-
Notifications
You must be signed in to change notification settings - Fork 0
Revert "Replace npm
with pnpm
(#136)"
#144
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Conversation
…due to support with overrides at this time) This reverts commit 775917a.
Caution Review failedThe pull request is closed. WalkthroughThe pull request introduces a comprehensive shift from Changes
Possibly related PRs
Suggested Reviewers
Poem
Tip CodeRabbit's docstrings feature is now available as part of our Early Access Program! Simply use the command 📜 Recent review detailsConfiguration used: CodeRabbit UI ⛔ Files ignored due to path filters (2)
📒 Files selected for processing (5)
🪧 TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (Invoked using PR comments)
Other keywords and placeholders
CodeRabbit Configuration File (
|
npm
with pnpm
(#136)" (unable to make Snyk happy due to support with overrides at this time)npm
with pnpm
(#136)"
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
😢 sad to see snyk ui not supporting pnpm yet, but hopefully one day 🤞
## Summary Reverting back to `npm` due to Snyk UI not supporting `pnpm.overrides` in `package.json` (best source appears to be this [comment](snyk/nodejs-lockfile-parser#111 (comment))). Sounds like the CLI might support it at this time, which means the Snyk [github action](https://github.com/snyk/actions/tree/master/node) might work, but not worth exploring further at this time. Also not sure if Vanta requires Snyk UI for compliance. ## Checklist - [ ] Added Unit Tests - [ ] Covered by existing CI - [ ] Integration tested - [ ] Documentation update <!-- av pr metadata This information is embedded by the av CLI when creating PRs to track the status of stacks when using Aviator. Please do not delete or edit this section of the PR. ``` {"parent":"main","parentHead":"","trunk":"main"} ``` --> Co-authored-by: Sean Lynch <[email protected]>
## Summary Reverting back to `npm` due to Snyk UI not supporting `pnpm.overrides` in `package.json` (best source appears to be this [comment](snyk/nodejs-lockfile-parser#111 (comment))). Sounds like the CLI might support it at this time, which means the Snyk [github action](https://github.com/snyk/actions/tree/master/node) might work, but not worth exploring further at this time. Also not sure if Vanta requires Snyk UI for compliance. ## Checklist - [ ] Added Unit Tests - [ ] Covered by existing CI - [ ] Integration tested - [ ] Documentation update <!-- av pr metadata This information is embedded by the av CLI when creating PRs to track the status of stacks when using Aviator. Please do not delete or edit this section of the PR. ``` {"parent":"main","parentHead":"","trunk":"main"} ``` --> Co-authored-by: Sean Lynch <[email protected]>
## Summary Reverting back to `npm` due to Snyk UI not supporting `pnpm.overrides` in `package.json` (best source appears to be this [comment](snyk/nodejs-lockfile-parser#111 (comment))). Sounds like the CLI might support it at this time, which means the Snyk [github action](https://github.com/snyk/actions/tree/master/node) might work, but not worth exploring further at this time. Also not sure if Vanta requires Snyk UI for compliance. ## Checklist - [ ] Added Unit Tests - [ ] Covered by existing CI - [ ] Integration tested - [ ] Documentation update <!-- av pr metadata This information is embedded by the av CLI when creating PRs to track the status of stacks when using Aviator. Please do not delete or edit this section of the PR. ``` {"parent":"main","parentHead":"","trunk":"main"} ``` --> Co-authored-by: Sean Lynch <[email protected]>
## Summary Reverting baour clients to `npm` due to Snyk UI not supporting `pnpm.overrides` in `paour clientsage.json` (best source appears to be this [comment](https://github.com/snyk/nodejs-loour clientsfile-parser/issues/111#issuecomment-2384915606)). Sounds like the CLI might support it at this time, which means the Snyk [github action](https://github.com/snyk/actions/tree/master/node) might work, but not worth exploring further at this time. Also not sure if Vanta requires Snyk UI for compliance. ## Cheour clientslist - [ ] Added Unit Tests - [ ] Covered by existing CI - [ ] Integration tested - [ ] Documentation update <!-- av pr metadata This information is embedded by the av CLI when creating PRs to traour clients the status of staour clientss when using Aviator. Please do not delete or edit this section of the PR. ``` {"parent":"main","parentHead":"","trunk":"main"} ``` --> Co-authored-by: Sean Lynch <[email protected]>
Summary
Reverting PR #136 to switch back to
npm
due to Snyk UI not supportingpnpm.overrides
inpackage.json
(best source appears to be this comment). Sounds like the CLI might support it at this time, which means the Snyk github action might work, but not worth exploring further at this time. Also not sure if Vanta requires Snyk UI for compliance.Checklist
Summary by CodeRabbit
New Features
npm
instead ofpnpm
.Bug Fixes
Documentation
npm
for commands and installation instructions.Chores