TODO: replace istanbul-js with native v8 code coverage #988
Comments
bastimeyer
added a commit
that referenced
this issue
Apr 5, 2024
and finally resolve dependabot alert Don't bump `babel/core` and don't deduplicate `babel/generator`, as it causes the `test:coverage` run to never finish on GH's CI runners. The reason for this is likely some kind of incompatibility with `babel-plugin-instanbul` and its code instrumentation. This still needs to be debugged and solved in the future. Alternatively, istanbul-js could be replaced with Chromium's native v8 code coverage feature and reading the data from the CDP. See #988
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
CVE-2023-45133 has been published two days ago with a critical security vulnerability in
@babel/traverse<7.23.2. That's not a high risk for this project, but I usually fix CVEs like this anyway by bumping to the latest dependency versions and making other adjustments if necessary.This time, both my attempts of bumping this dev-dependency unfortunately failed due to
babel-plugin-instanbulwhen instrumenting the code for getting the project's code coverage when running tests:The newer babel versions either consume too much memory for the GitHub CI runners, or the istanbuljs babel plugin hangs forever when bumping the entire babel stack to the latest version, including
@babel/core. Annoying... Especially sincebabel-plugin-istanbulseems to be unmaintained.NW.js/Chromium should allow us to get the code coverage results natively without code instrumentation via the CDP bridge when running the tests, so istanbul-js is unnecessary and can get removed:
The text was updated successfully, but these errors were encountered: