Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
deps: upgrade tslib to 2.4.0, remove @yarn-tool/resolve-package (#326)
- tslib 2.4.0 is forward and backward-compatible with older and newer Node exports mechanisms, so the Node 17 error should no longer be present - it has the older `./` and the newer `./*` in its package exports, which should allow for `package.json` to be read in both older and newer implementations - this allows us to remove the extra dep on `@yarn-tool/resolve-package` as well - other than less unnecessary deps being good, `@yarn-tool/resolve-package` is also a not well-documented package with very few users, which does not make for a good security posture for rpt2 (which has historically prioritized supply chain security in other issues around deps) or, in particular, its consumers, which there are very many of (in contrast with `@yarn-tool`) - per my issue comment, we could also have avoided the extra dep prior to the tslib upgrade by resolving to absolute paths, as Node only does a "weak" encapsulation of relative imports - test: add a small unit test for tslib.ts to ensure that this method works and passes on different Node versions in CI - more a smoke test that it runs at all, the testing is additional and a bit duplicative of the source tbh
- Loading branch information