A Metamask fork with Infura removed and default networks editable
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
ciphermask/package.json

279 lines
9.9 KiB

9 years ago
{
"name": "metamask-crx",
9 years ago
"version": "0.0.0",
"private": true,
"scripts": {
"start": "gulp dev:extension",
"dist": "gulp dist",
"doc": "jsdoc -c development/.jsdoc.json",
"publish-docs": "gh-pages -d docs/jsdocs",
"start:test": "gulp dev:test",
"build:test": "gulp build:test",
Switch from `npm` to `yarn` (#6843) As a solution to the constant lockfile churn issues we've had with `npm`, the project now uses `yarn` to manage dependencies. The `package-lock.json` file has been replaced with `yarn.lock`, which was created using `yarn import`. It should approximate the contents of `package-lock.json` fairly well, though there may be some changes due to deduplication. The codeowners file has been updated to reference this new lockfile. All documentation and npm scripts have been updated to reference `yarn` rather than `npm`. Note that running scripts using `npm run` still works fine, but it seemed better to switch those to `yarn` as well to avoid confusion. The `npm-audit` Bash script has been replaced with `yarn-audit`. The output of `yarn audit` is a bit different than `npm audit` in that it returns a bitmask to describe which severity issues were found. This made it simpler to check the results directly from the Bash script, so the associated `npm-audit-check.js` script was no longer required. The output should be exactly the same, and the information is still sourced from the same place (the npm registry). The new `yarn-audit` script does have an external dependency: `jq`. However, `jq` is already assumed to be present by another CI script, and is present on all CI images we use. `jq` was not added to `package.json` as a dependency because there is no official package on the npm registry, just wrapper scripts. We don't need it anywhere exept on CI anyway. The section in `CONTRIBUTING` about how to develop inside the `node_modules` folder was removed, as the advice was a bit dated, and wasn't specific to this project anyway.
5 years ago
"test": "yarn test:unit && yarn lint",
"dapp": "static-server test/e2e/contract-test --port 8080",
Switch from `npm` to `yarn` (#6843) As a solution to the constant lockfile churn issues we've had with `npm`, the project now uses `yarn` to manage dependencies. The `package-lock.json` file has been replaced with `yarn.lock`, which was created using `yarn import`. It should approximate the contents of `package-lock.json` fairly well, though there may be some changes due to deduplication. The codeowners file has been updated to reference this new lockfile. All documentation and npm scripts have been updated to reference `yarn` rather than `npm`. Note that running scripts using `npm run` still works fine, but it seemed better to switch those to `yarn` as well to avoid confusion. The `npm-audit` Bash script has been replaced with `yarn-audit`. The output of `yarn audit` is a bit different than `npm audit` in that it returns a bitmask to describe which severity issues were found. This made it simpler to check the results directly from the Bash script, so the associated `npm-audit-check.js` script was no longer required. The output should be exactly the same, and the information is still sourced from the same place (the npm registry). The new `yarn-audit` script does have an external dependency: `jq`. However, `jq` is already assumed to be present by another CI script, and is present on all CI images we use. `jq` was not added to `package.json` as a dependency because there is no official package on the npm registry, just wrapper scripts. We don't need it anywhere exept on CI anyway. The section in `CONTRIBUTING` about how to develop inside the `node_modules` folder was removed, as the advice was a bit dated, and wasn't specific to this project anyway.
5 years ago
"dapp-chain": "GANACHE_ARGS='-b 2' concurrently -k -n ganache,dapp -p '[{time}][{name}]' 'yarn ganache:start' 'sleep 5 && static-server test/e2e/contract-test --port 8080'",
"watch:test:unit": "nodemon --exec \"yarn test:unit\" ./test ./app ./ui",
"sendwithprivatedapp": "static-server test/e2e/send-eth-with-private-key-test --port 8080",
"test:unit": "cross-env METAMASK_ENV=test mocha --exit --require test/setup.js --recursive \"test/unit/**/*.js\" \"ui/app/**/*.test.js\"",
"test:single": "cross-env METAMASK_ENV=test mocha --require test/helper.js",
Switch from `npm` to `yarn` (#6843) As a solution to the constant lockfile churn issues we've had with `npm`, the project now uses `yarn` to manage dependencies. The `package-lock.json` file has been replaced with `yarn.lock`, which was created using `yarn import`. It should approximate the contents of `package-lock.json` fairly well, though there may be some changes due to deduplication. The codeowners file has been updated to reference this new lockfile. All documentation and npm scripts have been updated to reference `yarn` rather than `npm`. Note that running scripts using `npm run` still works fine, but it seemed better to switch those to `yarn` as well to avoid confusion. The `npm-audit` Bash script has been replaced with `yarn-audit`. The output of `yarn audit` is a bit different than `npm audit` in that it returns a bitmask to describe which severity issues were found. This made it simpler to check the results directly from the Bash script, so the associated `npm-audit-check.js` script was no longer required. The output should be exactly the same, and the information is still sourced from the same place (the npm registry). The new `yarn-audit` script does have an external dependency: `jq`. However, `jq` is already assumed to be present by another CI script, and is present on all CI images we use. `jq` was not added to `package.json` as a dependency because there is no official package on the npm registry, just wrapper scripts. We don't need it anywhere exept on CI anyway. The section in `CONTRIBUTING` about how to develop inside the `node_modules` folder was removed, as the advice was a bit dated, and wasn't specific to this project anyway.
5 years ago
"test:integration": "yarn test:integration:build && yarn test:flat",
"test:integration:build": "gulp build:scss",
"test:e2e:chrome": "SELENIUM_BROWSER=chrome test/e2e/run-all.sh",
"test:web3:chrome": "SELENIUM_BROWSER=chrome test/e2e/run-web3.sh",
"test:web3:firefox": "SELENIUM_BROWSER=firefox test/e2e/run-web3.sh",
"test:e2e:firefox": "SELENIUM_BROWSER=firefox test/e2e/run-all.sh",
"test:coverage": "nyc --reporter=text --reporter=html npm run test:unit",
"test:coveralls-upload": "if [ $COVERALLS_REPO_TOKEN ]; then nyc report --reporter=text-lcov | coveralls; fi",
Switch from `npm` to `yarn` (#6843) As a solution to the constant lockfile churn issues we've had with `npm`, the project now uses `yarn` to manage dependencies. The `package-lock.json` file has been replaced with `yarn.lock`, which was created using `yarn import`. It should approximate the contents of `package-lock.json` fairly well, though there may be some changes due to deduplication. The codeowners file has been updated to reference this new lockfile. All documentation and npm scripts have been updated to reference `yarn` rather than `npm`. Note that running scripts using `npm run` still works fine, but it seemed better to switch those to `yarn` as well to avoid confusion. The `npm-audit` Bash script has been replaced with `yarn-audit`. The output of `yarn audit` is a bit different than `npm audit` in that it returns a bitmask to describe which severity issues were found. This made it simpler to check the results directly from the Bash script, so the associated `npm-audit-check.js` script was no longer required. The output should be exactly the same, and the information is still sourced from the same place (the npm registry). The new `yarn-audit` script does have an external dependency: `jq`. However, `jq` is already assumed to be present by another CI script, and is present on all CI images we use. `jq` was not added to `package.json` as a dependency because there is no official package on the npm registry, just wrapper scripts. We don't need it anywhere exept on CI anyway. The section in `CONTRIBUTING` about how to develop inside the `node_modules` folder was removed, as the advice was a bit dated, and wasn't specific to this project anyway.
5 years ago
"test:flat": "yarn test:flat:build && karma start test/flat.conf.js",
"test:flat:build": "yarn test:flat:build:ui && yarn test:flat:build:tests && yarn test:flat:build:locales",
"test:flat:build:tests": "node test/integration/index.js",
"test:flat:build:states": "node development/genStates.js",
"test:flat:build:locales": "mkdirp dist/chrome && cp -R app/_locales dist/chrome/_locales",
Switch from `npm` to `yarn` (#6843) As a solution to the constant lockfile churn issues we've had with `npm`, the project now uses `yarn` to manage dependencies. The `package-lock.json` file has been replaced with `yarn.lock`, which was created using `yarn import`. It should approximate the contents of `package-lock.json` fairly well, though there may be some changes due to deduplication. The codeowners file has been updated to reference this new lockfile. All documentation and npm scripts have been updated to reference `yarn` rather than `npm`. Note that running scripts using `npm run` still works fine, but it seemed better to switch those to `yarn` as well to avoid confusion. The `npm-audit` Bash script has been replaced with `yarn-audit`. The output of `yarn audit` is a bit different than `npm audit` in that it returns a bitmask to describe which severity issues were found. This made it simpler to check the results directly from the Bash script, so the associated `npm-audit-check.js` script was no longer required. The output should be exactly the same, and the information is still sourced from the same place (the npm registry). The new `yarn-audit` script does have an external dependency: `jq`. However, `jq` is already assumed to be present by another CI script, and is present on all CI images we use. `jq` was not added to `package.json` as a dependency because there is no official package on the npm registry, just wrapper scripts. We don't need it anywhere exept on CI anyway. The section in `CONTRIBUTING` about how to develop inside the `node_modules` folder was removed, as the advice was a bit dated, and wasn't specific to this project anyway.
