Update Dependencies for December 2021 #668
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Also update some of nokogiri's dependencies, specifically `mini_portile2` and `racc`.
Also update puma's dependency nio4r (2.5.7 to 2.5.8).
Also update better_errors' dependency coderay (1.1.2 to 1.1.3).
Pin to an exact version, 0.0.8, which I have personally verified only contains the desired change, plus package.json metadata changes and updates to README.md. (Pinning means we don't have to trust the independent GitHub user who published the fork, just the content of the patch.) One can do the following commands to download and inspect the contents of the packages themselves, as hosted on the npm package registry... - `npm pack ansi-html@0.0.7` - `npm pack ansi-html-community@0.0.8` Then extract the tarballs and compare the content. See the following for details of the fork and why it was made: - github[dot]com/Tjatse/ansi-html/issues/19 - github[dot]com/Tjatse/ansi-html/issues/19#issuecomment-913119841
|
I'm determined to update the swagger-ui package, but the new update looks pretty bad with the minimal CSS we've got applied right now. Other than that, I'm not aware of any downsides to these updates from my testing. CI has been passing for me as well, of course. I tend to check that before I even post these PRs... Edit to clarify: This package is only used for the "Public API" documentation/demo page. It has no impact on the core site itself. |
DeeDeeG
added a commit
that referenced
this pull request
Mar 28, 2022
* Add a blank/free-form issue template
This is for when an issue doesn't need
a complex explanation or rationale.
Or when the submitter already knows what they want to put,
and our existing, complex and lengthy template would get in the way.
* Update Dependencies for December 2021 (#668)
- Gemfile.lock: Update nokogiri (1.11.7 to 1.12.5)
Also update some of nokogiri's dependencies,
specifically `mini_portile2` and `racc`.
- Gemfile.lock: Update puma (5.3.2 to 5.5.2)
Also update puma's dependency nio4r (2.5.7 to 2.5.8).
- Gemfile[.lock]: Update better_errors 2.4 to 2.9.1
Also update better_errors' dependency coderay (1.1.2 to 1.1.3).
- yarn.lock: Update tar (6.1.7 to 6.1.11)
- deps: Resolve ansi-regex to "^5.0.1"
- deps: Resolve ansi-html to ansi-html-community
Pin to an exact version, 0.0.8, which I have personally verified
only contains the desired change, plus package.json metadata changes
and updates to README.md.
(Pinning means we don't have to trust the independent GitHub user
who published the fork, just the content of the patch.)
One can do the following commands to download and inspect the contents
of the packages themselves, as hosted on the npm package registry...
- `npm pack ansi-html@0.0.7`
- `npm pack ansi-html-community@0.0.8`
Then extract the tarballs and compare the content.
See the following for details of the fork and why it was made:
- github.com/Tjatse[slash]ansi-html/issues/19
- github.com/Tjatse[slash]ansi-html/issues/19#issuecomment-913119841
- deps: Resolve nth-check to 2.0.1
- ruby: Update Ruby version from 2.7.4 to 2.7.5
- deps: Update swagger-ui from 3.25.0 to 4.1.3
* Update Dependencies for mid March 2022 (#669)
- yarn.lock: Update follow-redirects
Update follow-redirects from 1.11.0 to 1.14.8.
- yarn.lock: Update selfsigned and node-forge
Update selfsigned from 1.10.11 to 1.10.13
Update node-forge from 0.10.0 to 1.2.1
- Gemfile[.lock]: Update rails from 5.2.6 to 5.2.6.3
Also update some of its dependencies.
- yarn.lock: Update url-parse from 1.5.3 to 1.5.9
- yarn.lock: Update cross-fetch and node-fetch
Also pull in some new indirect dependencies :/ ...
- Gemfile.lock: Update puma from 5.5.2 to 5.6.2
- Docker: Update NodeJS version to 16.x
This is the new default over at Heroku.
We should start developing and testing against this version of Node,
in order to better match how our code will run in production/
on the real site.
(Reminder: We can always specify a version for production,
if we need to, with the "engines" field of the package.json file.)
See: https://devcenter.heroku.com/articles/nodejs-support#specifying-a-node-js-version
- yarn.lock: Update prismjs and refractor
Update prismjs from 1.25.0 to 1.27.0
Update refractor from 3.5.0 to 3.6.0
- Gemfile.lock: Update nokogiri and mini_portile2
Update nokogiri from 1.12.5 to 1.13.3,
Update mini_portile2 from 2.6.1 to 2.8.0
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Context
Summary of Changes
Checklist