Skip to content

chore(site): remove unused dependencies and drop node-fetch#3294

Open
yonib05 wants to merge 4 commits into
strands-agents:mainfrom
yonib05:chore/site-deps-cleanup
Open

chore(site): remove unused dependencies and drop node-fetch#3294
yonib05 wants to merge 4 commits into
strands-agents:mainfrom
yonib05:chore/site-deps-cleanup

Conversation

@yonib05

@yonib05 yonib05 commented Jul 16, 2026

Copy link
Copy Markdown
Member

Description

site/package.json accumulated dependencies that nothing in the site imports, which inflates every npm ci and widens the dependency surface CI and dependabot have to track. This PR trims it down to what the build actually uses.

  • sanitize-html, @types/sanitize-html, and @a2a-js/sdk are removed: zero imports anywhere under site/; the only mentions are prose in .mdx pages (install instructions and package references), which do not need the package installed.
  • typedoc was listed in both dependencies and devDependencies; it stays in devDependencies only (it is a build-time tool for API doc generation).
  • The inlined broken-links checker (scripts/astro-broken-links-checker-check-links.js) now uses the global fetch available since Node 18 instead of node-fetch, which also drops the 8.7MB web-streams-polyfill transitive.
  • express, @types/express, @aws-sdk/client-s3, @opentelemetry/exporter-trace-otlp-http, and @opentelemetry/sdk-trace-node are only imported by code-snippet .ts files under src/content/docs, which are typechecked by the test-snippets harness with its own package.json. test-snippets already declared express, @types/express, and sdk-trace-node; this PR adds the missing client-s3 and otlp exporter there and removes all five from site/package.json, so the snippet-only deps live where the code that imports them is checked.

Net effect: npm install in site/ removes 65 packages. @modelcontextprotocol/sdk stays (imported by blog snippet files); it still pulls express transitively, which is expected.

Lockfile changes are the output of npm install after the package.json edits, no manual edits. Note: regenerating against the file:../strands-ts reference also refreshed a handful of strands-ts transitive pins (bedrock-runtime, anthropic sdk, vitest) that had gone stale in the lockfile; these would resolve identically on any next install.

Related Issues

None

Documentation PR

N/A

Type of Change

Other (please describe): cleanup

Testing

Ran in site/: npm run test (29 files, 453 passed, 2 skipped), npm run typecheck:snippets (passes with the deps moved to test-snippets, after building strands-ts as CI does), and npm run build (845 pages built; the modified broken-links checker ran against the full build and reported no broken links, which exercises its fetch path end to end). Also verified the modified script imports cleanly under plain node.

  • I ran hatch run prepare

Checklist

  • I have read the CONTRIBUTING document
  • I have reviewed and understand every line of code in this PR, including any generated by AI tools, and I can explain why it works
  • My change is focused and reasonably small; I have split unrelated work into separate PRs
  • I have added any necessary tests that prove my fix is effective or my feature works
  • I have updated the documentation accordingly
  • I have added an appropriate example to the documentation to outline the feature, or no new docs are needed
  • My changes generate no new warnings
  • Any dependent changes have been merged and published

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

remove sanitize-html, @types/sanitize-html, and @a2a-js/sdk (zero
imports; only prose mentions in docs), dedupe typedoc into
devDependencies, and switch the inlined broken-links checker to the
global fetch available in node 18+, dropping node-fetch and its
web-streams-polyfill transitive. move express, @types/express,
@aws-sdk/client-s3, and the opentelemetry trace deps to
test-snippets/package.json, where the snippet typecheck that imports
them actually runs.
@yonib05
yonib05 requested a review from a team as a code owner July 16, 2026 03:59
@yonib05
yonib05 requested a review from notowen333 July 16, 2026 03:59
@github-actions github-actions Bot added area-community Related to community and contributor health chore Maintenance tasks, dependency updates, CI changes, refactoring with no user-facing impact typescript Pull requests that update typescript code strands-running labels Jul 16, 2026
Comment thread site/test-snippets/package.json
@github-actions

Copy link
Copy Markdown
Contributor

Assessment: Approve

Clean, well-scoped dependency cleanup. I verified each claim against the branch and everything checks out — removals are safe and the moves land where the importing code is actually typechecked.

Verification notes
  • Unused removals: sanitize-html, @types/sanitize-html, and @a2a-js/sdk have zero imports anywhere under site/ (only .mdx prose references remain, which need no install). ✓
  • typedoc: correctly kept in devDependencies — it's a build-time tool invoked via npx typedoc in scripts/api-generation-typescript.ts. ✓
  • node-fetch → global fetch: the script uses await fetch(...); .node-version is 20.19.0 and engines require node>=20, so global fetch is available. ✓
  • Snippet-only deps moved to test-snippets/: express, @aws-sdk/client-s3, @opentelemetry/exporter-trace-otlp-http, @opentelemetry/sdk-trace-node are all imported under src/content/docs/**, which test-snippets/tsconfig.json includes. @types/express was already present there. The docs/examples/.../bedrock-agentcore file that also imports express has its own package.json, so it's unaffected. ✓
  • Scope: 4 files, focused change.

Two low-severity, non-blocking notes left inline (lockfile transitive bumps, and an sdk-trace-node version discrepancy). Nice reduction in the dependency surface.

@github-actions

github-actions Bot commented Jul 16, 2026

Copy link
Copy Markdown
Contributor

Documentation Preview Ready

Your documentation preview has been successfully deployed!

Preview URL: https://d3ehv1nix5p99z.cloudfront.net/pr-cms-3294/docs/user-guide/quickstart/overview/

Updated at: 2026-07-16T21:05:23.282Z

@yonib05
yonib05 enabled auto-merge (squash) July 16, 2026 13:08
@github-actions

Copy link
Copy Markdown
Contributor

Note on site/package-lock.json scope (re-posting — a file-level comment didn't attach)

Issue: Beyond removing the unused deps, the lockfile regen also bumps strands-ts transitive versions unrelated to this change — e.g. @aws-sdk/client-bedrock-runtime 3.1069.03.1078.0, @anthropic-ai/sdk 0.106.00.109.1, vitest 4.1.64.1.10, @ai-sdk/amazon-bedrock 4.0.1284.0.129. These match the current strands-ts/package.json, so they're a side effect of regenerating a stale lockfile against the file:../strands-ts reference rather than manual edits — but they widen the diff past the "remove unused deps" scope.

Suggestion: No code change strictly required (they'd resolve on the next install anyway). Worth a one-line note in the PR description, since it currently states the lockfile is purely the output of the package.json edits. Non-blocking.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

area-community Related to community and contributor health chore Maintenance tasks, dependency updates, CI changes, refactoring with no user-facing impact size/l typescript Pull requests that update typescript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant