This is an automated email from the ASF dual-hosted git repository. rusackas pushed a commit to branch fix/pin-transitive-deps in repository https://gitbox.apache.org/repos/asf/superset.git
commit 23f619a7de6130ea4d06d577277daf4d4d6cc09c Author: Evan Rusackas <[email protected]> AuthorDate: Mon Jan 26 09:42:49 2026 -0800 fix(deps): pin query-string and global-box to prevent ESM resolution issues When npm regenerates the lockfile (e.g., during Dependabot updates), peer dependencies can be resolved to different versions: - query-string >=5.1.1 was resolving to 9.x (ESM-only) instead of 6.x - global-box was being dropped entirely from the dependency tree This caused CI failures: - Jest: SyntaxError: Cannot use import statement outside a module - Storybook: Module not found: Error: Can't resolve 'global-box' Fix by adding these as explicit dependencies with pinned versions: - query-string: 6.14.1 (CommonJS version) - global-box: 2.0.2 Co-Authored-By: Claude Opus 4.5 <[email protected]> --- superset-frontend/package-lock.json | 10 +++------- superset-frontend/package.json | 2 ++ 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/superset-frontend/package-lock.json b/superset-frontend/package-lock.json index da456922b1b..9a78a0bd5c3 100644 --- a/superset-frontend/package-lock.json +++ b/superset-frontend/package-lock.json @@ -79,6 +79,7 @@ "geostyler-openlayers-parser": "^4.3.0", "geostyler-style": "7.5.0", "geostyler-wfs-parser": "^2.0.3", + "global-box": "2.0.2", "googleapis": "^170.1.0", "immer": "^11.1.3", "interweave": "^13.1.1", @@ -97,6 +98,7 @@ "nanoid": "^5.1.6", "ol": "^7.5.2", "prop-types": "^15.8.1", + "query-string": "6.14.1", "re-resizable": "^6.11.2", "react": "^17.0.2", "react-checkbox-tree": "^1.8.0", @@ -28671,7 +28673,6 @@ "resolved": "https://registry.npmjs.org/decode-uri-component/-/decode-uri-component-0.2.2.tgz";, "integrity": "sha512-FqUYQ+8o158GyGTrMFJms9qh3CqTKvAqgqsTnkLI8sKu0028orqBhxNMFkFen0zGyg6epACD32pjVk58ngIErQ==", "license": "MIT", - "peer": true, "engines": { "node": ">=0.10" } @@ -32547,7 +32548,6 @@ "resolved": "https://registry.npmjs.org/filter-obj/-/filter-obj-1.1.0.tgz";, "integrity": "sha512-8rXg1ZnX7xzy2NGDVkBVaAy+lSlPNwad13BtgSlLuxfIslyt5Vg64U7tFcCt4WS1R0hvtnQybT/IyCkGZ3DpXQ==", "license": "MIT", - "peer": true, "engines": { "node": ">=0.10.0" } @@ -34610,8 +34610,7 @@ "version": "2.0.2", "resolved": "https://registry.npmjs.org/global-box/-/global-box-2.0.2.tgz";, "integrity": "sha512-vVSNq3+oEEqG565ProXN7iKHcK8hehtbXNLjsOmywHDTBXlwgP/Bt1Soqf4NGeOq3W3u1o7UE3t0RgiNG0BTkQ==", - "license": "Apache-2.0", - "peer": true + "license": "Apache-2.0" }, "node_modules/global-directory": { "version": "4.0.1", @@ -49059,7 +49058,6 @@ "resolved": "https://registry.npmjs.org/query-string/-/query-string-6.14.1.tgz";, "integrity": "sha512-XDxAeVmpfu1/6IjyT/gXHOl+S0vQ9owggJ30hhWKdHAsNPOcasn5o9BW0eejZqL2e4vMjhAxoW3jVHcD6mbcYw==", "license": "MIT", - "peer": true, "dependencies": { "decode-uri-component": "^0.2.0", "filter-obj": "^1.1.0", @@ -54464,7 +54462,6 @@ "resolved": "https://registry.npmjs.org/split-on-first/-/split-on-first-1.1.0.tgz";, "integrity": "sha512-43ZssAJaMusuKWL8sKUBQXHWOpq8d6CfN/u1p4gUzfJkM05C8rxTmYrkIPTXapZpORA6LkkzcUulJ8FqA7Uudw==", "license": "MIT", - "peer": true, "engines": { "node": ">=6" } @@ -54998,7 +54995,6 @@ "resolved": "https://registry.npmjs.org/strict-uri-encode/-/strict-uri-encode-2.0.0.tgz";, "integrity": "sha512-QwiXZgpRcKkhTj2Scnn++4PKtWsH0kpzZ62L2R6c/LUVYv7hVnZqcg2+sMuT6R7Jusu1vviK/MFsu6kNJfWlEQ==", "license": "MIT", - "peer": true, "engines": { "node": ">=4" } diff --git a/superset-frontend/package.json b/superset-frontend/package.json index 01a739c31e9..f6cbb54d44e 100644 --- a/superset-frontend/package.json +++ b/superset-frontend/package.json @@ -160,6 +160,7 @@ "geostyler-openlayers-parser": "^4.3.0", "geostyler-style": "7.5.0", "geostyler-wfs-parser": "^2.0.3", + "global-box": "2.0.2", "googleapis": "^170.1.0", "immer": "^11.1.3", "interweave": "^13.1.1", @@ -178,6 +179,7 @@ "nanoid": "^5.1.6", "ol": "^7.5.2", "prop-types": "^15.8.1", + "query-string": "6.14.1", "re-resizable": "^6.11.2", "react": "^17.0.2", "react-checkbox-tree": "^1.8.0",
