fix(plugin-e2e): remove uuid and semver runtime dependencies#2650
Open
sunker wants to merge 7 commits into
Open
fix(plugin-e2e): remove uuid and semver runtime dependencies#2650sunker wants to merge 7 commits into
sunker wants to merge 7 commits into
Conversation
Contributor
|
Hello! 👋 This repository uses Auto for releasing packages using PR labels. ✨ This PR can be merged but will not trigger a new release. To trigger a new release add the |
Previous `npm install` on macOS regenerated the lockfile and dropped the encoding and iconv-lite@0.6.3 entries (optional deps of minipass-fetch) that npm ci on Linux expects to be present. Restored those entries from main, kept only the intended uuid and @types/uuid removals.
The previous build-numbered threshold `13.1.0-25389005429` relied on semver pre-release semantics (release > pre-release) to ensure final 13.1.0 took the textbox path. The new inline version utility treats dash-suffixed builds as newer than the base release, which inverts that relationship. Tighten the threshold to plain `13.1.0` so the textbox path applies to all 13.1.0 builds and onward.
Previously the utility treated a dash-suffixed build identifier as a 4th component that made the version newer than the base release. That broke existing call sites like the slider threshold in PanelEditOptionsGroup, which were written assuming standard semver semantics where any pre-release sorts below the matching release (`1.2.3-X` < `1.2.3`). Reimplemented `parseVer` to track pre-release identifiers as a list and follow semver section 11 precedence rules: - Releases outrank any pre-release of the same MAJOR.MINOR.PATCH. - Numeric pre-release identifiers compare numerically; non-numeric ones compare lexicographically; numeric < non-numeric. - A longer set of identifiers outranks a shorter prefix-equal set. - Build metadata after `+` is ignored. Reverted the threshold in PanelEditOptionsGroup back to `13.1.0-25389005429` since the original semantics are restored, and updated the tests to assert the new pre-release precedence behavior.
sunker
requested review from
academo,
eledobleefe,
jackw,
oshirohugo and
xnyo
and removed request for
a team
Contributor
There was a problem hiding this comment.
Pull request overview
This PR reduces the runtime dependency surface of @grafana/plugin-e2e by removing uuid and semver, replacing them with built-in APIs and a small in-repo version comparison utility. It also exposes the new version helpers from the package entrypoint so plugin authors can reuse them without adding semver.
Changes:
- Added
src/utils/version.tswithgte,gt,lte,lt,eq, andsatisfies, plus unit tests. - Replaced
semverusage acrossplugin-e2epage models/components/fixtures with the new helpers. - Replaced
uuidv4()withcrypto.randomUUID()and removedsemver/uuid(and@types/uuid) frompackages/plugin-e2e/package.jsonand the lockfile; updated docs to use the exported helpers.
Reviewed changes
Copilot reviewed 24 out of 25 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| packages/plugin-e2e/src/utils/version.ts | Introduces inlined semver-like comparison and range checking helpers. |
| packages/plugin-e2e/src/utils/version.test.ts | Adds vitest coverage for version parsing/comparison and satisfies(). |
| packages/plugin-e2e/src/models/pages/VariableEditPage.ts | Switches Grafana version branching from semver to local gte/lt. |
| packages/plugin-e2e/src/models/pages/PanelEditPage.ts | Switches version checks from semver to local helpers. |
| packages/plugin-e2e/src/models/pages/ExplorePage.ts | Switches version checks from semver to local lt. |
| packages/plugin-e2e/src/models/pages/DashboardPage.ts | Switches version checks from semver to local helpers. |
| packages/plugin-e2e/src/models/pages/AnnotationPage.ts | Switches version checks from semver to local gte. |
| packages/plugin-e2e/src/models/pages/AnnotationEditPage.ts | Switches version checks from semver to local helpers. |
| packages/plugin-e2e/src/models/pages/AlertRuleEditPage.ts | Switches version checks from semver to local helpers. |
| packages/plugin-e2e/src/models/components/TimeRange.ts | Switches version checks from semver to local gte. |
| packages/plugin-e2e/src/models/components/Switch.ts | Switches version checks from semver to local helpers. |
| packages/plugin-e2e/src/models/components/RadioGroup.ts | Switches version checks from semver to local gte. |
| packages/plugin-e2e/src/models/components/PanelEditOptionsGroup.ts | Switches version checks from semver to local helpers. |
| packages/plugin-e2e/src/models/components/Panel.ts | Switches version checks from semver to local lt. |
| packages/plugin-e2e/src/models/components/DataSourcePicker.ts | Switches version checks from semver to local lt. |
| packages/plugin-e2e/src/models/components/ColorPicker.ts | Switches version checks from semver to local gte. |
| packages/plugin-e2e/src/index.ts | Exports the new version helpers from the public package API. |
| packages/plugin-e2e/src/fixtures/page.ts | Switches version checks from semver to local gte. |
| packages/plugin-e2e/src/fixtures/commands/gotoAlertRuleEditPage.ts | Switches version checks from semver to local lt. |
| packages/plugin-e2e/src/fixtures/commands/createDataSource.ts | Replaces uuid with crypto.randomUUID() for datasource naming. |
| packages/plugin-e2e/src/fixtures/alertRuleEditPage.ts | Switches version checks from semver to local lt. |
| packages/plugin-e2e/package.json | Removes semver, uuid, and @types/uuid dependencies. |
| package-lock.json | Removes uuid and @types/uuid entries for plugin-e2e. |
| docusaurus/docs/e2e-test-a-plugin/test-a-data-source-plugin/annotation-queries.md | Updates example to use gte exported by @grafana/plugin-e2e. |
| docusaurus/docs/e2e-test-a-plugin/feature-toggles.md | Removes semver import from documentation snippet. |
gcomApiClient.js used `uuid.v4()` for an x-request-id header but relied on transitive resolution from plugin-e2e to find the package. Now that plugin-e2e no longer ships uuid, the website build fails to resolve it. Switch to the built-in crypto.randomUUID() (available in all evergreen browsers since 2022).
Contributor
Playwright test results
Troubleshooting404 when clicking on
|
jackw
changed the title
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What this PR does / why we need it:
Inlines a two deps used in
@grafana/plugin-e2eto reduce the likelihood of supply chain attacks reaching consumers.uuidis replaced withcrypto.randomUUID()andsemveris replaced with a tiny version utility atsrc/utils/version.ts. Also exports the newgte,lt,lte,gt,eqandsatisfieshelpers so plugin authors can use them without pulling insemverthemselves.Which issue(s) this PR fixes:
Fixes #2647
Special notes for your reviewer: