@sgiehl opened this Pull Request on June 10th 2021 Member


Some of the npm dependencies used for screenshot testing keep triggering security warnings.
Even though they aren't used in production it shouldn't hurt to update at least some of them.

Updating mocha might also be useful at some point as it is quite outdated, but that will require various adjustments in our code...


  • [ ] Functional review done
  • [ ] Potential edge cases thought about (behavior of the code with strange input, with strange internal state or possible interactions with other Matomo subsystems)
  • [ ] Usability review done (is anything maybe unclear or think about anything that would cause people to reach out to support)
  • [ ] Security review done see checklist
  • [ ] Code review done
  • [ ] Tests were added if useful/possible
  • [ ] Reviewed for breaking changes
  • [ ] Developer changelog updated if needed
  • [ ] Documentation added if needed
  • [ ] Existing documentation updated if needed
@Findus23 commented on June 10th 2021 Member

I guess updating puppeteer should also be useful as Chrome 80.0.3987.0 is quite old now. Maybe we could even automate this somehow so that we notice things that break in newer browsers.

@sgiehl commented on June 10th 2021 Member

The problem with updating puppeteer is that in most cases all screenshots are changing slightly, so we actually can't automate it.
And doing the update takes some time, as you need to look through all changing screenshots in order to check if all changes are "valid". Might be useful to create an issue for that, so we can prioritize that.

@diosmosis commented on June 11th 2021 Member

I guess we could have a github action that does it, say once a month, and just auto commits all the changed screenshots, but only creates a PR. Then someone can review each screenshot and make changes or merge. Would that work?

@sgiehl commented on June 11th 2021 Member

@diosmosis guess that should work. Might be best to create an issue for it

@diosmosis commented on June 12th 2021 Member
This Pull Request was closed on June 11th 2021
Powered by GitHub Issue Mirror