Our great sponsors
-
elements
Build beautiful, interactive API Docs with embeddable React or Web Components, powered by OpenAPI and Markdown. (by stoplightio)
-
-
SurveyJS
Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App. With SurveyJS form UI libraries, you can build and style forms in a fully-integrated drag & drop form builder, render them in your JS app, and store form submission data in any backend, inc. PHP, ASP.NET Core, and Node.js.
-
-
-
-
storybook
Storybook is a frontend workshop for building UI components and pages in isolation. Made for UI development, testing, and documentation.
An issue emerged in our library integration that made us challenge our belief that our dependencies are under control. In short, our app crashed because of a bug in a dependency’s dependency. Despite fixing the nested dependency, the issue remained to be unsolved.
An issue emerged in our library integration that made us challenge our belief that our dependencies are under control. In short, our app crashed because of a bug in a dependency’s dependency. Despite fixing the nested dependency, the issue remained to be unsolved.
JSV was using a dependency called JST (JSON Schema Tree), which is effectively a sub-dependency of Elements, with a non-pinned (non-specified) version (^1.1.0) listed in its package.json.
Unfortunately, it misses (at least at the time of writing this article) the ability to have duplicate updates for different allow types. That means you can't have e.g. daily updates for dependencies and weekly updates for devDependencies in the same project. In our case, it was about not being able to daily update to versions that include security-related changes and all of the other changes (features, fixes, major updates) on a weekly basis using the same tool.
After figuring out that Dependabot does not allow us to do the above, we've decided to look for alternatives. One of the most promising ones (and open-source!) was Renovate.
An integration of Elements in Storybook (a tool for building an testing UI components) was broken because of a bug present in the Elements dependency, JSV (JSON Schema Viewer)
Related posts
- 5 Steps to Get Started with Open Source
- Show HN: Custoplayer – A NPM Package to Create Customizable Video Players
- Packages for rendering code
- Is there a way to automatically find UI related/CSS bugs, something that works like unit testing but it's UI?
- Useful Javascript Monorepo Tools To Consider While Managing Multiple projects