Skip to content

refactor: remove unused dependencies and replace lodash with native JavaScript#272

Merged
eablack merged 2 commits intomainfrom
eb/clean-up-dependencies
Mar 16, 2026
Merged

refactor: remove unused dependencies and replace lodash with native JavaScript#272
eablack merged 2 commits intomainfrom
eb/clean-up-dependencies

Conversation

@eablack
Copy link
Contributor

@eablack eablack commented Mar 13, 2026

Summary

This PR removes unused dependencies and replaces lodash utilities with native JavaScript implementations to reduce bundle size, simplify the codebase, and fix security vulnerabilities.

Changes:

  • Removed lodash.sortby and @types/lodash.sortby - replaced with native Array.sort() in kafka:info command
  • Removed chai-as-promised - refactored tests in test/lib/clusters-test.ts to use native async/await patterns with try/catch
  • Removed ts-node configuration from tsconfig.json (project uses tsx instead via NODE_OPTIONS)
  • Fixed high severity security vulnerability in flatted package via npm audit fix

Remaining vulnerabilities:

  • 2 low severity DoS vulnerabilities in diff package (mocha dependency) - acceptable as they only affect test environment and require malicious test input

Type of Change

Patch Updates (patch semver update)

  • refactor: Refactoring existing code without changing behavior
  • deps: Dependency upgrade

Testing

Notes:

All existing tests pass without modification to test behavior.

Steps:

  1. Passing CI suffices - all 185 tests pass
  2. Verified build completes successfully
  3. Verified no breaking changes to functionality

Related Issues

Part of ongoing effort to modernize the codebase and reduce unnecessary dependencies.

@eablack
refactor: remove unused dependencies and replace lodash with native J…
c5fa0a4 
…avaScript

Remove unused dependencies (lodash.sortby, chai-as-promised, ts-node) and replace with native implementations to reduce bundle size and simplify the codebase.

- Replace lodash.sortby with native Array.sort() in kafka:info command
- Refactor chai-as-promised tests to use native async/await patterns
- Remove ts-node configuration (using tsx instead)
- Fix high severity security vulnerability in flatted package
@eablack eablack requested a review from a team as a code owner March 13, 2026 22:21
michaelmalave
michaelmalave approved these changes Mar 13, 2026
View reviewed changes
Copy link
Contributor

@michaelmalave michaelmalave left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice removal, LGTM!

@eablack eablack merged commit a4eabfe into main Mar 16, 2026
8 checks passed
@eablack eablack deleted the eb/clean-up-dependencies branch March 16, 2026 04:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@michaelmalave michaelmalave michaelmalave approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@eablack @michaelmalave