Add depcheck for CI step to check for unused dependencies #1677

anshgoyalevil · 2023-08-14T11:06:32Z

Which problem is this PR solving?

Fixes [Feature]: Add CI step to check dependencies #1672

Description of the changes

This PR adds a step in the unit-test workflow to check for unused dependencies using the depcheck package.
Certain dependencies which are installed but still being given in the output are put into .depcheckrc.json file to be ignored.
The --skip-missing flag is also added to ignore the missing deps warning

How was this change tested?

The ignores array without any dep in .depcheckrc.json file was pushed to the branch for testing, and it was observed that the CI failed, which is the required behaviour: Workflow Run: https://github.com/anshgoyalevil/jaeger-ui/actions/runs/5854765474/job/15871258991
The ignores array with all unused deps was pushed for CI testing, and the CI passed the Depcheck flow. Workflow Run: https://github.com/anshgoyalevil/jaeger-ui/actions/runs/5854816286/job/15871414318#step:6:10 (Ignore the Lint fail error, as it is resolved in this PR, but workflow run is not available because target push branch was changed to main in that commit, and thus workflow run is not available to be shared)

Notes:

Before merging this PR, all the unused deps which are neither added to the ignores array, not have been removed need to be removed. Thus PR #1675 needs to be merged before this one.
After that, this PR's branch needs to be updated with that code so that the Depcheck doesn't fail in CI for this or for upcoming PRs.

Checklist

I have read https://github.com/jaegertracing/jaeger/blob/master/CONTRIBUTING_GUIDELINES.md
I have signed all commits
I have added unit tests for the new functionality
I have run lint and test steps successfully
- for jaeger: make lint test
- for jaeger-ui: yarn lint and yarn test

yurishkuro · 2023-08-14T15:39:35Z

packages/jaeger-ui/.depcheckrc.json

+    "babel-plugin-inline-react-svg",
+    "jest-environment-jsdom"
+  ],
+  "skip-missing": true


why should we skip missing?

Missing deps would anyway be caught while linting because of error 'xyz' is not defined no-undef

Currently, we have the following as missing deps

Missing dependencies * react-is: ./src/utils/ReactShallowRenderer.test.js // Already installed as it is a dep for react-test-renderer (The warning suggests adding it as an explicit package inside package.json * react-select: ./src/components/common/VirtSelect.tsx // similar reason * react-virtualized: ./src/components/common/VirtSelect.tsx // similar reason * _: ./build/static/index-21cea8b1.js // it is a build file

if we use a dep directly in the code it should be declared explicitly, not relied on as a transitive dependency. So the "missing" section is not a false positive imo.

Agreed! Would install them explicitly. But, would still need to skip the build directory for checking the deps (As in case of * _: ./build/static/index-21cea8b1.js)

packages/jaeger-ui/.depcheckrc.json

yurishkuro · 2023-08-14T15:41:51Z

packages/jaeger-ui/.depcheckrc.json

+    "@types/react-dom",
+    "@types/react-router-redux",


these are just type declarations, why are they needed if no code imports them?

Type declarations are never imported inside the codebase. They are supplemented so that typescript doesn't throw type errors for the custom functions or components that are used inside the project.

Other type declarations are also not imported anywhere but are essential because of typescript compatibility.

@types/react-dom is for react and @types/react-router-redux is for react-router-redux and both of these packages are being used inside the project, so having their type declarations are necessary IMO.

so again, how do we automatically determine if a particular @types/xxx dependency is needed or not? Is there another tool in the TS ecosystem for that?

I couldn't find an exact tool for that, but there's another tool npm-check that uses depcheck behind the scenes.

I checked the results of npm-check and it didn't show any of @types/xxx dep as unused. Though, all other results were same. Maybe its parser is more correct.

anshgoyalevil · 2023-08-15T13:39:32Z

@yurishkuro

I have done the following change by now:

Added a generateDepcheck.js script to generate a .depcheckrc.json file on the fly
The file would parse the babel options from babel-transform.js file and would use it in ignores array.
Added the 3 missing deps react-is, react-select, react-virtualized

