Skip to content
This repository has been archived by the owner on Feb 6, 2023. It is now read-only.

Commit

Permalink
Removes unused gulp-browserify-thin (#2032)
Browse files Browse the repository at this point in the history
Summary:
**Summary**

Removes unused dev dependency on `gulp-browserify-thin`. Addresses a security vulnerability that affects `minimatch@2.0.10` indirectly required through this module.

```
→ yarn why minimatch
Using globally installed version of Yarn
yarn why v1.12.1
[1/4] �  Why do we have the module "minimatch"...?
[2/4] 🚚  Initialising dependency graph...
[3/4] 🔍  Finding dependency...
[4/4] 🚡  Calculating file sizes...
=> Found "minimatch@3.0.4"
info Has been hoisted to "minimatch"
info Reasons this module exists
   - Hoisted from "eslint#minimatch"
   - Hoisted from "glob#minimatch"
   - Hoisted from "gulp-if#gulp-match#minimatch"
   - Hoisted from "jest#jest-cli#istanbul-api#minimatch"
   - Hoisted from "gulp-concat-css#rework-import#globby#glob#minimatch"
   - Hoisted from "envify#jstransform#commoner#glob#minimatch"
   - Hoisted from "jest#jest-cli#istanbul-api#fileset#minimatch"
   - Hoisted from "jest#jest-cli#jest-runtime#babel-plugin-istanbul#test-exclude#minimatch"
   - Hoisted from "gulp#glob-watcher#chokidar#fsevents#node-pre-gyp#npm-packlist#ignore-walk#minimatch"
info Disk size without dependencies: "44KB"
info Disk size with unique dependencies: "64KB"
info Disk size with transitive dependencies: "120KB"
info Number of shared dependencies: 1
=> Found "browserify#minimatch@2.0.10"
info Reasons this module exists
   - "gulp-browserify-thin#browserify#glob" depends on it
   - Hoisted from "gulp-browserify-thin#browserify#glob#minimatch"
info Disk size without dependencies: "76KB"
info Disk size with unique dependencies: "96KB"
info Disk size with transitive dependencies: "152KB"
info Number of shared dependencies: 1
✨  Done in 0.96s.
```

**Test Plan**

Check if `gulp-browserify-thin` is required anywhere, it is not.
Pull Request resolved: #2032

Reviewed By: mrkev

Differential Revision: D14388097

Pulled By: mrkev

fbshipit-source-id: 6b9b46ec8129d7899805021fbd6d6d1f8b9e443b
  • Loading branch information
Claudio Procida authored and facebook-github-bot committed Mar 8, 2019
1 parent 68196f6 commit fc3549a
Show file tree
Hide file tree
Showing 4 changed files with 25 additions and 674 deletions.
2 changes: 1 addition & 1 deletion meta/bundle-size-stats/Draft.js.json

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion meta/bundle-size-stats/Draft.min.js.json

Large diffs are not rendered by default.

1 change: 0 additions & 1 deletion package.json
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,6 @@
"flow-bin": "^0.92.0",
"gulp": "^4.0.0",
"gulp-babel": "^8.0.0",
"gulp-browserify-thin": "^0.1.5",
"gulp-clean-css": "^2.0.3",
"gulp-concat-css": "^2.2.0",
"gulp-derequire": "^2.1.0",
Expand Down
Loading

0 comments on commit fc3549a

Please sign in to comment.