docs(website): Update tutorial #8737
Conversation
rettichschnidi
force-pushed
the
gardena/rs/upstream/update-tutorial
branch
from
f05c9fa
to
b0cd522
Compare
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #8737 +/- ##
=========================================
Coverage 67.85% 67.85%
Complexity 1165 1165
=========================================
Files 244 244
Lines 7736 7736
Branches 864 864
=========================================
Hits 5249 5249
Misses 2128 2128
Partials 359 359
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
rettichschnidi
changed the title
rettichschnidi
changed the title
This commit updates the content of the tutorial, but does not change anything fundamental. Signed-off-by: Reto Schneider <[email protected]>
rettichschnidi
force-pushed
the
gardena/rs/upstream/update-tutorial
branch
from
b0cd522
to
c359d20
Compare
| @@ -65,7 +59,7 @@ For reliable results we use version 2.1.18 (replace `[mime-types-dir]` with the | |||
| ```shell | |||
| git clone https://github.com/jshttp/mime-types.git [mime-types-dir] | |||
| cd [mime-types-dir] | |||
| git checkout 2.1.18 | |||
| git checkout 2.1.35 | |||
There was a problem hiding this comment.
Note that it might make sense to stick to the older 18 patch-level for comparability to some "mime-types-2.1.18" test assets we have in our code base, like https://github.com/oss-review-toolkit/ort/blob/main/scanner/src/test/assets/scancode-3.0.2_mime-types-2.1.18.json.
There was a problem hiding this comment.
I updated because using 2.1.18 resulted in tons of issues due to outdated dependencies. Which makes it harder to read the resulting file. 2.1.35 has issues too, but (currently) only a few.
Would it be worth to update the tests assets?
There was a problem hiding this comment.
I updated because using 2.1.18 resulted in tons of issues due to outdated dependencies.
What kind of issues exactly? Do you mean security vulnerabilities? However, I believe we do not even run the advisor yet as part of the tutorial... see #4219.
| ERROR - Resolving dependencies for 'package.json' failed with: No lockfile found in '[mime-types-dir]'. This potentially results in unstable versions of dependencies. To support this, enable the 'allowDynamicVersions' option in 'config.yml'. | ||
| Writing analyzer result to '[analyzer-output-dir]/analyzer-result.yml'. | ||
| [workdir]/mime-types | ||
| 00:31:07.985 [main] WARN org.ossreviewtoolkit.plugins.packagemanagers.node.utils.NpmDetection - Any of [NPM, PNPM, YARN, YARN2] could be the package manager for '[workdir]/mime-types/package.json'. Assuming it is an NPM project. |
There was a problem hiding this comment.
a) Why 4x the same warning?
b) Should this be warning just be left out of the tutorial, or addressed by some other means?
There was a problem hiding this comment.
Why 4x the same warning?
Because all of NPM, PNPM, YARN, YARN2 individually state via common NpmDetection code that none of them is clearly responsible for that definition file.
Should this be warning just be left out of the tutorial, or addressed by some other means?
If quoting console output, I believe it should be complete to avoid confusion about differences. Maybe the only exception should be lengthy / unimportant output that could be replaced by ellipsis ([...]).
| source: "NPM" | ||
| message: "deprecated [email protected]: Glob versions prior to v9 are no longer supported" | ||
| severity: "HINT" | ||
| dependency_graphs: |
There was a problem hiding this comment.
Would be nice to have an explanation here, but I do not understand this yet.
There was a problem hiding this comment.
You mean the "deprecated [email protected]: Glob versions prior to v9 are no longer supported" message? That's just being forwarded from NPM itself. Apparently the project uses an unsupported / unmaintained version of the glob package.
| @@ -65,7 +59,7 @@ For reliable results we use version 2.1.18 (replace `[mime-types-dir]` with the | |||
| ```shell | |||
| git clone https://github.com/jshttp/mime-types.git [mime-types-dir] | |||
| cd [mime-types-dir] | |||
| git checkout 2.1.18 | |||
| git checkout 2.1.35 | |||
There was a problem hiding this comment.
I updated because using 2.1.18 resulted in tons of issues due to outdated dependencies. Which makes it harder to read the resulting file. 2.1.35 has issues too, but (currently) only a few.
Would it be worth to update the tests assets?
If there are minimum versions, they are defined as part of an overridden |
This commit updates the content of the tutorial, but does not change anything fundamental.
Open Questions/TODOs: