Project

General

Profile

Actions

Bug #16052

closed

update serialize-javascript and js-yaml packages

Added by Peter Amstutz over 2 years ago. Updated over 2 years ago.

Status:
Resolved
Priority:
Normal
Assigned To:
Category:
Workbench2
Target version:
Start date:
01/24/2020
Due date:
% Done:

100%

Estimated time:
(Total: 0.00 h)
Story points:
-


Subtasks 1 (0 open1 closed)

Task #16084: Review 16052-update-packagesResolvedPeter Amstutz01/24/2020

Actions
Actions #1

Updated by Peter Amstutz over 2 years ago

  • Description updated (diff)
Actions #2

Updated by Lucas Di Pentima over 2 years ago

  • Status changed from New to In Progress
Actions #3

Updated by Lucas Di Pentima over 2 years ago

Updates at commit 84ef70b - branch 16052-update-packages

By using yarn audit I was able to understand better how the different modules are requested. There're indirect dependencies that require special treatment via a resolutions key on package.json file. See: https://yarnpkg.com/lang/en/docs/selective-version-resolutions/

Actions #4

Updated by Peter Amstutz over 2 years ago

Lucas Di Pentima wrote:

Updates at commit 84ef70b - branch 16052-update-packages

By using yarn audit I was able to understand better how the different modules are requested. There're indirect dependencies that require special treatment via a resolutions key on package.json file. See: https://yarnpkg.com/lang/en/docs/selective-version-resolutions/

This LGTM.

Would it make sense to add yarn audit to our build pipeline somewhere?

Actions #5

Updated by Lucas Di Pentima over 2 years ago

Peter Amstutz wrote:

Would it make sense to add yarn audit to our build pipeline somewhere?

Maybe we can add it as part of the test pipeline. For example checking its errorlevel is >= 8 would fail when issues with priority high or worse are detected: https://legacy.yarnpkg.com/lang/en/docs/cli/audit/#toc-yarn-audit

Actions #6

Updated by Anonymous over 2 years ago

  • Status changed from In Progress to Resolved
Actions

Also available in: Atom PDF