Conversation
michael-valdron
requested review from
Jdubrick,
JslYoon,
johnmcollier and
thepetk
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: michael-valdron The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
Dockerfile
Dismissed
| curl --silent --location https://dl.yarnpkg.com/rpm/yarn.repo | tee /etc/yum.repos.d/yarn.repo && \ | ||
| microdnf install -y yarn | ||
| # Install corepack | ||
| RUN npm install -g corepack@0.34.6 |
Check warning
Code scanning / Scorecard
Pinned-Dependencies Medium
There was a problem hiding this comment.
Similar to above comments
Signed-off-by: Michael Valdron <mvaldron@redhat.com>
…der devfile Signed-off-by: Michael Valdron <mvaldron@redhat.com>
Signed-off-by: Michael Valdron <mvaldron@redhat.com>
Signed-off-by: Michael Valdron <mvaldron@redhat.com>
michael-valdron
force-pushed
the
migrate-yarn-v4
branch
from
b1e41cf to
5a79287
Compare
Signed-off-by: Michael Valdron <mvaldron@redhat.com>
Jdubrick
left a comment
Jdubrick
left a comment
There was a problem hiding this comment.
Small comments, generally lgtm
| attributes: | ||
| container-overrides: | ||
| securityContext: | ||
| runAsUser: 1001 |
There was a problem hiding this comment.
Any particular reason for removing this user context? is it just because runAsNonRoot is true and its redundant?
| # Install corepack & node-gyp dependency | ||
| RUN microdnf install -y python3 gcc-c++ make && \ | ||
| npm install --build-from-resource node-gyp && \ | ||
| npm install -g corepack@0.34.6 |
There was a problem hiding this comment.
If possible can we pin this?
| npm install -g corepack@0.34.6 | ||
|
|
||
| # Install yarn v4 | ||
| RUN corepack install -g yarn@4 |
There was a problem hiding this comment.
Same as above, is it possible to pin?
Dockerfile
Dismissed
| curl --silent --location https://dl.yarnpkg.com/rpm/yarn.repo | tee /etc/yum.repos.d/yarn.repo && \ | ||
| microdnf install -y yarn | ||
| # Install corepack | ||
| RUN npm install -g corepack@0.34.6 |
There was a problem hiding this comment.
Similar to above comments
2 participants
Description of Changes
With yarn classic development slowing down, we are moving to yarn v4 to continue receiving patches and support modern package managers.
Related Issue(s)
resolves devfile/api#1766
Acceptance Criteria
Update the sidebar if there is a new file added or an existing filename is changed
Tests Performed
Explain what tests you personally ran to ensure the changes are functioning as expected.
How To Test
Instructions for the reviewer on how to test your changes.
Notes To Reviewer
Any notes you would like to include for the reviewer.