Issue 6717 - Part 2: run qunit in headless firefox

package.json

Index: package.json
diff --git a/package.json b/package.json
index 63e144b1babbd3e1819169d956af067e2159b858..a9b3eff35f27869b9f825f2701df890da44b5ecc 100644
--- a/package.json
+++ b/package.json
@@ -4,11 +4,19 @@
   "license": "GPL-3.0",
   "dependencies": {},
   "devDependencies": {
+    "dmg": "0.1.0",
     "eslint": "^5.1.0",
-    "eslint-config-eyeo": "^2.1.0"
+    "eslint-config-eyeo": "^2.1.0",
+    "extract-zip": "1.6.5",
+    "geckodriver": "^1.9.0",
+    "ncp": "2.0.0",
+    "nodeunit": "0.9.1",

[Sebastian Noack, 2018/08/22 18:16:38]

Any reason you pin exact versions for dmg, extract-zip, ncp and nodeunit?

Can you please also explain why each of these packages are required? The only
new module I see you import is "selenium-webdriver", and "nodeunit" is invoked
below, I guess "geckodriver" is a peer dependency, but it doesn't occur to me
why any of the other packages needs to be made an explicit dependency.

[hub, 2018/08/22 19:21:08]

For "dmg" it is the exact same as in adblockpluscore.
"dmg" is needed to unpack Firefox on macOS. I'm sure we can use ^0.1.0 instead.
(see firefox_download.js in adblockpluscore).

[Sebastian Noack, 2018/08/22 20:06:43]

Acknowledged, but what is about the other dependencies?

[tlucas, 2018/08/22 20:24:00]

No real reason, besides following Hubert's suggestion (and the package.json from
adblockpluscore pins to the same version). If requested, i can switch to "gte".

The other packages, i.e. "ncp" and "extract-zip" are required for
adblockpluscore/test/download_firefox.js. This script is executed once, when no
Firefox is present on the executing machine (invoked by test/firefox.js:50).
Since those packages are only devDependencies for adblockpluscore and
ensure_dependencies.py doesn't install those, setting the NODE_PATH is
unfortunately not an option.

[Sebastian Noack, 2018/08/22 20:54:34]

The canonical way to refer to a dependency's version in package.json is to use ^
(meaning latest compatible version), unless there is an actual requirement to
pin an old version. If there is none, we should rather update package.json in
adblockpluscore as well than further spreading this arbitrary pattern.

Can we have comments in here? If so we also might want to indicate where those
non-obvious dependencies come from.

[tlucas, 2018/08/23 08:47:27]

Adjusted the pinnings.

I also found a way to add comment-ish data, please let me know if that's ok.

+    "selenium-webdriver": "^3.6.0"
   },
   "scripts": {
-    "lint": "eslint *.js lib/ qunit/ ext/",
+    "lint": "eslint *.js lib/ qunit/ ext/ test/",
+    "run_tests": "nodeunit test/*",
+    "test": "_run () { python build.py devenv -t $1; npm run run_tests ; } ; _run",
     "posttest": "npm run lint"
   }
 }