Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(devDeps): bump webdriverio packages #6328

Merged
merged 9 commits into from
May 11, 2023
Merged

chore(devDeps): bump webdriverio packages #6328

merged 9 commits into from
May 11, 2023

Conversation

legobeat
Copy link
Contributor

@legobeat legobeat commented May 3, 2023
edited

Description

Checklist

  • There is a related GitHub issue
  • Tests are included if applicable
  • Any added code is fully documented

@github-actions
Copy link
Contributor

github-actions bot commented May 3, 2023

CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes.

@legobeat legobeat marked this pull request as ready for review May 3, 2023 23:58
@legobeat legobeat requested a review from a team as a code owner May 3, 2023 23:58
@legobeat legobeat added the needs-dev-review PR needs reviews from other engineers (in order to receive required approvals) label May 4, 2023
@legobeat legobeat changed the title Devdeps: bump webdriverio packages chore(devDeps): bump webdriverio packages May 4, 2023
@socket-security
Copy link

socket-security bot commented May 4, 2023
edited

New dependency changes detected. Learn more about Socket for GitHub ↗︎

👍 No new dependency issues detected in pull request

Bot Commands

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore foo@1.0.0 bar@* or ignore all packages with @SocketSecurity ignore-all

Ignoring: git-repo-info@2.1.1, @wdio/browserstack-service@7.31.1, @types/gitconfiglocal@2.0.1, gitconfiglocal@2.1.0

Pull request alert summary
Issue Status
Critical CVE ✅ 0 issues
CVE ✅ 0 issues
Mild CVE ✅ 0 issues
Install scripts ✅ 0 issues
Native code ✅ 0 issues
Bin script confusion ✅ 0 issues
Bin script shell injection ✅ 0 issues
Filesystem access ✅ 0 issues
Network access ✅ 0 issues
Shell access ✅ 0 issues
Unresolved require ✅ 0 issues
Invalid package.json ✅ 0 issues
HTTP dependency ✅ 0 issues
Git dependency ✅ 0 issues
GitHub dependency ✅ 0 issues
No bug tracker ✅ 0 issues
No contributors or author data ✅ 0 issues
No README ✅ 0 issues
Deprecated ✅ 0 issues
New author ✅ 0 issues
Unstable ownership ✅ 0 issues
Non-existent author ✅ 0 issues
Unmaintained ✅ 0 issues
Unpublished package ✅ 0 issues
Potential typo squat ✅ 0 issues
Known Malware ✅ 0 issues
Telemetry ✅ 0 issues
Protestware/Troll package ✅ 0 issues
AI detected security risk ✅ 0 issues
AI warning ✅ 0 issues

📊 Modified Dependency Overview:

➕ Added Package Capability Access +/- Transitive Count Publisher
@cucumber/messages@22.0.0 None +1 cukebot
⬆️ Updated Package Version Diff Added Capability Access +/- Transitive Count Publisher
@wdio/browserstack-service@7.31.1 7.28.1...7.31.1 network, environment +18/-22 wdio-user
multiple-cucumber-html-reporter@3.4.0 3.0.1...3.4.0 None +2/-3 wasiqb
@wdio/cli@7.31.1 7.25.2...7.31.1 None +12/-12 wdio-user
@wdio/appium-service@7.31.1 7.25.1...7.31.1 None +13/-13 wdio-user
@wdio/local-runner@7.31.1 7.25.2...7.31.1 None +14/-14 wdio-user
@wdio/junit-reporter@7.31.1 7.28.0...7.31.1 None +14/-16 wdio-user
@wdio/cucumber-framework@7.31.1 7.25.1...7.31.1 None +18/-15 wdio-user
@wdio/spec-reporter@7.31.1 7.25.1...7.31.1 None +14/-14 wdio-user

🚮 Removed packages: wdio-chromedriver-service@7.3.2, wdio-cucumber-reporter@0.0.2, wdio-image-comparison-service@3.1.1, wdio-vscode-service@0.1.13

@legobeat
Copy link
Contributor Author

legobeat commented May 4, 2023 

@SocketSecurity ignore @types/gitconfiglocal@2.0.1
@SocketSecurity ignore git-repo-info@2.1.1
@SocketSecurity ignore gitconfiglocal@2.1.0

These can be addressed in v8 upgrade

@legobeat legobeat added the dependencies Pull requests that update a dependency file label May 4, 2023
@legobeat legobeat force-pushed the devdeps-wdio-7-bump branch 2 times, most recently from 741b96d to c201a4e Compare May 4, 2023 23:35
@sethkfman
Copy link
Contributor

@cortisiko after we complete the RN upgrade we should look at this

@legobeat
Copy link
Contributor Author

legobeat commented May 5, 2023

@cortisiko after we complete the RN upgrade we should look at this

Why not the other direction? If anything, I'd see this one as a precursor.