5 years ago
"test:flat:build:ui": "yarn test:flat:build:states && browserify --transform babelify --transform brfs ./development/mock-dev.js -o ./development/bundle.js",
"ganache:start": "./development/run-ganache",
"sentry:publish": "node ./development/sentry-publish.js",
"lint": "eslint . --ext js,json",
"lint:fix": "eslint . --ext js,json --fix",
"mozilla-lint": "addons-linter dist/firefox",
"watch": "cross-env METAMASK_ENV=test mocha --watch --require test/setup.js --reporter min --recursive \"test/unit/**/*.js\" \"ui/app/**/*.test.js\"",
"devtools:react": "react-devtools",
"devtools:redux": "remotedev --hostname=localhost --port=8000",
Switch from `npm` to `yarn` (#6843) As a solution to the constant lockfile churn issues we've had with `npm`, the project now uses `yarn` to manage dependencies. The `package-lock.json` file has been replaced with `yarn.lock`, which was created using `yarn import`. It should approximate the contents of `package-lock.json` fairly well, though there may be some changes due to deduplication. The codeowners file has been updated to reference this new lockfile. All documentation and npm scripts have been updated to reference `yarn` rather than `npm`. Note that running scripts using `npm run` still works fine, but it seemed better to switch those to `yarn` as well to avoid confusion. The `npm-audit` Bash script has been replaced with `yarn-audit`. The output of `yarn audit` is a bit different than `npm audit` in that it returns a bitmask to describe which severity issues were found. This made it simpler to check the results directly from the Bash script, so the associated `npm-audit-check.js` script was no longer required. The output should be exactly the same, and the information is still sourced from the same place (the npm registry). The new `yarn-audit` script does have an external dependency: `jq`. However, `jq` is already assumed to be present by another CI script, and is present on all CI images we use. `jq` was not added to `package.json` as a dependency because there is no official package on the npm registry, just wrapper scripts. We don't need it anywhere exept on CI anyway. The section in `CONTRIBUTING` about how to develop inside the `node_modules` folder was removed, as the advice was a bit dated, and wasn't specific to this project anyway.
5 years ago
"start:dev": "concurrently -k -n build,react,redux yarn:start yarn:devtools:react yarn:devtools:redux",
"announce": "node development/announcer.js",
"version:bump": "node development/run-version-bump.js",
"storybook": "start-storybook -p 6006 -c .storybook",
"update-changelog": "./development/auto-changelog.sh",
"rollback": "./development/rollback.sh"
},
9 years ago
"dependencies": {
"@babel/runtime": "^7.5.5",
"@material-ui/core": "1.0.0",
"@sentry/browser": "^4.1.1",
"@zxing/library": "^0.8.0",
6 years ago
"abi-decoder": "^1.2.0",
"asmcrypto.js": "^2.3.2",
"await-semaphore": "^0.1.1",
"bignumber.js": "^4.1.0",
"bip39": "^2.2.0",
"bluebird": "^3.5.0",
"bn.js": "^4.11.7",
"boron": "^0.2.3",
"browser-passworder": "^2.0.3",
"browserify-derequire": "^0.9.4",
"browserify-unibabel": "^3.0.0",
"c3": "^0.6.7",
"classnames": "^2.2.5",
"clone": "^2.1.2",
"content-hash": "^2.4.3",
7 years ago
"copy-to-clipboard": "^3.0.8",
"currency-formatter": "^1.4.2",
"d3": "^5.7.0",
"debounce": "1.1.0",
"debounce-stream": "^2.0.0",
"deep-extend": "^0.5.1",
"detect-node": "^2.0.3",
"detectrtc": "^1.3.6",
"dnode": "^1.2.2",
"end-of-stream": "^1.1.0",
"eth-block-tracker": "^4.1.0",
"eth-contract-metadata": "^1.9.2",
"eth-ens-namehash": "^2.0.8",
"eth-json-rpc-filters": "^3.0.4",
"eth-json-rpc-infura": "^3.2.0",
"eth-keyring-controller": "^4.0.1",
"eth-ledger-bridge-keyring": "^0.2.0",
"eth-method-registry": "^1.2.0",
"eth-phishing-detect": "^1.1.4",
"eth-query": "^2.1.2",
"eth-sig-util": "^2.3.0",
"eth-token-tracker": "^1.1.5",
"eth-trezor-keyring": "^0.4.0",
"ethereumjs-abi": "^0.6.4",
"ethereumjs-tx": "1.3.7",
7 years ago
"ethereumjs-util": "github:ethereumjs/ethereumjs-util#ac5d0908536b447083ea422b435da27f26615de9",
"ethereumjs-wallet": "^0.6.0",
"etherscan-link": "^1.0.2",
"ethjs": "^0.4.0",
"ethjs-contract": "^0.2.3",
"ethjs-ens": "^2.0.0",
"ethjs-query": "^0.3.4",
"extension-port-stream": "^1.0.0",
"extensionizer": "^1.0.1",
"fast-json-patch": "^2.0.4",
"fuse.js": "^3.2.0",
Address book send plus contact list (#6914) * Style Send Header * Move Send to-row to send view and restyle * Add "Recents" group to select recipient view * Rename SendToRow to AddRecipient * Basic UI and Layout * New ENSInput component * wip - fuzzy search for input * small refactor * Add Dialog * contact list initial * initial error on invalid address * clean up edit * Click to open modal * Create AddToAddressBookModal component * Modal styling and layout * modal i18n * Add to Addressbook * ens wip * ens wip * ENS Resolution * Reset input * Send to explicit address * Happy Path Complete * Add back error checking * Reset send-to when emptying input * Add back warning object * Fix linter * Fix unit test #1 - fix import paths * Remove dead tests * One more to go * Fix all unit tests * add unit test for reducers and actions * test rendering AddRecipient * Add tests for dialog boxes in AddRecipient * Add test for validating * Fix linter * Fix e2e tests * Token send e2e fix * Style View Contact * Style edit-contact * Fix e2e * Fix from-import-beta-ui e2e spec * Make section header say "add recipient” by default * Auto-focus add recipient input * Update placeholder text * Update input title font size * Auto advance to next step if user paste a valid address * Ellipsify address when recipient is selected * Fix app header background color on desktop * Give each form row a margin of 16px * Use .container/.component naming pattern for ens-input * Auto-focus on input when add to addressbook modal is opened; Save on Enter * Fix and add unit test * Fix selectors name in e2e tests * Correct e2e test token amount for address-book-send changes * Adds e2e test for editing a transaction * Delete test/integration/lib/send-new-ui.js * Add tests for amount max button and high value error on send screen to test/e2e/metamask-ui.spec.js * lint and revert to address as object keys * add chainId based on current network to address book entry * fix test * only display contacts for the current network * Improve ENS message when not found on current network * Add error to indicate when network does not support ENS * bump gaba * address book, resolve comments * Move contact-list to its own component * De-duplicate getaddressbook selector and refactor name selection logic in contact-list-tab/ * Use contact-list component in contact-list-tab.component (i.e. in settings) * Improve/fix settings headers for popup and browser views * Lint fixes related to address book updates * Add 'My accounts' page to settings address book * Update add new contact button in settings to match floating circular design * Improve styles of view contact page * Improve styles and labels of the add-contact.component * Further lint fixes related to address book updates * Update unit tests as per address book updates * Ensure that contact list groups are sorted alphabetically * Refactor settings component to use a container for connection to redux; allow display of addressbook name in settings header * Decouple ens-input.component from send context * Add ens resolution to add contact screen in settings * Switching networks when an ens address is shown on send form removes the ens address. * Resolve send screen search for ensAddress to matching address