Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update dependencies with old dependencies #250

Merged
merged 8 commits into from
Feb 14, 2022
Merged

Update dependencies with old dependencies #250

merged 8 commits into from
Feb 14, 2022

Conversation

kylelaker
Copy link
Contributor

@kylelaker kylelaker commented Feb 11, 2022
edited

This updates a few React-related packages that themselves have a bunch of outdated packages as dependencies. An npm install after these changes shows 74 vulnerabilities (59 moderate, 15 high). Before these changes, it is 130 vulnerabilities (107 moderate, 21 high, 2 critical). It's not a massive improvement on the high/critical side but I think it unblocks a few more potential updates

@kylelaker kylelaker requested review from hreineck, rgauss, zclarkEDC, bwwalshjr, mikeisen1 and a team and removed request for hreineck and rgauss February 11, 2022 22:09
@kylelaker
Update React Router and Scripts
96542db 
This was a major upgrade for the react-router-dom package and required
some pretty fundamental changes to the way our routing and redirects
work. For the react-scripts, we just needed to add an additional eslint
config package to the package.json
@kylelaker
Cleanup eslint-related packages
028191e 
There are a ton of eslint packages in our `package-lock.json` that we
don't directly use and there are updates to several of them as well.
This updates them to the newest cohesive set (we can't move to eslint 8
yet) possible.
@kylelaker
Update dependencies in example app
0e128aa
@kylelaker
Fix tests by updating Router
da9d655
@kylelaker
Fix linter issues
10415d6
@kylelaker
Fix some downgraded packages
3029212 
A few packages were downgraded and should not have been. This puts them
back to the newest compatible version
@kylelaker
Apply fixes for storybook + cra5
9b18a84
@kylelaker kylelaker mentioned this pull request Feb 14, 2022
Closed
@kylelaker
Copy link
Contributor Author

This PR also applies the same versions from (or removes the need for):

As well as several other packages. By updating react-scripts and fixing the Storybook config, we fix the broken Storybook generation introduced in #242.

zclarkEDC
zclarkEDC reviewed Feb 14, 2022
View reviewed changes
example/src/App.js
@@ -24,7 +24,7 @@ import {
} from "@EasyDynamics/oscal-react-library";
import logo from "./images/logo-header.svg";

const theme = createMuiTheme({
const theme = createTheme({
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

createMuiTheme
If anyone is wondering why this was changed when reviewing: Material UI Migration from V4 to V5

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah exactly. This wasn't necessarily required but it was a noisy warning (and has been for awhile) and hopefully it'll be one less thing to handle in #244

@kylelaker kylelaker merged commit 362becb into develop Feb 14, 2022
@kylelaker kylelaker deleted the feature/update-dependencies branch February 14, 2022 23:27
@kylelaker kylelaker mentioned this pull request Feb 14, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rgauss rgauss rgauss approved these changes

@zclarkEDC zclarkEDC zclarkEDC approved these changes

@hreineck hreineck Awaiting requested review from hreineck

@bwwalshjr bwwalshjr Awaiting requested review from bwwalshjr

@mikeisen1 mikeisen1 Awaiting requested review from mikeisen1

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@kylelaker @rgauss @zclarkEDC