Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Node 20 & dependencies upgrade #165

Merged
merged 3 commits into from
Sep 8, 2024
Merged

Node 20 & dependencies upgrade #165

merged 3 commits into from
Sep 8, 2024

Conversation

lhtdesignde
Copy link
Contributor

@lhtdesignde lhtdesignde commented Sep 4, 2024
edited
Loading

Hi,

the import-map-deployer has a critical vulnerability (openssl:3.0.8-r3/CVE-2023-5363) by using an old node version (14).

So I upgraded to the latest LTS Node Version (20) and did some minor package updates, which also fix some vulnerabilities.
The most vulnerabilities are in jest though. At least 13 critical ones but upgrading that breaks the tests, so I left it for now.

Also the package request is deprecated and needs replacing.

  • Upgraded to Node LTS 20.17.0
  • Package updates
  • workflow packages updates
  • husky fixes (didn't run pre-commit for me)

The PR addresses also following issues:
#157
#164

MilanKovacic
MilanKovacic approved these changes Sep 8, 2024
View reviewed changes
Copy link
Contributor

@MilanKovacic MilanKovacic left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good. Thank you for the contribution.

@MilanKovacic MilanKovacic merged commit 78d6259 into single-spa:main Sep 8, 2024
1 check passed
@joeldenning
Copy link
Member

Thanks for your contribution. This caused a regression bug for Azure Storage users in #167 that was fixed in #168

@lhtdesignde
Copy link
Contributor Author

lhtdesignde commented Sep 25, 2024
edited
Loading

@joeldenning Thanks for fixing that. I looked into upgrading Azure Storage package as well but as soon as I did that, all tests were failing locally. So I didn't. It was a fairly big update with node 20 and I tried to make sure to look into all packages. Azure Storage didn't mention that the current version would not work with node 20 and all tests passed with the version used here. Just to give you my thought process.
Happy to help if there is another need in the future.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@MilanKovacic MilanKovacic MilanKovacic approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@lhtdesignde @joeldenning @MilanKovacic