Address CVE-2024-22871 and cleanup older patterns #491
Conversation
There was a problem hiding this comment.
Looks good. I have only 1 smaller comment. The compiler changes are a bit to wrap my head around, but I think I followed along. Perhaps a bit of inline explanation there would be nice.
The removal of the use of an unnecessary atom for the compile-constraints is quite nice.
.gitignore
Outdated
| @@ -17,3 +17,6 @@ figwheel_server.log | |||
| *.iml | |||
| .clj-kondo | |||
| .lsp | |||
| node_modules/* | |||
| package.json | |||
There was a problem hiding this comment.
May not be a bad idea to check both the package*.json files into gh instead for stability. But won't block on it.
There was a problem hiding this comment.
Seems reasonable:
4d0e1dc
I added some comments here: I didn't think commenting on the changes to the TestNode record itself made sense documented inline, so i will cover them here. Previously the testNode compilation was evaluating a structure like: This was odd as the constraints didn't need to be evaluated from what i could see, and were actually adding to bloat in the generated classes, which in turn actually breaks the assertion here: |
package.json
Outdated
| @@ -0,0 +1,5 @@ | |||
| { | |||
| "dependencies": { | |||
There was a problem hiding this comment.
Not that important since we aren't publishing this for any production use, but I'd typically think it should be a "devDependencies" entry.
There was a problem hiding this comment.
shows my lack of experience outside of the clojure side of things, updated here:
e0baa05
No description provided.