Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: upgrade some other packages to fix dependabot alerts #126

Merged
merged 1 commit into from
May 26, 2021
Merged

fix: upgrade some other packages to fix dependabot alerts #126

merged 1 commit into from
May 26, 2021

Conversation

wschurman
Copy link
Member

Why

https://github.com/expo/entity/security/dependabot

I verified that all dependencies with alerts are used only in dev tools and not as runtime dependencies.

How

Fixes handlebars, ssri dependabot alerts (dev-tools-only dependencies, didn't affect prod code):

Test Plan

yarn typedoc, run a lerna script

@wschurman wschurman requested a review from ide May 26, 2021 18:18
@codecov
Copy link

codecov bot commented May 26, 2021
edited
Loading

Codecov Report

Merging #126 (fc790db) into master (4cba01e) will not change coverage.
The diff coverage is 100.00%.

❗ Current head fc790db differs from pull request most recent head affee2f. Consider uploading reports for the commit affee2f to get more accurate results
Impacted file tree graph

@@           Coverage Diff           @@
##           master     #126   +/-   ##
=======================================
  Coverage   95.31%   95.31%           
=======================================
  Files          70       70           
  Lines        1772     1772           
  Branches      208      208           
=======================================
  Hits         1689     1689           
  Misses         81       81           
  Partials        2        2
Flag Coverage Δ
integration 95.31% <100.00%> (ø)
unittest 95.31% <100.00%> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files Coverage Δ
...-adapter-knex/src/PostgresEntityDatabaseAdapter.ts 100.00% <ø> (ø)
...ter-knex/src/PostgresEntityQueryContextProvider.ts 100.00% <ø> (ø)
...-adapter-knex/src/errors/wrapNativePostgresCall.ts 100.00% <100.00%> (ø)

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 7c43edf...affee2f. Read the comment docs.

@wschurman wschurman requested a review from jkhales May 26, 2021 18:22
Base automatically changed from @wschurman/upgrade-ioredis-knex to master May 26, 2021 20:59
@wschurman wschurman force-pushed the @wschurman/upgrade-ioredis-knex-2 branch from fc790db to affee2f Compare May 26, 2021 20:59
@wschurman wschurman merged commit 226bffe into master May 26, 2021
@wschurman wschurman deleted the @wschurman/upgrade-ioredis-knex-2 branch May 26, 2021 21:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ide ide ide approved these changes

@jkhales jkhales Awaiting requested review from jkhales

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@wschurman @ide