Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: upgrade deps #6400

Merged
merged 10 commits into from
Jun 21, 2018
Merged

chore: upgrade deps #6400

merged 10 commits into from
Jun 21, 2018

Conversation

thymikee
Copy link
Collaborator

@thymikee thymikee commented Jun 5, 2018

Summary

Done with yarn upgrade-interactive + some packages with --latest flag on.
Deps yet to be upgraded separately:

  • React Native example
  • source-map (cc @SimenB, we still cannot use v0.7 because they went async or is not the case anymore?)
  • rollup

Fixes #6040

Test plan

No.

@SimenB
Copy link
Member

SimenB commented Jun 5, 2018

Correct on source-map - still blocked. See mozilla/source-map#331 for status

@thymikee
Copy link
Collaborator Author

thymikee commented Jun 5, 2018

Browser build fails because of slash@2:

/Users/thymikee/Projects/jest/packages/expect/build-es5/index.js
  33203:25  error  Parsing error: Unexpected token >

✖ 1 problem (1 error, 0 warnings)

For reason yet unknown to me it doesn't transpile this arrow function

@thymikee
Copy link
Collaborator Author

thymikee commented Jun 6, 2018

I just downgraded slash for now, someone can fix this later :p

@codecov-io
Copy link

Codecov Report

Merging #6400 into master will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff           @@
##           master    #6400   +/-   ##
=======================================
  Coverage   63.48%   63.48%           
=======================================
  Files         227      227           
  Lines        8697     8697           
  Branches        4        4           
=======================================
  Hits         5521     5521           
  Misses       3175     3175           
  Partials        1        1

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 05bbcc5...4b6ccbf. Read the comment docs.

@@ -4,7 +4,7 @@
"ansi-regex": "^3.0.0",
"ansi-styles": "^3.2.0",
"babel-core": "^6.23.1",
"babel-eslint": "^7.2.3",
"babel-eslint": "^8.2.3",
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

do we not get a peer dep warning from this?

facebook/fbjs#275 hasn't been released yet, has it?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yup, we do, missed that. @cpojer might push someone to actually make a release? :p in the meantime I'll revert this change

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

you'll need to downgrade eslint as well

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

oh man

"lerna": "2.9.0",
"micromatch": "^2.3.11",
"lerna": "2.11.0",
"micromatch": "^3.1.10",
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I thought this broke the browser build. Awesome that it seems fixed!

#6040

@SimenB
Copy link
Member

SimenB commented Jun 21, 2018

Could we land this? Seems like it needs a rebase and some lint fix?

@thymikee
Copy link
Collaborator Author

I'll try to iterate on this later today.

@thymikee thymikee force-pushed the chore/upgrade-deps branch from b093ffd to 641d638 Compare June 21, 2018 16:55
@thymikee
Copy link
Collaborator Author

fbjs published a new version in the meantime, so I brought back eslint upgrade

@thymikee
Copy link
Collaborator Author

facebook/fbjs#295

@cpojer cpojer merged commit d1ce3cd into jestjs:master Jun 21, 2018
@thymikee thymikee deleted the chore/upgrade-deps branch June 22, 2018 21:03
thymikee pushed a commit that referenced this pull request Jul 9, 2018
## Summary

As part of #6400, `micromatch` was updated.  While `micromatch`'s CHANGELOG claims that this is safe, several regressions have been noted in cases where users relied upon invalid glob patterns.  For example, these patterns would all match `src/foo/bar/baz.js`, but no longer do:

 - `src/**/*.{js}`
 - `src/**.js`
 - `src/**/*.{js|ts}`

Fixes #6563
Fixes #6546

## Test plan

Unit tests were added which demonstrate the known cases.
@github-actions
Copy link

This pull request has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.
Please note this issue tracker is not a help forum. We recommend using StackOverflow or our discord channel for questions.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators May 12, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Upgrade micromatch to avoid security vulnerability
5 participants