-
Notifications
You must be signed in to change notification settings - Fork 197
/
Copy pathpackage.json
157 lines (157 loc) · 7.51 KB
/
package.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
{
"name": "teams-js-monorepo",
"private": true,
"author": "Microsoft Teams",
"engines": {
"pnpm": ">=9.0.6",
"node": ">=18.0.0"
},
"scripts": {
"build": "lerna run build --stream",
"build-force-blazor": "pnpm build && pnpm build-blazor-app",
"build:clean": "pnpm clean && pnpm build",
"bundleAnalyze": "pnpm --filter @microsoft/bundle-analysis-app webpack:profile",
"bundleAnalyze:collect": "pnpm bundleAnalyze && node tools/cli/collectBundleAnalysis.js --folderName bundleAnalysis",
"build-blazor-app": "pnpm --filter blazor-test-app blazor-build",
"build-test-app-CDN": "pnpm --filter teams-test-app build:CDN",
"build-test-app-local": "pnpm --filter teams-test-app build:local",
"changefile": "pnpm beachball --no-commit",
"clean": "lerna run clean --stream",
"clean:full": "pnpm clean && pnpm clean:modules",
"clean:modules": "lerna clean -y && rimraf node_modules",
"docs": "pnpm --filter @microsoft/teams-js docs",
"docs:validate": "pnpm --filter @microsoft/teams-js docs:validate",
"lint": "lerna run lint",
"start-blazor-app": "pnpm --filter blazor-test-app start",
"start-perf-app": "pnpm --filter teams-perf-test-app start",
"start-ssr-app": "pnpm --filter ssr-test-app start",
"start-test-app": "pnpm --filter teams-test-app start",
"start-test-app-CDN": "pnpm --filter teams-test-app start:CDN",
"start-test-app-local": "pnpm --filter teams-test-app start:local",
"test": "lerna run test --stream",
"validate-test-schema": "ts-node tools/validateTestSchema.ts"
},
"devDependencies": {
"@babel/core": "^7.24.4",
"@babel/plugin-transform-runtime": "^7.24.3",
"@babel/preset-env": "^7.24.4",
"@babel/preset-react": "^7.24.1",
"@babel/preset-typescript": "^7.24.1",
"@babel/runtime": "^7.24.4",
"@microsoft/eslint-plugin-sdl": "^0.2.2",
"@mixer/webpack-bundle-compare": "^0.1.1",
"@next/eslint-plugin-next": "^14.2.4",
"@octokit/core": "^3.6.0",
"@rollup/plugin-commonjs": "^26.0.1",
"@rollup/plugin-json": "^6.1.0",
"@rollup/plugin-node-resolve": "^15.2.3",
"@rollup/plugin-replace": "5.0.7",
"@rollup/plugin-terser": "0.4.4",
"@rollup/plugin-typescript": "^11.1.6",
"@types/fs-extra": "^9.0.13",
"@types/jest": "^27.5.2",
"@types/jscodeshift": "^0.11.11",
"@types/msgpack-lite": "^0.1.11",
"@types/node": "^16.18.96",
"@types/pako": "^1.0.7",
"@types/react": "^17.0.80",
"@types/react-dom": "^17.0.25",
"@types/webpack": "^4.41.40",
"@typescript-eslint/eslint-plugin": "^7.13.1",
"@typescript-eslint/parser": "^7.13.1",
"ajv": "^8.12.0",
"babel-loader": "^9.2.1",
"beachball": "^2.43.0",
"copy-webpack-plugin": "12.0.2",
"cross-env": "^7.0.3",
"css-loader": "^7.1.2",
"eslint": "^8.57.0",
"eslint-config-prettier": "^9.1.0",
"eslint-plugin-node": "^11.1.0",
"eslint-plugin-only-error": "^1.0.2",
"eslint-plugin-prettier": "^5.1.3",
"eslint-plugin-react": "^7.34.3",
"eslint-plugin-react-hooks": "^4.6.2",
"eslint-plugin-security": "^3.0.1",
"eslint-plugin-simple-import-sort": "^12.1.0",
"eslint-plugin-strict-null-checks": "^0.1.2",
"filemanager-webpack-plugin": "^8.0.0",
"fs-extra": "^9.1.0",
"html-webpack-plugin": "^5.6.3",
"jest": "^29.7.0",
"jest-environment-jsdom": "^29.7.0",
"jest-junit": "^15.0.0",
"jsdom": "^24.1.0",
"lerna": "^8.1.9",
"merge2": "1.0.2",
"path": "^0.12.7",
"prettier": "^3.3.2",
"rimraf": "^5.0.7",
"rollup": "^4.24.4",
"rollup-plugin-dts": "^6.1.1",
"rollup-plugin-node-polyfills": "^0.2.1",
"shx": "^0.3.4",
"style-loader": "^4.0.0",
"ts-jest": "^29.1.2",
