The node_modules cache tarball will be published as release artifact, to
make sure that any release can be rebuilt in a reproducible way.
Cockpituous' release-source will call this if available:
https://github.com/cockpit-project/cockpituous/pull/438
Avoid the indirection, and directly call webpack. This avoids adding an
`npm` build dependency if/when the RPM wants to rebuild the webpack
during package build.
This is ugly as it races with other make targets which expect
node_modules/ to exist. It's also unnecessary, we can just tell tar to
ignore node_modules/.
Cockpit 247 changed cockpit-po-plugin.js to always expect a line number
in msgid references [1]. Also sync manifest2po from Cockpit 249 to
generate that reference for manifests, so that they keep getting
included into the translation js.
[1] 0ecc3a705d
This partitions secrets and limits their potential exposure/leakage.
This environment can be created with github-upload-action-secrets in [1].
[1] https://github.com/cockpit-project/bots/pull/2164
With recent NPM/sandcastle versions, production mode and its additional
optimizations don't fit any more into the 768 MB RAM of sandcastle
containers. Build in development mode, which skips the optimization
steps.
Taken from 7000b4460e
731fdf82c0 fixed the
deprecation warning in cockpit-po-plugin:
> node:37175) [DEP_WEBPACK_COMPILATION_ASSETS] DeprecationWarning:
> Compilation.assets will be frozen in future, all modifications are
> deprecated.
> BREAKING CHANGE: No more changes should happen to Compilation.assets
> after sealing the Compilation.
The tests switch to German, make sure that the corresponding locale
exists. Otherwise, tests will run into unexpected messages like "invalid
or unusable locale: de_DE.UTF-8".
Bring back terser-webpack-plugin from commit c52136c051 and re-enable
it. It builds the autogenerated dist/index.js.LICENSE.txt which is quite
important for shipping distribution packages -- c-{podman,machines} both
do this.
Backport 95021c336e
to make sure that the webpack for the release tarball is *actually*
built in production mode.
We don't need to explicitly mention TerserJSPlugin any more (from commit
6b8611), as webpack 5 can now extend the `minimizer:` list with the
special `...` syntax.
This gets rid of several `npm install` warnings:
deprecated chokidar@2.1.8: Chokidar 2 will break on node v14+. Upgrade to chokidar 3 with 15x less dependencies.
deprecated resolve-url@0.2.1: https://github.com/lydell/resolve-url#deprecated
deprecated urix@0.1.0: Please see https://github.com/lydell/urix#deprecated
deprecated fsevents@1.2.13: fsevents 1 will break on node v14+ and could be using insecure binaries. Upgrade to fsevents 2.
as well as 10 MB of node_modules.
Fixes these `npm install` warnings:
> deprecated babel-eslint@10.1.0: babel-eslint is now @babel/eslint-parser. This package will no longer receive updates.
> deprecated eslint-loader@4.0.2: This loader has been deprecated. Please use eslint-webpack-plugin
