/vendor/web-token/jwt-signature-algorithm-rsa/RS256.php',
'/libraries/vendor/web-token/jwt-signature-algorithm-rsa/RS384.php',
'/libraries/vendor/web-token/jwt-signature-algorithm-rsa/RS512.php',
'/libraries/vendor/web-token/jwt-signature-algorithm-rsa/RSAPKCS1.php',
'/libraries/vendor/web-token/jwt-signature-algorithm-rsa/RSAPSS.php',
'/libraries/vendor/web-token/jwt-signature-algorithm-rsa/Util/RSA.php',
'/libraries/vendor/web-token/jwt-signature/Algorithm/MacAlgorithm.php',
'/libraries/vendor/web-token/jwt-signature/Algorithm/SignatureAlgorithm.php',
'/libraries/vendor/web-token/jwt-signature/JWS.php',
'/libraries/vendor/web-token/jwt-signature/JWSBuilder.php',
'/libraries/vendor/web-token/jwt-signature/JWSBuilderFactory.php',
'/libraries/vendor/web-token/jwt-signature/JWSLoader.php',
'/libraries/vendor/web-token/jwt-signature/JWSLoaderFactory.php',
'/libraries/vendor/web-token/jwt-signature/JWSTokenSupport.php',
'/libraries/vendor/web-token/jwt-signature/JWSVerifier.php',
'/libraries/vendor/web-token/jwt-signature/JWSVerifierFactory.php',
'/libraries/vendor/web-token/jwt-signature/LICENSE',
'/libraries/vendor/web-token/jwt-signature/Serializer/CompactSerializer.php',
'/libraries/vendor/web-token/jwt-signature/Serializer/JSONFlattenedSerializer.php',
'/libraries/vendor/web-token/jwt-signature/Serializer/JSONGeneralSerializer.php',
'/libraries/vendor/web-token/jwt-signature/Serializer/JWSSerializer.php',
'/libraries/vendor/web-token/jwt-signature/Serializer/JWSSerializerManager.php',
'/libraries/vendor/web-token/jwt-signature/Serializer/JWSSerializerManagerFactory.php',
'/libraries/vendor/web-token/jwt-signature/Serializer/Serializer.php',
'/libraries/vendor/web-token/jwt-signature/Signature.php',
The following rows have to be added to the deleted folders list:
'/libraries/vendor/web-token/jwt-signature/Serializer',
'/libraries/vendor/web-token/jwt-signature/Algorithm',
'/libraries/vendor/web-token/jwt-signature-algorithm-rsa/Util',
'/libraries/vendor/web-token/jwt-signature',
'/libraries/vendor/web-token/jwt-core/Util',
'/libraries/vendor/web-token/jwt-core',
It seems they have restructured their folders somehow.
And when checking what remains in folders names like "jwt-signature-algorithm-something", I just see developer stuff which we should not ship with our installations, or should we? Each of these folders contains a LICENSE and a README.md file, a ".github" folder and a "composer.json" file.
So maybe we should delete that stuff in the "build/build.php" from the package folder like we do it with other developer-only stuff, and if we do that, the list of deleted files and folders would be even longer.
On a deeper look it seems we got an experimental version of that web-token stuff. In the composer.lock it resolves to https://api.github.com/repos/web-token/jwt-experimental/zipball/, while without this PR it resolves to https://api.github.com/repos/web-token/jwt-core/zipball/. ANd that'S the reason for the change of the folder structure and so the many files to be deleted.
Maybe we can update to a stable version instead of experimental?
Or maybe that "experimental" is only a naming thing. For me this PR here is ok, just the release managers should not forget that I have to make one for the deleted files and folders after this got merged.
| Labels |
Added:
Composer Dependency Changed
NPM Resource Changed
PR-5.1-dev
|
||
LadySolveig
- | Status | Pending | ⇒ | Fixed in Code Base |
| Closed_Date | 0000-00-00 00:00:00 | ⇒ | 2024-03-04 12:51:38 |
| Closed_By | ⇒ | LadySolveig |
I had done a seperate update PR for tinymce to raise awareness as there were a lot of changes - but i can close it