Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update deps #1381

Merged
merged 6 commits into from
Feb 1, 2023
Merged

Update deps #1381

merged 6 commits into from
Feb 1, 2023

Conversation

goosewobbler
Copy link
Contributor

@goosewobbler goosewobbler commented Jan 24, 2023
edited
Loading

Unable to update major version due to ESM requirement:

conf
node-fetch
query-string

It should be possible to upgrade these at some point if we switch to ESM, but Electron will require transpilation to CommonJS for the foreseeable future:

electron/forge#3129 (comment)

  • Added @parcel/core and react-is as these were flagged (by pnpm) as missing peer deps for @parcel/* & styled-components.
  • Removed node-hid override version pinning as ledger has now updated this to 2.1.2
  • Issues in main unit tests with recent ledger updates - similar to this, errors in tests fixed by jest module mapping.

TODO:

  • verify ledger functionality works for dev
  • verify ledger functionality works for prod builds

@goosewobbler goosewobbler added dependencies Pull requests that update a dependency file WIP PRs that are still in progress and not ready for review or merging and removed WIP PRs that are still in progress and not ready for review or merging labels Jan 24, 2023
@goosewobbler goosewobbler modified the milestone: v0.6.0 Jan 26, 2023
mholtzman
mholtzman previously approved these changes Feb 1, 2023
View reviewed changes
@socket-security
Copy link

socket-security bot commented Feb 1, 2023
edited
Loading

Socket Security Pull Request Report

👍 No new dependency issues detected in pull request

Pull request report summary
Issue Status
Install scripts ✅ 0 issues
Native code ✅ 0 issues
Bin script confusion ✅ 0 issues
Bin script shell injection ✅ 0 issues
Unresolved require ✅ 0 issues
Invalid package.json ✅ 0 issues
HTTP dependency ✅ 0 issues
Git dependency ✅ 0 issues
Potential typo squat ✅ 0 issues
Known Malware ✅ 0 issues
Telemetry ✅ 0 issues
Protestware/Troll package ✅ 0 issues
Bot Commands

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore foo@1.0.0 bar@2.4.2

Ignoring: @lavamoat/allow-scripts@2.3.0, gridplus-sdk@2.4.3, core-js@3.27.2, msgpackr-extract@3.0.0, @parcel/watcher@2.1.0, classic-level@1.2.0, usb@2.5.1, electron@22.0.3, jest@29.4.0, jest-cli@29.4.1

Powered by socket.dev

@goosewobbler
Copy link
Contributor Author

@SocketSecurity ignore @lavamoat/allow-scripts@2.3.0 gridplus-sdk@2.4.3 core-js@3.27.2 msgpackr-extract@3.0.0 @parcel/watcher@2.1.0

@goosewobbler
Copy link
Contributor Author

@SocketSecurity ignore classic-level@1.2.0 usb@2.5.1 electron@22.0.3 jest@29.4.0 jest-cli@29.4.1

@goosewobbler goosewobbler merged commit 90397fc into develop Feb 1, 2023
@goosewobbler goosewobbler deleted the update-deps branch February 1, 2023 14:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mholtzman mholtzman mholtzman approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@goosewobbler @mholtzman