Update package-lock to try to unstick dependabot #5184
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The basics
The details
Resolves
All of the dependabot changes have been stuck for a few days with cryptic errors. The internet suggests deleting and regenerating the package lock, which actually upgrades the dependency versions. I've done that here to see if it can kick dependabot back into working.
I kept eslint the same version so we'd have a test case for a dependabot version. But the mocha and generator tests also failed to run for me locally so I also kept webdriverio the same version.
So the versions changed are all the other ones in this list that are NOT major bumps: https://github.com/google/blockly/pulls?q=is%3Apr+is%3Aopen+label%3Adependencies
@blockly/dev-tools, trim-newlines, etc
Test Coverage
Tested with
npm run build
npm run start
npm run test
Tests intermittently fail with php generator errors, this seems unrelated.
Also, I made eslint stay on the old version instead of updating. That way we could try rebasing this PR and see if it works: #5116
Additional Information
I think this started happening after #5038 so if this doesn't work we may need further investigation there.