"ts-loader": "^9.5.1",
"ts-node": "^10.9.2",
"tslib": "^2.3.1",
"typedoc": "^0.24.8",
"typescript": "^4.9.5",
"webpack": "^5.97.1",
"webpack-assets-manifest": "^5.2.1",
"webpack-bundle-analyzer": "^4.10.2",
"webpack-cli": "^6.0.1",
"webpack-dev-server": "^5.2.0",
"webpack-merge": "^6.0.1",
"webpack-subresource-integrity": "^5.2.0-rc.1",
"yargs": "^17.7.2"
},
"pnpm": {
"overrides": {
"@azure/identity": ">=4.2.1",
"cookie": ">=0.7.0",
"cross-spawn": ">=7.0.5",
"dns-packet": "^1.3.2",
"express": "^4.21.0",
"follow-redirects": "^1.15.6",
"glob-parent": "^5.1.2",
"http-proxy-middleware": ">=2.0.7",
"jsdom": "^24.0.0",
"ip": ">=2.0.1",
"lodash": "^4.17.21",
"merge": "^2.1.1",
"micromatch": ">=4.0.8",
"minimist": "^0.2.4",
"nanoid": ">=3.3.8",
"nth-check": ">=2.0.1",
"postcss": "^8.4.31",
"semver": "^7.5.2",
"serialize-javascript": "^3.1.0",
"set-value": "^2.0.1",
"socks": "^2.7.3",
"string_decoder": "^1.3.0",
"tar": ">=6.2.1",
"tough-cookie": "^4.1.3",
"underscore": "1.12.1",
"url-parse": "^1.5.0",
"word-wrap": "^1.2.4",
"y18n": "^4.0.1"
},
"overrides-explanation": {
"WHAT IS THIS SECTION": "pnpm ignores this section and comments aren't allowed in JSON files. This section documents why the above overrides have been put in place. If you add an override, describe it in this section.",
"cookie": "There is a vulnerability with cookie versions less than 0.7.0. This package is currently being consumed in @types/webpack and needs to be updated there. For now we will override this until that is fixed.",
"cross-spawn": "There is a vulnerability with cross-spawn versions less than 7.0.5 This package is currently being consumed in @types/webpack and needs to be updated there. For now we will override this until that is fixed.",
"express": "There is a vulnerability in older versions of the express package that is consumed by webpack-dev-server, this has been patched in a later version of express that webpack-dev-server has not updated yet. Once they update this package, we can remove this override",
"follow-redirects": "There is a vulnerability in the follow-redirects package, and a fix has been provided. However, we consume the follow-redirects package via webpack-dev-server, Lerna, and wait-on, eventually. We are using this newer version of follow-redirects to avoid the vulnerability. If webpack-dev-server, Lerna, and wait-on packages are ever updated to a version of follow-redirects that fixes the vulnerability, we can remove this override and update the three packages accordingly.",
"micromatch": "There is a vulnerability with micromatch versions less than 4.0.8 This package is currently being consumed in @types/webpack and needs to be updated there. For now we will override this until that is fixed.",
"nanoid": "There is a vulnerability with nanoid versions less than 3.3.8 This package is currently being consumed in @types/webpack and needs to be updated there. For now we will override this until that is fixed.",
"socks": "There is a vulnerability in the ip package which has no fix. We consume ip via socks (eventually via lerna). Socks released a new version that removed the ip dependency. We are using this newer version of socks to avoid the vulnerability. If ip is ever updated or lerna (or any package in the chain) eventually updates to a version of socks that doesn't depend on ip, we can remove this override",
"tar": "There is a vulnerability in the tar package which is being used by lerna that hasn't yet been updated. Once this is patched in lerna we can remove this override"
}
},
"dependencies": {
"skeleton-buffer": "file:./skeleton-buffer",
"uuid": "^9.0.1"
}
}