.github/workflows/unit-tests.yml

scripts/generateDepcheckrc.js

yurishkuro · 2023-08-15T15:41:02Z

CI is failing with

Unused devDependencies
* @svgr/babel-plugin-transform-svg-component
* @svgr/babel-preset
* @types/react-dom
* @types/react-router-redux
* ```

codecov · 2023-08-15T17:03:13Z

Codecov Report

Patch and project coverage have no change.

Comparison is base (662a148) 96.01% compared to head (34dea32) 96.01%.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #1677   +/-   ##
=======================================
  Coverage   96.01%   96.01%           
=======================================
  Files         241      241           
  Lines        7560     7560           
  Branches     1985     1985           
=======================================
  Hits         7259     7259           
  Misses        301      301

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

anshgoyalevil · 2023-08-15T17:03:38Z

@yurishkuro CI is passing the checks now.
I have also included a fail-safe logic to the depcheck command which would fail the CI if there would be any unused dependency, but would still delete the file that is generated. So in case a user runs this locally, it won't get git pushed.

Should I give on an example by producing a unused dep error?

package.json

anshgoyalevil · 2023-08-15T19:29:11Z

@yurishkuro I have added CI check for the plexus also. Checked everything manually, like deletion in case of exits, etc.

I also tried the Depcheck as a module, but it is not working because of its distribution problems.

.github/workflows/unit-tests.yml

package.json

scripts/generateDepcheckrc.js

package.json

scripts/run-depcheck.sh

scripts/generateDepcheckrc.js

Signed-off-by: Ansh Goyal <[email protected]>

Bumps [@testing-library/jest-dom](https://github.com/testing-library/jest-dom) from 5.17.0 to 6.0.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/testing-library/jest-dom/releases"><code>@testing-library/jest-dom</code>'s releases</a>.</em></p> <blockquote> <h2>v6.0.0</h2> <h1><a href="https://github.com/testing-library/jest-dom/compare/v5.17.0...v6.0.0">6.0.0</a> (2023-08-13)</h1> <h3>Features</h3> <ul> <li>local types, supporting jest, <code>@jest/globals</code>, vitest (<a href="https://github.com/testing-library/jest-dom/issues/511">#511</a>) (<a href="https://github.com/testing-library/jest-dom/commit/4b764b9f6a7b564d7f8ec0e9b0c6ba9cc875f2b8">4b764b9</a>)</li> </ul> <h3>BREAKING CHANGES</h3> <ul> <li>Removes the extend-expect script. Users should use the default import path or one of the new test platform-specific paths to automatically extend the appropriate "expect" instance.</li> </ul> <p>extend-expect was not documented in the Readme, so this change should have minimal impact.</p> <p>Users can now use the following import paths to automatically extend "expect" for their chosen test platform:</p> <ul> <li><code>@testing-library/jest-dom</code> - jest (<code>@types/jest</code>)</li> <li><code>@testing-library/jest-dom/</code>jest-globals - <code>@jest/globals</code></li> <li><code>@testing-library/jest-dom/</code>vitest - vitest</li> </ul> <p>For example:</p> <p>import '<code>@testing-library/jest-dom/</code>jest-globals'</p> <p>Importing from one of the above paths will augment the appropriate matcher interface for the given test platform, assuming the import is done in a .ts file that is included in the user's tsconfig.json.</p> <p>It's also (still) possible to import the matchers directly without side effects:</p> <p>import * as matchers from '<code>@testing-library/jest-dom/</code>matchers'</p> <ul> <li>Update kcd-scripts</li> <li>Drop node < 14</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/testing-library/jest-dom/commit/4b764b9f6a7b564d7f8ec0e9b0c6ba9cc875f2b8"><code>4b764b9</code></a> feat: local types, supporting jest, <code>@jest/globals</code>, vitest (<a href="https://github.com/testing-library/jest-dom/issues/511">#511</a>)</li> <li>See full diff in <a href="https://github.com/testing-library/jest-dom/compare/v5.17.0...v6.0.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@testing-library/jest-dom&package-manager=npm_and_yarn&previous-version=5.17.0&new-version=6.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name> dependency` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name> dependency` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Ansh Goyal <[email protected]>

