Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[JS] Update nodejs dependencies ahead of schema 1.5 release #6476

Merged
merged 2 commits into from Oct 4, 2021
Merged

[JS] Update nodejs dependencies ahead of schema 1.5 release #6476

merged 2 commits into from Oct 4, 2021

Conversation

paulcam206
Copy link
Member

@paulcam206 paulcam206 commented Oct 3, 2021
edited by ghost

Description

Fix up outdated NPM package dependencies. Includes an update to the latest version of typedoc and a few attendant typedoc.json config file changes.

How Verified

  • local builds (Mac/Linux/Win) and site smoke testing
Microsoft Reviewers: Open in CodeFlow

@paulcam206 paulcam206 added the Platform-JavaScript Bugs or features related to the JavaScript renderer label Oct 3, 2021
@ghost
Copy link

ghost commented Oct 3, 2021

Hi @paulcam206. Thanks for helping make the AdaptiveCards JS renderer + tooling better. As additional verification, once the JS build succeeds, please go to the test site to test out your website/designer changes.

@licanhua
Copy link
Contributor

licanhua commented Oct 4, 2021

For the dependency, do we need to run npm update? I saw a lot of vulnerabilities in current dependency

d:\repo\AdaptiveCards\source\nodejs>npm update --no-save
...
+ @types/react@16.14.16
added 698 packages from 136 contributors, removed 224 packages, updated 1398 packages and audited 2101 packages in 72.618s

88 packages are looking for funding
  run `npm fund` for details

found 445 vulnerabilities (296 moderate, 149 high)
  run `npm audit fix` to fix them, or `npm audit` for details

@paulcam206
Copy link
Member Author

For the dependency, do we need to run npm update? I saw a lot of vulnerabilities in current dependency

d:\repo\AdaptiveCards\source\nodejs>npm update --no-save
...
+ @types/react@16.14.16
added 698 packages from 136 contributors, removed 224 packages, updated 1398 packages and audited 2101 packages in 72.618s

88 packages are looking for funding
  run `npm fund` for details

found 445 vulnerabilities (296 moderate, 149 high)
  run `npm audit fix` to fix them, or `npm audit` for details

looks like these are incorrectly-hoisted dependencies. I'll see if I can get them cleaned up...

@licanhua
Copy link
Contributor

licanhua commented Oct 4, 2021

For the dependency, do we need to run npm update? I saw a lot of vulnerabilities in current dependency

d:\repo\AdaptiveCards\source\nodejs>npm update --no-save
...
+ @types/react@16.14.16
added 698 packages from 136 contributors, removed 224 packages, updated 1398 packages and audited 2101 packages in 72.618s

88 packages are looking for funding
  run `npm fund` for details

found 445 vulnerabilities (296 moderate, 149 high)
  run `npm audit fix` to fix them, or `npm audit` for details

looks like these are incorrectly-hoisted dependencies. I'll see if I can get them cleaned up...

No worry. I'm working on the 2.10.0 npm version change, and I can do audit in my PR

almedina-ms
almedina-ms approved these changes Oct 4, 2021
View reviewed changes
Copy link
Contributor

@almedina-ms almedina-ms left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

:shipit:

@paulcam206 paulcam206 merged commit 96ebc33 into main Oct 4, 2021
@paulcam206 paulcam206 deleted the paulcam/npm-deps-update branch October 4, 2021 19:38
@paulcam206
Copy link
Member Author

For the dependency, do we need to run npm update? I saw a lot of vulnerabilities in current dependency

d:\repo\AdaptiveCards\source\nodejs>npm update --no-save
...
+ @types/react@16.14.16
added 698 packages from 136 contributors, removed 224 packages, updated 1398 packages and audited 2101 packages in 72.618s

88 packages are looking for funding
  run `npm fund` for details

found 445 vulnerabilities (296 moderate, 149 high)
  run `npm audit fix` to fix them, or `npm audit` for details

looks like these are incorrectly-hoisted dependencies. I'll see if I can get them cleaned up...

No worry. I'm working on the 2.10.0 npm version change, and I can do audit in my PR

@jonmill - we should schedule some MQ time to clean stuff up... I filed #6481 to track some of the things I noticed while getting these dependencies updated

michaelfarnsworth pushed a commit to michaelfarnsworth/AdaptiveCards that referenced this pull request Nov 10, 2022
@paulcam206 @michaelfarnsworth
[JS] Update nodejs dependencies ahead of schema 1.5 release (microsof…
ed61a23 
…t#6476)

Co-authored-by: Jonathan Miller <jonmil@microsoft.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@licanhua licanhua licanhua approved these changes

@almedina-ms almedina-ms almedina-ms approved these changes

@jonmill jonmill Awaiting requested review from jonmill

@jwoo-msft jwoo-msft Awaiting requested review from jwoo-msft

@RebeccaAnne RebeccaAnne Awaiting requested review from RebeccaAnne

Assignees
No one assigned
Labels
Platform-JavaScript Bugs or features related to the JavaScript renderer
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@paulcam206 @licanhua @almedina-ms