Summary:
Bumps [js-base64](https://github.com/dankogai/js-base64) from 3.7.4 to 3.7.5.
<details>
<summary>Commits</summary>
<ul>
<li><a href="7e790b799e"><code>7e790b7</code></a> version 3.7.5</li>
<li><a href="f729053682"><code>f729053</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/dankogai/js-base64/issues/167">https://github.com/facebook/flipper/issues/167</a> from ctomacheski/main</li>
<li><a href="a9a994f367"><code>a9a994f</code></a> improve performance by stop using the mapFn param on Uint8Array.from constructor</li>
<li>See full diff in <a href="https://github.com/dankogai/js-base64/compare/3.7.4...3.7.5">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `dependabot rebase` will rebase this PR
- `dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `dependabot merge` will merge this PR after your CI passes on it
- `dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `dependabot cancel merge` will cancel a previously requested merge and block automerging
- `dependabot reopen` will reopen this PR if it is closed
- `dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Pull Request resolved: https://github.com/facebook/flipper/pull/4519
Reviewed By: mweststrate
Differential Revision: D43305193
Pulled By: ivanmisuno
fbshipit-source-id: e10eb134c079951e325c1f4d627eb1e60510c12d
Summary: Combining a bunch of individual tasks for dep upgrades into one diff.
Reviewed By: ivanmisuno
Differential Revision: D42706074
fbshipit-source-id: 054b2545ad1295699f47f4c6eb5065b7b9a1d6a0
Summary: Move flipper local deps to prod deps, so yarn installs them later when we build a bundle
Reviewed By: lblasa
Differential Revision: D39475545
fbshipit-source-id: 5b61d15b45ee315c3b35d8e6836c114b90503b1a
Summary: Flipper server itself requires no babel transforms. We applied extra transforms only for the bundled plugins. However, we pack and ship all plugins in the /static folder. They are always available on the FS. Therefore we could stop bundling any plugins into flipper-server's source code.
Reviewed By: lblasa
Differential Revision: D38910251
fbshipit-source-id: b3e9fe5ae2ab69ce5579b01b6793ebf7e88baf66
Summary:
flipper-server-companion depends on flipper-plugin. flipper-plugin includes dependencies that run only in a browser. Splitting flipper-plugin into core and browser packages helps to avoid including browser-only dependencies into flipper-server bundle.
As a result, bundle size could be cut in half. Subsequently, RSS usage drops as there is twice as less code to process for V8.
Note: it currently breaks external flipper-data-source package. It will be restored in subsequent diffs
Reviewed By: lblasa
Differential Revision: D38658285
fbshipit-source-id: 751b11fa9f3a2d938ce166687b8310ba8b059dee
Summary:
This changes moves most of the functionality found in flipper-server to flipper-server-core.
flipper-server will mostly be a package that wraps around flipper-server-core. Staying in flipper-server:
- Command line args
- Orchestration to start the necessary servers
Reviewed By: aigoncharov
Differential Revision: D36807087
fbshipit-source-id: f29002c7cc5d08b8c5184fdaaa02ba22562a9f45
Summary:
Bumps [ws](https://github.com/websockets/ws) from 8.5.0 to 8.6.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/websockets/ws/releases">ws's releases</a>.</em></p>
<blockquote>
<h2>8.6.0</h2>
<h1>Features</h1>
<ul>
<li>Add the ability to remove confidential headers on a per-redirect basis (<a href="https://github-redirect.dependabot.com/websockets/ws/issues/2030">https://github.com/facebook/flipper/issues/2030</a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="ba214d9693"><code>ba214d9</code></a> [dist] 8.6.0</li>
<li><a href="8e3f1181f2"><code>8e3f118</code></a> [feature] Introduce the <code>'redirect'</code> event (<a href="https://github-redirect.dependabot.com/websockets/ws/issues/2030">https://github.com/facebook/flipper/issues/2030</a>)</li>
<li><a href="69e682806d"><code>69e6828</code></a> [ci] Test on node 18</li>