## Which problem is this PR solving? -  ## Description of the changes - ## How was this change tested? - ## Checklist - [ ] I have read https://github.com/jaegertracing/jaeger/blob/master/CONTRIBUTING_GUIDELINES.md - [ ] I have signed all commits - [ ] I have added unit tests for the new functionality - [ ] I have run lint and test steps successfully - for `jaeger`: `make lint test` - for `jaeger-ui`: `yarn lint` and `yarn test` --------- Signed-off-by: Pavol Loffay <[email protected]> Co-authored-by: Yuri Shkuro <[email protected]> Signed-off-by: Ansh Goyal <[email protected]>

…an kinds (jaegertracing#1681) ## Which problem is this PR solving? Resolves jaegertracing#660 ## Description of the changes VirtualizedTraceView now checks if kind is producer. ## How was this change tested? I changed HotROD MySQL kind to producer and then tested it. ## Checklist - [x] I have read https://github.com/jaegertracing/jaeger/blob/master/CONTRIBUTING_GUIDELINES.md - [x] I have signed all commits - [x] I have added unit tests for the new functionality - [x] I have run lint and test steps successfully - for `jaeger`: `make lint test` - for `jaeger-ui`: `yarn lint` and `yarn test` ![image](https://github.com/jaegertracing/jaeger-ui/assets/110763795/a28ca271-a4f7-422c-be28-49323ab3b62e) Signed-off-by: wck-iipi <[email protected]> Co-authored-by: Yuri Shkuro <[email protected]> Signed-off-by: Ansh Goyal <[email protected]>

part of jaegertracing#1672 ## What changes is this PR making? - This PR removes the unused packages from packages/jaeger-ui - The removed packages are: - `@svgr/babel-plugin-transform-svg-component` - `@svgr/babel-preset` - `@types/testing-library__jest-dom` - `@types/react-copy-to-clipboard` - `@types/recompose` - `tar` ## Checklist - [x] I have read https://github.com/jaegertracing/jaeger/blob/master/CONTRIBUTING_GUIDELINES.md - [x] I have signed all commits - [x] I have added unit tests for the new functionality - [x] I have run lint and test steps successfully - for `jaeger`: `make lint test` - for `jaeger-ui`: `yarn lint` and `yarn test` Signed-off-by: Ansh Goyal <[email protected]>

Signed-off-by: Ansh Goyal <[email protected]>

Related to: jaegertracing#1675 and jaegertracing#1672  ## What changes is this PR making? - This PR removes the unused packages from packages/jaeger-ui - The removed packages are: - `@svgr/babel-plugin-transform-svg-component` - `@svgr/babel-preset` - `@types/react-dom` - `@types/react-router-redux` ## Description of the changes - As per the discussion jaegertracing#1226 (comment), and the manual check. Previously, I was reluctant in removing `@types/react-dom` and `@types/react-router-redux` because their corresponding packages are used, but I gave them a test by removing: - run `yarn lint` - no errors - remove these two packages and again run `yarn lint` - no errors - maybe linter is not working correctly, so removed `@types/react-window` - run `yarn lint` - type errors - added back `@types/react-window` and run `yarn lint` - no errors - Thus, these two deps aren't needed ## How was this change tested? - By running yarn lint and yarn test ## Checklist - [x] I have read https://github.com/jaegertracing/jaeger/blob/master/CONTRIBUTING_GUIDELINES.md - [x] I have signed all commits - [x] I have added unit tests for the new functionality - [x] I have run lint and test steps successfully - for `jaeger`: `make lint test` - for `jaeger-ui`: `yarn lint` and `yarn test` --------- Signed-off-by: Ansh Goyal <[email protected]>

Signed-off-by: Ansh Goyal <[email protected]>

## Which problem is this PR solving? - This PR adds the following deps because they were missing and being used inside .tsconfig file. - @typescript-eslint/eslint-plugin - @typescript-eslint/parser - eslint-config-prettier - Removes the following packages because of no-usage - enzyme - jest - webpack-cli ## Checklist - [x] I have read https://github.com/jaegertracing/jaeger/blob/master/CONTRIBUTING_GUIDELINES.md - [x] I have signed all commits - [x] I have added unit tests for the new functionality - [x] I have run lint and test steps successfully - for `jaeger`: `make lint test` - for `jaeger-ui`: `yarn lint` and `yarn test` --------- Signed-off-by: Ansh Goyal <[email protected]>

Signed-off-by: Ansh Goyal <[email protected]>

Co-authored-by: Yuri Shkuro <[email protected]> Signed-off-by: Ansh Goyal <[email protected]>

Signed-off-by: Ansh Goyal <[email protected]>

yurishkuro · 2023-08-16T13:40:29Z

scripts/run-depcheck.sh

+
+# Create a temporary depcheckrc file for 'jaeger-ui'
+tempfile_jaeger=$(mktemp /tmp/depcheckrc.XXXXXX.json)
+node scripts/generateDepcheckrcJaegerUI.js "$tempfile_jaeger"


you could've done this more "unixy" by writing to stdout from the Node script and redirecting here to the temp file. This way there would be fewer dependencies between the steps, the Node script is easier to debug, and it would be simpler (no writing to files).

I was earlier thinking of the same to redirect the output using > operator in Unix.
Would create a sister PR to rectify the same.

anshgoyalevil · 2023-08-16T13:55:43Z

Thanks @yurishkuro for guiding throughout and reviewing at each step 🚀

anshgoyalevil requested review from everett980 and rubenvp8510 as code owners August 14, 2023 11:06

yurishkuro reviewed Aug 14, 2023

View reviewed changes