Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(deps): upgrade eslint to fix semver vulnerability #210

Closed
wants to merge 2 commits into from

Conversation

roggervalf
Copy link

@roggervalf roggervalf commented Aug 10, 2023

also I think it will solve #207 and #208, as new versions do not depend on semver

@roggervalf
Copy link
Author

please @jhnns, when you get some chance

@coveralls
Copy link

Coverage Status

coverage: 98.721%. remained the same when pulling 697ff71 on roggervalf:fix-semver-vulnerability into f5c655a on jhnns:master.

@roggervalf
Copy link
Author

this is weird, I can execute the tests locally without errors
Captura desde 2023-08-10 09-23-36
also I tried to update package-lock using version 1, as it was generated with that version

@roggervalf
Copy link
Author

so it's failing for node 10 because of this change eslint/eslint#14592 base on eslint/eslint#14023. https://community.sonarsource.com/t/drop-of-node-js-10-support-and-deprecation-of-node-js-12-support/59590 node 10 is no longer being supported, so this should be considered as a breaking change, let me update the ci to drop of node 10 as well

@jhnns
Copy link
Owner

jhnns commented Aug 13, 2023

Thank you for your PR. The failing tests were caused by a breaking change in the package-lock file from npm 8 to 9. I decided to remove official Node 10, 12, 14 and 16 support, as it was not possible to run the CI pipeline with this breaking change.

I made all these changes on the master branch as it was easier for me, so I'm closing this one. The ESLint update shipped with rewire v7.0.0.

@jhnns jhnns closed this Aug 13, 2023
@roggervalf roggervalf deleted the fix-semver-vulnerability branch August 13, 2023 21:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants