Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update ts-invariant to avoid CSP-violating Function fallback. #7414

Merged
merged 2 commits into from
Dec 4, 2020
Merged

Update ts-invariant to avoid CSP-violating Function fallback. #7414

merged 2 commits into from
Dec 4, 2020

Conversation

benjamn
Copy link
Member

@benjamn benjamn commented Dec 4, 2020
edited
Loading

Includes this ts-invariant PR: apollographql/invariant-packages#53

This update may also help with issues like #7406, where a patch version update (from 0.5.0 to 0.5.1) is apparently not enough to force a dependency like ts-invariant with multiple conflicting version constraints (from @apollo/client and graphql-tools) to be updated, since version 0.5.0 is still semantically compatible with the desired minimum version 0.5.1, so ts-invariant remains outdated after updating @apollo/client, despite the new version being clearly mandated in @apollo/client/package.json.

After updating the minor version of ts-invariant in package.json (to ^0.6.0), there should be no risk of @apollo/client incorrectly resolving the older ts-invariant@0.5.0 version, though there may end up being multiple copies of ts-invariant in node_modules with different versions, which is fine for this particular package.

@benjamn
Update ts-invariant to avoid CSP-violating Function fallback.
435a253 
apollographql/invariant-packages#53

This may also help with issues like #7406, where a _patch_ version update
(from 0.5.0 to 0.5.1) is not enough to force a dependency like
ts-invariant with multiple conflicting version constraints (from
@apollo/client and graphql-tools) to be updated, since version 0.5.0 is
still semantically compatible with the desired minimum version 0.5.1, so
ts-invariant remains outdated after updating @apollo/client, despite the
new version being clearly mandated in @apollo/client/package.json.

After updating the _minor_ version of ts-invariant in package.json (to
^0.6.0), there should be no risk of @apollo/client incorrectly resolving
the older ts-invariant@0.5.0 version.
@benjamn benjamn added this to the Post 3.0 milestone Dec 4, 2020
@benjamn benjamn self-assigned this Dec 4, 2020
hwillson
hwillson approved these changes Dec 4, 2020
View reviewed changes
Copy link
Member

@hwillson hwillson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 👍 - thanks!

@benjamn benjamn merged commit c3edde4 into main Dec 4, 2020
@benjamn benjamn deleted the update-ts-invariant branch December 4, 2020 20:21
@benjamn benjamn mentioned this pull request Dec 7, 2020
Closed
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Feb 16, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@hwillson hwillson hwillson approved these changes

@jcreighton jcreighton Awaiting requested review from jcreighton

Assignees

@benjamn benjamn

Labels
🎄 dependencies 🧩 implementation-detail
Projects
None yet
Milestone
Post 3.0
Development

Successfully merging this pull request may close these issues.
2 participants
@benjamn @hwillson