Conversation
This is a subset of the changes in dotnet#2557 but without any llm additions
…, increase test timeouts - Remove @typescript-eslint/eslint-plugin-tslint and tslint (deprecated) from root dependencies - Add eslint-plugin-header to replace the file-header lint rule (resolves minimatch ReDoS vulnerability) - Update .eslintrc.js to use header/header rule instead of @typescript-eslint/tslint/config - Remove version-pinned eslint invocation in lint script - Delete orphaned sample/tslint.json - Fix leading whitespace in DotnetResolver.ts and TelemetryUtilities.ts file headers - Increase WinMacGlobalInstaller test timeouts from 150s/45s to 600s (tests do real HTTP downloads) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
The pipeline lint step explicitly installs eslint packages. Since we replaced @typescript-eslint/eslint-plugin-tslint with eslint-plugin-header, add it here. Also changed npm ci to npm install since npm ci with package names is not the intended npm ci usage (npm ci installs from lockfile only). Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
| "vscode": "^1.101.0" | ||
| } | ||
| }, | ||
| "../vscode-dotnet-runtime-extension": { |
There was a problem hiding this comment.
I'm ok with including these in the lock - it doesn't actually get consumed, it is somewhat of a bloat but also accurately represents what we need as a dev dependency.
MiYanni
left a comment
MiYanni
left a comment
There was a problem hiding this comment.
Is this process semi-manual right now? Just wondering if version bumping could be automated.
| await installer.installSDK(install); | ||
| mockExecutor.resetReturnValues(); | ||
| }).timeout(150000); | ||
| }).timeout(600000); |
There was a problem hiding this comment.
The CDN was being slower so this was to make the timeout less likely (it happened in this pr with no code change on 1 leg one time)
I think this is smart, it's somewhat automated ( I run a command and it does it for me. Sometimes I have to fix it. ) 1 problem with using dependabot or others is we have an internal feed that needs to consume any dependency update, which blocks anyone without write access, and that doesn't integrate well unless you can manually go through the MS Login / AAD with VPN on whatever is doing the process, so I have to at least run it from my machine :/ Maybe I could try to automate it from copilot's behalf up to the point of authenticating and then I could approve the PRs so others don't have to look at it 👀 |
|
/azp run |
2 participants
This is a subset of the changes in #2557 but without any llm additions