<li><a href="0b6eb71665"><code>0b6eb71</code></a> [ci] Do not test on node 17</li>
<li><a href="d062ded622"><code>d062ded</code></a> [example] Fix require path</li>
<li><a href="2cf6202f8a"><code>2cf6202</code></a> [example] Use the <code>WebSocket.WebSocket{,Server}</code> aliases</li>
<li><a href="62e9b199ad"><code>62e9b19</code></a> [doc] Fix nits</li>
<li><a href="2619c003ce"><code>2619c00</code></a> [minor] Fix nit in comment</li>
<li><a href="d086f4bcbb"><code>d086f4b</code></a> [minor] Make <code>abortHandshake()</code> emit the error in the next tick</li>
<li><a href="ff80d665f9"><code>ff80d66</code></a> [test] Do not use a relative URL</li>
<li>Additional commits viewable in <a href="https://github.com/websockets/ws/compare/8.5.0...8.6.0">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `dependabot rebase` will rebase this PR
- `dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `dependabot merge` will merge this PR after your CI passes on it
- `dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `dependabot cancel merge` will cancel a previously requested merge and block automerging
- `dependabot reopen` will reopen this PR if it is closed
- `dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Pull Request resolved: https://github.com/facebook/flipper/pull/3708
Reviewed By: timur-valiev
Differential Revision: D36371198
Pulled By: mweststrate
fbshipit-source-id: df9befdb3f95be2b8c564f87287bd8621e3a0c59
Summary: Expose uuid from flipper-common as it is required in multiple packages
Reviewed By: lblasa
Differential Revision: D36441889
fbshipit-source-id: 1fa539cb437976dbefe7d5d9a52e5e098a6402a7
Summary:
Currently, Flipper Server has a few productions dependencies (mac-ca, node-fetch) that are not bundled with the Flipper Server. It makes it harder to distribute Flipper Server, as now all potential consumers need not only to download the bundle, but also install these additional dependencies.
This diff makes it possible to bundle `mac-ca` and `node-fetch` with Flipper Server. As a result, Flipper Server becomes dependency-free in production.
Reviewed By: lblasa
Differential Revision: D36345213
fbshipit-source-id: 2cd6ba1b3301b45dc2295891964ba020fd107586
Summary: More bumps for patch and minor releases. allow-large-files
Reviewed By: aigoncharov
Differential Revision: D36104098
fbshipit-source-id: 6db995e660afbe4febd72aa70ed8150cc16a8c93
Summary: Caused some inconsistencies when running `tsc`. This brings them back in line.
Reviewed By: aigoncharov
Differential Revision: D36101548
fbshipit-source-id: b8f757c59f879911c9b0920fe11396246ffa37e2
Summary:
- Support loading globally installed DevTools
Background:
1. Initially, I wanted to use react-devtools-core as before. react-devtools-core standalone contains quite a few imports of node.js APIs. After [a conversation with Brian](https://fb.workplace.com/groups/react.devtools/permalink/3131548550392044), I pivoted to react-devtools-inline
2. Technical design doc of react-devtools-inline integration: https://docs.google.com/document/d/1STUSUhXzrW_KkvqSu7Ge-rxjVFF7oU3_NbwzimkO_Z4
3. We support usage of globally installed devtools. Code of react-devtools-inline is not ready to be used by the browser as is. We need to bundle it and substitute React and ReactDOM imports with the globals.
4. As we can't pre-compile what users install globally, we need to bundle global devtools on demand,
5. I tried re-using our Metro bundling pipeline initially, but gave up after fighting it for 2 days. Included, `rollup` instead.
6. Size of a `tgz` archive with a plugin is 2.1MB
allow-large-files
Reviewed By: mweststrate
Differential Revision: D34968770
fbshipit-source-id: 352299964ccc195b8677dbda47db84ffaf38737b
Summary:
New round of releases and PRs came up, so bumping again.
Very selective Metro update as some dependencies don't play well together. A bunch of other dependencies use ESM and fail at various stages of the build or runtime process.
