New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[HOLD for payment 2022-10-26] [$250] Upgrade electron #11204
Comments
Triggered auto assignment to @NicMendonca ( |
Triggered auto assignment to Contributor-plus team member for initial proposal review - @parasharrajat ( |
Triggered auto assignment to @puneetlath ( |
Proposal:The Electron is upgraded to 20.2.0 locally without any breaking changes. There are 3 breaking changes introduced in 20.2.0. They are
The change should work. If we do not wish to upgrade to 20.0.0 then we can also do step wise upgrade to 18.3.6 easily. |
@puneetlath, @parasharrajat, @NicMendonca Uh oh! This issue is overdue by 2 days. Don't forget to update your issues! |
@parasharrajat thoughts on the proposal? |
Reviewing... |
@smrutiparida Proposal looks good to me. It might be good to upgrade the cc: @flodnv 🎀 👀 🎀 C+ reviewed |
Proposal seems good to me too 👍🏾 |
📣 @smrutiparida You have been assigned to this job by @puneetlath! |
I have applied to this job on upwork now. |
Heads up! We just added live-reload to the main process of Electron on dev. Please make sure that we don't break that. |
@NicMendonca Based on #11324 (comment), It seems @smrutiparida is still not hired on Upwork. Could you please check that? Thank you. |
Oh yeah. Thanks @Luke9389. Looks like we did that here: #11531 @NicMendonca let's go ahead and pay @smrutiparida and @parasharrajat out since they did the work. And then let's close this issue and the PR since they are no longer needed. |
PR is trying to upgrade to v20 of electron. |
Ah, good point. It looks like we've been waiting for @smrutiparida for almost a week now to update their PR. If we don't hear back in the next day, let's just close this out, since the security hole has already been resolved. |
My two cents is that we should close this, because we've already dealt with the security problem. Now we're just upgrading for the sake of upgrading (which we generally don't do without a demonstration of some material benefit). |
That makes sense to me. @NicMendonca let's pay @smrutiparida and @parasharrajat out and close. |
Alternatively, let's just update to the latest stable release |
The solution for this issue has been 🚀 deployed to production 🚀 in version 1.2.17-4 and is now subject to a 7-day regression period 📆. Here is the list of pull requests that resolve this issue: If no regressions arise, payment will be issued on 2022-10-26. 🎊 |
@smrutiparida paid! @parasharrajat please accept the job offer when you get a sec. Thanks! |
There is some issue on Upwork side, I will try to do it asap. |
@parasharrajat I'll set this one to weekly too! |
Were we able to get the payment situation figured out? |
I have accepted the offer. |
@parasharrajat paid! Thanks! |
If you haven’t already, check out our contributing guidelines for onboarding and email contributors@expensify.com to request to join our Slack channel!
Problem
The version of electron in package.json is really outdated, and now has a vulnerability.
Solution
Let's update to the latest if possible, or at least to 18.3.12.
The text was updated successfully, but these errors were encountered: