Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix CG vulnerabilities in dependencies #333

Merged
merged 5 commits into from
Jul 15, 2022
Merged

Fix CG vulnerabilities in dependencies #333

merged 5 commits into from
Jul 15, 2022

Conversation

KonstantinTyukalov
Copy link
Contributor

@KonstantinTyukalov KonstantinTyukalov commented Jul 14, 2022
edited
Loading

Description:
What's done:

  • Removed react-scripts package from dependencies since used only in examples projects
  • Bumped Mocha to 6.2.3 version which supports node 6 (support dropped in 7.0.0)
  • Increased mocha timeout for integration tests to prevent flaky errors in local testing
  • Bumped rest client package version to 1.8.10

Risks analysis checklist:

  • There are no risky dependency updates
  • Changes have been tested - ran unit & integration tests locally on node 6.12.0 and 10.15.1
  • Enough test coverage for changes and current test coverage for the task doesn't look poor
  • There are no breaking changes (node 4 support was dropped previously?)
  • There are no other concerns
  • I have not discovered any new uncovered test/use cases

@KonstantinTyukalov KonstantinTyukalov mentioned this pull request Jul 14, 2022
Closed
@KonstantinTyukalov KonstantinTyukalov requested a review from a team July 14, 2022 22:25
@KonstantinTyukalov KonstantinTyukalov merged commit 6387caf into master Jul 15, 2022
@max-zaytsev max-zaytsev deleted the users/KonstantinTyukalov/fix_cg_vulnerabilities branch June 28, 2023 14:10
ajuanjojjj pushed a commit to ajuanjojjj/typed-rest-client that referenced this pull request Jul 5, 2024
@KonstantinTyukalov @ajuanjojjj
Fix CG vulnerabilities in dependencies (microsoft#333)
1584bbb 
* Remove react-scripts from root dependencies

* Increase mocha timeout to 60s for integration tests

* Update package-lock in tests according to main package

* Bump mocha to 6.2.3

* Bump rest client version to 1.8.10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@wojgasior wojgasior wojgasior approved these changes

@AndreyIvanov42 AndreyIvanov42 AndreyIvanov42 approved these changes

@vmapetr vmapetr vmapetr approved these changes

@alexander-smolyakov alexander-smolyakov alexander-smolyakov approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@KonstantinTyukalov @alexander-smolyakov @vmapetr @AndreyIvanov42 @wojgasior