book entry if it exists * Show resolved ens icon and address if exists (settings: add-contact.component) * Make the displayed and copied address in view-contact.component the checksummed address * Default alias state prop in AddToAddressBookModal to empty string * Use keyCode to detect enter key in AddToAddressBookModal * Ensure add-contact component properly updates after QR code detection * Fix display of all recents after clicking 'Load More' in contact list * Fix send screen contact searching after network switching * Code cleanup related to address book changes * Update unit tests for address book changes * Update ENS name not found on network message * Add ens registration error message * Cancel on edit mode takes user back to view screen * Adds support for memo to settings contact list view and edit screens * Modify designs of edit and view contact in popup environment * Update settings content list UX to show split columns in fullscreen and proper internal navigation * Correct background address book API usages in UI
5 years ago
"gaba": "^1.5.0",
"human-standard-token-abi": "^2.0.0",
"jazzicon": "^1.2.0",
"json-rpc-engine": "^4.0.0",
6 years ago
"json-rpc-middleware-stream": "^2.1.1",
"jsonschema": "^1.2.4",
7 years ago
"lodash.debounce": "^4.0.8",
"lodash.shuffle": "^4.2.0",
"loglevel": "^1.4.1",
"luxon": "^1.8.2",
"metamask-inpage-provider": "^2.0.1",
"metamask-logo": "^2.1.4",
"mkdirp": "^0.5.1",
"multihashes": "^0.4.12",
"nonce-tracker": "^1.0.0",
"number-to-bn": "^1.7.0",
"obj-multiplex": "^1.0.0",
"obs-store": "^3.0.2",
"percentile": "^1.2.0",
"pify": "^3.0.0",
9 years ago
"polyfill-crypto.getrandomvalues": "^1.0.0",
"post-message-stream": "^3.0.0",
"promise-filter": "^1.1.0",
"promise-to-callback": "^1.0.0",
"prop-types": "^15.6.1",
"pubnub": "4.24.4",
7 years ago
"pump": "^3.0.0",
"qrcode-generator": "1.4.1",
"ramda": "^0.24.1",
"react": "^15.6.2",
"react-dnd": "^3.0.2",
"react-dnd-html5-backend": "^7.4.4",
"react-dom": "^15.6.2",
"react-hyperscript": "^3.0.0",
"react-idle-timer": "^4.2.5",
"react-inspector": "^2.3.0",
"react-media": "^1.8.0",
"react-redux": "^5.0.5",
"react-router-dom": "^4.2.2",
"react-select": "^1.0.0",
"react-simple-file-input": "^2.0.0",
"react-tippy": "^1.2.2",
"react-toggle-button": "^2.2.0",
"react-tooltip-component": "^0.3.0",
"react-transition-group": "^1.2.1",
"react-trigger-change": "^1.0.2",
"reactify": "^1.1.1",
"readable-stream": "^2.3.3",
"recompose": "^0.25.0",
"redux": "^3.0.5",
"redux-logger": "^3.0.6",
"redux-thunk": "^2.2.0",
"request-promise": "^4.2.1",
"reselect": "^3.0.1",
"safe-event-emitter": "^1.0.1",
"single-call-balance-checker-abi": "^1.0.0",
"swappable-obj-proxy": "^1.1.0",
"textarea-caret": "^3.0.1",
"valid-url": "^1.0.9",
6 years ago
"web3": "^0.20.7",
"web3-stream-provider": "^3.0.1",
"webrtc-adapter": "^6.3.0",
"xtend": "^4.0.1"
9 years ago
},
"devDependencies": {
"@babel/core": "^7.5.5",
"@babel/plugin-proposal-class-properties": "^7.5.5",
"@babel/plugin-proposal-object-rest-spread": "^7.5.5",
"@babel/plugin-transform-runtime": "^7.5.5",
"@babel/preset-env": "^7.5.5",
"@babel/preset-react": "^7.0.0",
"@babel/register": "^7.5.5",
"@sentry/cli": "^1.30.3",
"@storybook/addon-info": "^5.1.1",
"@storybook/addon-knobs": "^3.4.2",
"@storybook/react": "^5.1.1",
"abortcontroller-polyfill": "^1.3.0",
6 years ago
"addons-linter": "^1.10.0",
"babel-eslint": "^10.0.2",
"babelify": "^10.0.0",
"brfs": "^1.6.1",
6 years ago
"browserify": "^16.2.3",
"chai": "^4.1.0",
"chromedriver": "^2.41.0",
"concurrently": "^4.1.1",
"coveralls": "^3.0.0",
"cross-env": "^5.1.4",
"css-loader": "^2.1.1",
"deep-freeze-strict": "^1.1.1",
"del": "^3.0.0",
"envify": "^4.0.0",
"enzyme": "^3.4.4",
"enzyme-adapter-react-15": "^1.0.6",
"eslint": "^6.0.1",
"eslint-plugin-chai": "0.0.1",
