Lock beta js dependencies to a specific version
What does this MR do?
When we depend on a beta version of a npm dependency, we should lock it to a specific version to avoid unintended side effects from upgrades. There is no guarantee that a beta version change will be safe from breaking changes.
This change locks vue/test-utils
and vue-jest
to specific beta versions. The current versions match the 'resolved' field of those dependencies in the yarn.lock
file.
After this change, it should (in theory) be safe to refresh all our yarn dependencies.
Backstory
As part of updating a dependency !38536 (merged), the yarn.lock
file was regenerated from the package.json. Normally this would be relatively safe, but in this case it caused a build failure.
This line in the build output indicates a possible cause of the failure:
warning " > vue-jest@4.0.0-beta.5" has incorrect peer dependency "jest@^25.x".
Screenshots
Does this MR meet the acceptance criteria?
Conformity
- [n/a] Changelog entry
- [n/a] Documentation (if required)
-
Code review guidelines -
Merge request performance guidelines - [n/a] Style guides
- [n/a] Database guides
- [n/a] Separation of EE specific content
Availability and Testing
- [n/a] Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process.
- [n/a] Tested in all supported browsers
- [n/a] Informed Infrastructure department of a default or new setting change, if applicable per definition of done
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
- [n/a] Label as security and @ mention
@gitlab-com/gl-security/appsec
- [n/a] The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
- [n/a] Security reports checked/validated by a reviewer from the AppSec team