Revert Package Versions #876

HappyViki · 2020-06-30T20:03:51Z

Moment broke after this merge: #873

I'm reverting as much as possible, and only updating packages that need to be updated.

Before: all packages got updated
After:

"webpack-dev-server": "^3.11.0" (as before)
"jest": "^24.7.1"
npx npm-force-resolutions with this in package.json:

  "resolutions": {
    "minimist": "^1.2.3"
  },

Move jest to devDependencies in docs' package.json
Alphabetized some propTypes to resolve eslint errors
Updated setupTestFrameworkScriptFile to setupFilesAfterEnv in package.json to resolve Jest Deprecation Warning

npm audit (only some audits)

# Run  npm update http-proxy --depth 3  to resolve 1 vulnerability
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ High          │ Denial of Service                                            │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ http-proxy                                                   │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ webpack-dev-server [dev]                                     │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ webpack-dev-server > http-proxy-middleware > http-proxy      │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://npmjs.com/advisories/1486                            │
└───────────────┴──────────────────────────────────────────────────────────────┘

┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low           │ Prototype Pollution                                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ minimist                                                     │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ jest [dev]                                                   │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ jest > jest-cli > @jest/core > jest-runner > jest-haste-map  │
│               │ > sane > @cnakazawa/watch > minimist                         │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://npmjs.com/advisories/1179                            │
└───────────────┴──────────────────────────────────────────────────────────────┘

HappyViki · 2020-06-30T22:54:55Z

@sambev Should we use older versions of minimist for some dependancies?
https://www.npmjs.com/advisories/1179

Veronica Eulenberg added 13 commits June 30, 2020 13:49

Pckges to c17feed

e439ed3

package.json

780cd2e

package-lock.json

2d344cc

docs package and package-lock

fc2945e

Move docs jest to dev dep

bd1f22c

Update docs webpack-dev-server pckg

7f24c81

Update jest to latest

6416ef5

revert jest

5dcdae3

did something

a829f73

fix

f8f6c11

install [email protected]

9df1757

alpha prop types

0d138d3

npm-force-resolutions minimist

b59b560

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Revert Package Versions #876

Revert Package Versions #876

HappyViki commented Jun 30, 2020 •

edited

Loading

HappyViki commented Jun 30, 2020 •

edited

Loading

Revert Package Versions #876

Are you sure you want to change the base?

Revert Package Versions #876

Conversation

HappyViki commented Jun 30, 2020 • edited Loading

HappyViki commented Jun 30, 2020 • edited Loading

HappyViki commented Jun 30, 2020 •

edited

Loading

HappyViki commented Jun 30, 2020 •

edited

Loading