"eslint-plugin-json": "^1.2.0",
"eslint-plugin-mocha": "^5.0.0",
7 years ago
"eslint-plugin-react": "^7.4.0",
"eth-json-rpc-middleware": "^4.1.3",
"fetch-mock": "^6.5.2",
"file-loader": "^1.1.11",
"fs-extra": "^6.0.1",
"fs-promise": "^2.0.3",
"ganache-cli": "^6.4.4",
"ganache-core": "^2.5.7",
6 years ago
"geckodriver": "^1.16.2",
"gh-pages": "^1.2.0",
"gulp": "^4.0.0",
"gulp-autoprefixer": "^5.0.0",
"gulp-babel": "^7.0.0",
"gulp-debug": "^3.2.0",
"gulp-eslint": "^4.0.0",
"gulp-json-editor": "^2.2.1",
"gulp-livereload": "4.0.0",
"gulp-multi-process": "^1.3.1",
"gulp-replace": "^0.6.1",
"gulp-sass": "^4.0.0",
"gulp-sourcemaps": "^2.6.0",
"gulp-stylefmt": "^1.1.0",
"gulp-stylelint": "^7.0.0",
"gulp-uglify-es": "^1.0.4",
"gulp-util": "^3.0.7",
6 years ago
"gulp-watch": "^5.0.1",
"gulp-zip": "^4.0.0",
"http-server": "^0.11.1",
"isomorphic-fetch": "^2.2.1",
6 years ago
"jsdoc": "^3.6.2",
"jsdom": "^11.2.0",
"jsdom-global": "^3.0.2",
"karma": "^4.1.0",
"karma-chrome-launcher": "^2.2.0",
"karma-cli": "^1.0.1",
"karma-firefox-launcher": "^1.0.1",
"karma-qunit": "^1.2.1",
"lodash.assign": "^4.0.6",
"mocha": "^5.0.0",
"mocha-eslint": "^4.0.0",
"mocha-jsdom": "^1.1.0",
"mocha-sinon": "^2.0.0",
"nock": "^9.0.14",
6 years ago
"node-sass": "^4.12.0",
"nyc": "^13.0.0",
"path": "^0.12.7",
"prepend-file": "^1.3.1",
"proxyquire": "2.0.1",
"qs": "^6.2.0",
"qunitjs": "^2.4.1",
"radgrad-jsdoc-template": "^1.1.3",
"react-devtools": "^3.6.1",
"react-test-renderer": "^15.6.2",
"redux-mock-store": "^1.5.3",
"redux-test-utils": "^0.2.2",
"remote-redux-devtools": "^0.5.16",
"remotedev-server": "^0.3.1",
"resolve-url-loader": "^2.3.0",
"rimraf": "^2.6.2",
"sass-loader": "^7.0.1",
"selenium-webdriver": "^3.5.0",
"sinon": "^5.0.0",
"source-map": "^0.7.2",
"static-server": "^2.2.1",
"style-loader": "^0.21.0",
"stylelint-config-standard": "^18.2.0",
9 years ago
"tape": "^4.5.1",
6 years ago
"testem": "^2.16.0",
"through2": "^2.0.3",
"vinyl-buffer": "^1.0.1",
"vinyl-source-stream": "^2.0.0",
6 years ago
"watchify": "^3.11.1"
9 years ago
},
"engines": {
Switch from `npm` to `yarn` (#6843) As a solution to the constant lockfile churn issues we've had with `npm`, the project now uses `yarn` to manage dependencies. The `package-lock.json` file has been replaced with `yarn.lock`, which was created using `yarn import`. It should approximate the contents of `package-lock.json` fairly well, though there may be some changes due to deduplication. The codeowners file has been updated to reference this new lockfile. All documentation and npm scripts have been updated to reference `yarn` rather than `npm`. Note that running scripts using `npm run` still works fine, but it seemed better to switch those to `yarn` as well to avoid confusion. The `npm-audit` Bash script has been replaced with `yarn-audit`. The output of `yarn audit` is a bit different than `npm audit` in that it returns a bitmask to describe which severity issues were found. This made it simpler to check the results directly from the Bash script, so the associated `npm-audit-check.js` script was no longer required. The output should be exactly the same, and the information is still sourced from the same place (the npm registry). The new `yarn-audit` script does have an external dependency: `jq`. However, `jq` is already assumed to be present by another CI script, and is present on all CI images we use. `jq` was not added to `package.json` as a dependency because there is no official package on the npm registry, just wrapper scripts. We don't need it anywhere exept on CI anyway. The section in `CONTRIBUTING` about how to develop inside the `node_modules` folder was removed, as the advice was a bit dated, and wasn't specific to this project anyway.
5 years ago
"node": "^10.16.0",
"yarn": "^1.16.0"
9 years ago
}
}