@legobeat
Copy link
Contributor Author

legobeat commented May 5, 2023

@SocketSecurity ignore @wdio/browserstack-service@7.31.1

@legobeat legobeat requested review from sethkfman and leotm May 7, 2023 23:26
@legobeat
devDeps: @wdio/appium-service@7.25.1->7.31.1
eb4a024
@legobeat
devDeps: bump webdriverio packages
b1a6c61 
Maintenance update staying on major version v7.
Upgrading to current [v8](https://github.com/webdriverio/webdriverio/releases/tag/v8.0.0) addressed in a later change.
@legobeat
devDeps: bump @cucumber/ packages
bed1f4b 
Subdeps of wdio framework
@legobeat
devDeps: dedupe open@^8.*
f77024c
@legobeat
devDeps: drop unused wdio-cucumber-reporter
1ae286d 
Unmaintained since 2016 and does not seem to work with currently used
version of webdriverio anyway.

Drops transitive dependency on deprecated babel-runtime v5.
@legobeat
devDeps: remove unused wdio-vscode-service
653ca63
@legobeat
devDeps: remove unused wdio-image-comparison-service
acaca02 
Removes transitive dep on @mapbox/node-pre-gyp
@legobeat
devDeps: remove unused wdio-chromedriver-service
61d40b7
@legobeat
devDeps: add gherkin missing peerDeps @cucumber/message-streams, @cuc…
97d3e46 
…umber/messages
leotm
leotm approved these changes May 11, 2023
View reviewed changes
Copy link
Contributor

@leotm leotm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

any adv explicitly tracking @cucumber/message-streams?
alrdy in wdio-related peer deps

├── @cucumber/message-streams@4.0.1
├─┬ @wdio/cucumber-framework@7.31.1
│ ├─┬ @cucumber/cucumber@8.6.0
│ │ ├─┬ @cucumber/gherkin-streams@5.0.1
│ │ │ └── @cucumber/message-streams@4.0.1 deduped
│ │ └── @cucumber/message-streams@4.0.1 deduped
│ └─┬ @cucumber/gherkin-streams@5.0.1
│   └── @cucumber/message-streams@4.0.1 deduped
└─┬ wdio-cucumberjs-json-reporter@4.4.3
  └─┬ @cucumber/gherkin@22.0.0
    └── @cucumber/message-streams@3.0.0

(same for @cucumber/messages)

├─┬ @cucumber/message-streams@4.0.1
│ └── @cucumber/messages@22.0.0 deduped
├── @cucumber/messages@22.0.0
├─┬ @wdio/cucumber-framework@7.31.1
│ ├─┬ @cucumber/cucumber@8.6.0
│ │ ├─┬ @cucumber/gherkin-streams@5.0.1
│ │ │ ├─┬ @cucumber/gherkin@26.0.3
│ │ │ │ └── @cucumber/messages@21.0.1 deduped
│ │ │ └── @cucumber/messages@21.0.1
│ │ ├─┬ @cucumber/gherkin-utils@8.0.0
│ │ │ └── @cucumber/messages@19.1.4
│ │ ├─┬ @cucumber/gherkin@24.0.0
│ │ │ └── @cucumber/messages@19.1.4
│ │ ├─┬ @cucumber/html-formatter@20.0.0
│ │ │ └── @cucumber/messages@19.1.2 deduped
│ │ └── @cucumber/messages@19.1.2
│ ├─┬ @cucumber/gherkin-streams@5.0.1
│ │ └── @cucumber/messages@21.0.1 deduped
│ ├─┬ @cucumber/gherkin@26.0.3
│ │ └── @cucumber/messages@21.0.1
│ └── @cucumber/messages@21.0.1
├─┬ prettier-plugin-gherkin@1.1.1
│ ├─┬ @cucumber/gherkin@24.1.0
│ │ └── @cucumber/messages@19.1.4 deduped
│ └── @cucumber/messages@19.1.4
└─┬ wdio-cucumberjs-json-reporter@4.4.3
  └─┬ @cucumber/gherkin@22.0.0
    ├─┬ @cucumber/message-streams@3.0.0
    │ └── @cucumber/messages@17.1.1 deduped
    └── @cucumber/messages@17.1.1

otherwise thx and lgtm!

@leotm leotm requested a review from NicolasMassart May 11, 2023 10:35
@legobeat
Copy link
Contributor Author

@leotm added them after yarn was complaining so assumed the expected thing would be to add them. Thanks for the thoughtful review.

@legobeat legobeat merged commit 64d2658 into MetaMask:main May 11, 2023
13 checks passed
@github-actions github-actions bot locked and limited conversation to collaborators May 11, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@leotm leotm leotm approved these changes

@sethkfman sethkfman Awaiting requested review from sethkfman

@NicolasMassart NicolasMassart Awaiting requested review from NicolasMassart

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file needs-dev-review PR needs reviews from other engineers (in order to receive required approvals)
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@legobeat @sethkfman @leotm