Reviewed By: mweststrate
Differential Revision: D34688830
fbshipit-source-id: 2ff5c46c253b814140f634a986ba0d246e9b0945
Summary:
Combining a bunch of dependabot PRs.
N.B. I had to manually clean up the `yarn.lock` a few times because some dependencies resolved to multiple version numbers, catching tsc off-guard.
allow-large-files
Reviewed By: nikoant
Differential Revision: D34579180
fbshipit-source-id: a4848e1010ff240d9b0e721d3878585e7b4bd078
Summary: Provide server add-on writers with a well-known fetch API
Reviewed By: mweststrate
Differential Revision: D34447630
fbshipit-source-id: 70386940c12f9e53aa97b3530a7edf1d40b5f2e2
Summary: Flipper plugins rely on 'flipper-plugin' package being accessible from 'global'. Expose a subset (without UI stuff) of flipper-plugin to server add-ons
Reviewed By: mweststrate
Differential Revision: D34400811
fbshipit-source-id: e0079ddfa67e66c1b24ab02d7682917ddfc84aaf
Summary:
Pull Request resolved: https://github.com/facebook/flipper/pull/3240
Bumps [ws](https://github.com/websockets/ws) from 7.5.6 to 8.4.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/websockets/ws/releases">ws's releases</a>.</em></p>
<blockquote>
<h2>8.4.0</h2>
<h1>Features</h1>
<ul>
<li>Added ability to generate custom masking keys (<a href="https://github-redirect.dependabot.com/websockets/ws/issues/1990">https://github.com/facebook/flipper/issues/1990</a>).</li>
</ul>
<h2>8.3.0</h2>
<h1>Features</h1>
<ul>
<li>Added ability to pause and resume a <code>WebSocket</code> (0a8c7a9c).</li>
</ul>
<h1>Bug fixes</h1>
<ul>
<li>Fixed a bug that could prevent the connection from being closed cleanly when
using the stream API (ed2b8039).</li>
<li>When following redirects, an error is now emitted and not thrown if the
redirect URL is invalid (<a href="https://github-redirect.dependabot.com/websockets/ws/issues/1980">https://github.com/facebook/flipper/issues/1980</a>).</li>
</ul>
<h2>8.2.3</h2>
<h1>Bug fixes</h1>
<ul>
<li>When context takeover is enabled, messages are now compressed even if their size
is below the value of the <code>perMessageDeflate.threshold</code> option (41ae5631).</li>
</ul>
<h2>8.2.2</h2>
<h1>Bug fixes</h1>
<ul>
<li>Some closing operations are now run only if needed (ec9377ca).</li>
</ul>
<h2>8.2.1</h2>
<h1>Bug fixes</h1>
<ul>
<li>Fixed an issue where the socket was not resumed, preventing the connection
from being closed cleanly (869c9892).</li>
</ul>
<h2>8.2.0</h2>
<h1>Features</h1>
<ul>
<li>Added <code>WebSocket.WebSocket</code> as an alias for <code>WebSocket</code> and
<code>WebSocket.WebSocketServer</code> as an alias for <code>WebSocket.Server</code> to fix name
consistency and improve interoperability with the ES module wrapper (<a href="https://github-redirect.dependabot.com/websockets/ws/issues/1935">https://github.com/facebook/flipper/issues/1935</a>).</li>
</ul>
<h2>8.1.0</h2>
<h1>Features</h1>
<ul>
<li>Added ability to skip UTF-8 validation (<a href="https://github-redirect.dependabot.com/websockets/ws/issues/1928">https://github.com/facebook/flipper/issues/1928</a>).</li>
</ul>
<h1>Bug fixes</h1>
<ul>
<li>Fixed an issue with a breaking change in Node.js master (6a72da3e).</li>
<li>Fixed a misleading error message (c95e695d).</li>
</ul>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="00c34d726d"><code>00c34d7</code></a> [dist] 8.4.0</li>
<li><a href="35d45c2a4f"><code>35d45c2</code></a> [perf] Skip masking and unmasking if the masking key is zero</li>
<li><a href="eb2e3a84a1"><code>eb2e3a8</code></a> [feature] Introduce the <code>generateMask</code> option</li>
<li><a href="c82b08737f"><code>c82b087</code></a> [dist] 8.3.0</li>
<li><a href="0a8c7a9c4f"><code>0a8c7a9</code></a> [api] Add <code>WebSocket#pause()</code> and <code>WebSocket#resume()</code></li>
<li><a href="ed2b803905"><code>ed2b803</code></a> [fix] Resume the socket in the <code>CLOSING</code> state</li>
<li><a href="b8186dd115"><code>b8186dd</code></a> [fix] Do not throw if the redirect URL is invalid (<a href="https://github-redirect.dependabot.com/websockets/ws/issues/1980">https://github.com/facebook/flipper/issues/1980</a>)</li>
<li><a href="5a905e49be"><code>5a905e4</code></a> [minor] Add missing label to the issue form</li>
<li><a href="89d81e8670"><code>89d81e8</code></a> [minor] Fix nit</li>
<li><a href="4916d03ad8"><code>4916d03</code></a> [minor] Allow to write frames with up to 2^48 - 1 bytes of data (<a href="https://github-redirect.dependabot.com/websockets/ws/issues/1973">https://github.com/facebook/flipper/issues/1973</a>)</li>
<li>Additional commits viewable in <a href="https://github.com/websockets/ws/compare/7.5.6...8.4.0">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `dependabot rebase` will rebase this PR
- `dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `dependabot merge` will merge this PR after your CI passes on it
- `dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `dependabot cancel merge` will cancel a previously requested merge and block automerging
- `dependabot reopen` will reopen this PR if it is closed
- `dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Pull Request resolved: https://github.com/facebook/flipper/pull/3218
Reviewed By: antonk52, timur-valiev
Differential Revision: D33348279
Pulled By: nikoant
fbshipit-source-id: c245f53556e8f58ba1df619d3d0e106e8e5b1911
Summary:
Over time we collected a lot of harcoded resolutions, but it is really hard to get signal about their sanity:
* some resolutions generate a lot of yarn warnings as they resolve with a different major than required, and it's really hard to tell whether they actually make things worse or better
* some resolutions are for package we don't even use any more
* some resolutions were there to fix type incompatibilities which have been solved now by keeping them uniquely required
* some resolutions are there to fix "security issues" or security issues in transient dependencies that might have been upgraded int he mean time
So this diff radically removes all of them, trusting Github to propose restoring the sane ones of them :). In terms of functionality everything seems to be working at least
Reviewed By: timur-valiev
Differential Revision: D33158981
fbshipit-source-id: 83e74cdbc8e47ccbf554b97620cf7caa2c6599ce
Summary:
This diff removes most deps from the root package.json, which now only contains electron and shared build / test infra structure: lint, prettier, jest, typescript.
This makes it possible to control much better which packages are used where, as all sub packages now have their deps explicitly in their package.json instead of incidentally shared. This allows for example to disable DOM types for all packages by default (flipper-plugin, ui(-core) and app still request it), and in the next diff I hope to add to this that nodeJS types are no longer shared either, so that UI oriented packages will generate compile errors when using Node built-ins
This diff removes most deps that were currently unused, and dedupes a bunch of other ones, so the build should probably be a bit smaller now as well:
{F686704253}
{F686704295}
Reviewed By: antonk52
Differential Revision: D33062859
fbshipit-source-id: 5afaa4f2103d055188382a3370c1fffa295a298a
Summary: This diff moves send intern request from the browser to the server. The reason to make this change is that making such requests from a browser environment causes CORS restrictions to kick in.
Reviewed By: nikoant
Differential Revision: D32835449
fbshipit-source-id: e8e92e51ca963aa50b3c859bb61c2381171e85ae
Summary: This diff stubs all node modules when running in the browser, so that, albeit with a lot of errors and without plugins, the UI loads in a browser. To be continued in the rest of this diff
Reviewed By: antonk52
Differential Revision: D32665705
fbshipit-source-id: 4632e241f59c5b9712a41d01a26878afb01f69b5
Summary: Added a command to let a file be opened by the OS, and some other small bits and pieces to make Flipper browser compatible.
Reviewed By: lblasa
Differential Revision: D32721748
fbshipit-source-id: a4ad1c2f662f4651ddf6c20c57e5af1e123914a8
Summary: Per title. Two new server API's: get-healthchecks, and run-healtcheck. Types have all been moved to flipper-common, so that they can be used by doctor, server-core and ui-core packages. Since it were quite some, moved them into a FlipperDoctor namespace.
Reviewed By: nikoant
Differential Revision: D32720510
fbshipit-source-id: 37aa35cde6ebd58479cf0dffec5b7b2da6d22198
Summary:
Follow up of D32665064, this diff moves all plugin management logic from flipper-ui to flipper-server. Things like downloading, installing, querying new plugins.
Loading plugins is handled separately in the next diff.
Reviewed By: nikoant
Differential Revision: D32666537
fbshipit-source-id: 9786b82987f00180bb26200e38735b334dc4d5c3
Summary:
This diff moves a lot of stuff from the client to the server. This diff is fairly large, as a lot of concept closely relate, although some things have split off to the earlier diffs in the stack, or are still to follow (like making intern requests).
This diff primarily moves reading and storing settings and GKs from client to server (both flipper and launcher settings). This means that settings are no longer persisted by Redux (which only exists on client). Most other changes are fallout from that. For now settings are just one big object, although we might need to separate settings that are only make sense in an Electron context. For example launcher settings.
Reviewed By: passy, aigoncharov
Differential Revision: D32498649
fbshipit-source-id: d842faf7a7f03774b621c7656e53a9127afc6192
Summary:
Standardize WS implementation for JS environments.
Why do we need a separate server implementation for browsers?
Browser targets cannot authenticate via the default certificate exchange flow. For browser targets we verify the origin instead.
Moreover, for already forgotten reasons the initial implementation of the WS server for browsers used a different kind of message structure and added extra `connect`/`disconnect` messages. After examination, it seems the `connect`/`disconnect` flow is redundant.
Major changes:
1. Updated class hierarchy for WS server implementations.
2. Updated browser WS server to support the modern and the legacy protocols.
3. Now a websocket connection with the device is closed on error. The idea is it is highly unlikely to handle any subsequent messages properly once we observe an error. It is better to bail and reconnect. What do you think?
Reviewed By: mweststrate
Differential Revision: D31532172
fbshipit-source-id: f86aa63a40efe4d5263353cc124fac8c63b80e45
Summary: moved `app/src/server` to `flipper-server-core/src` and fixed any fallout from that (aka integration points I missed on the preparing diffs).
Reviewed By: passy
Differential Revision: D31541378
fbshipit-source-id: 8a7e0169ebefa515781f6e5e0f7b926415d4b7e9
Summary:
This diff introduces the packages necessary for Flipper decapitated.
* flipper-common: utilities & types shared between client, server, flipper-plugin
* flipper-server-core: all device & client management goes in here. Basically flipper's backend
* flipper-ui-core: all UI goes in here, as far as it doesn't depend on Electron
* desktop: the Electron app, will load server-core and ui-core, and glue them together, providing implementations for some electron specific stuff like dialgos
* flipper-server: A node process hosting flipper-server-core, that can be connected to over websockets. And probably can serve a browser version of the UI as well.
* flipper-ui-browser: thin wrapper around flipper-ui-core, providing some browser specific behavior / stubs.
* flipper-dump: (might remove later), but want to hack a quick and dirt flipper dump in here, as alternative way to test flipper-server-core.
This diff just creates the packages, but doesn't move any code, so it can be summarized as:
restoftheowl
Reviewed By: nikoant
Differential Revision: D30218646
fbshipit-source-id: 735598a1261a98e584f52504b5eba01ec0afa162
