Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update Dependencies for mid March 2022 #669

Merged
merged 10 commits into from Mar 17, 2022
Merged

Update Dependencies for mid March 2022 #669

merged 10 commits into from Mar 17, 2022

Conversation

DeeDeeG
Copy link
Contributor

@DeeDeeG DeeDeeG commented Mar 17, 2022

Context

  • Update several NodeJS and Ruby gem dependencies
  • Update to Node 16.x in development and testing

Summary of Changes

  • Gemfile and Gemfile.lock (Ruby) dependencies:
    • Update rails from 5.2.6 to 5.2.6.3
    • Update puma from 5.5.2 to 5.6.2
    • Update nokogiri from 1.12.5 to 1.13.3
    • Update mini_portile2 from 2.6.1 to 2.8.0
  • package.json and yarn.lock (NodeJS) dependencies:
    • Update follow-redirects from 1.11.0 to 1.14.8
    • Update selfsigned from 1.10.11 to 1.10.13
    • Update node-forge from 0.10.0 to 1.2.1
    • Update url-parse from 1.5.3 to 1.5.9
    • Update cross-fetch from 3.1.4 to 3.1.5
    • Update node-fetch from 2.6.1 to 2.6.7
    • Update prismjs from 1.25.0 to 1.27.0
    • Update refractor from 3.5.0 to 3.6.0
  • Update NodeJS from 14.x to 16.x in development and testing (via the Dockerfile)

Checklist

  • Tested Mobile Responsiveness
  • Added Unit Tests
  • CI Passes
  • Deploys to Heroku on test Correctly (Maintainers will handle)
  • Added Documentation (Service and Code when required)

@DeeDeeG
yarn.lock: Update follow-redirects
9b02b5c 
Update follow-redirects from 1.11.0 to 1.14.8.
@DeeDeeG
yarn.lock: Update selfsigned and node-forge
f966773 
Update selfsigned from 1.10.11 to 1.10.13
Update node-forge from 0.10.0 to 1.2.1
@DeeDeeG
Gemfile[.lock]: Update rails from 5.2.6 to 5.2.6.2
1c726a2 
Also update some of its dependencies.
@DeeDeeG
yarn.lock: Update url-parse from 1.5.3 to 1.5.9
e88300d
@DeeDeeG
yarn.lock: Update cross-fetch and node-fetch
fb2aacd 
Also pull in some new indirect dependencies :/ ...
@DeeDeeG
Gemfile.lock: Update puma from 5.5.2 to 5.6.2
172adf6
@DeeDeeG
Docker: Update NodeJS version to 16.x
bde4073 
This is the new default over at Heroku.

We should start developing and testing against this version of Node,
in order to better match how our code will run in production/
on the real site.

(Reminder: We can always specify a version for production,
if we need to, with the "engines" field of the package.json file.)

See: https://devcenter.heroku.com/articles/nodejs-support#specifying-a-node-js-version
@DeeDeeG
yarn.lock: Update prismjs and refractor
a1fbdee 
Update prismjs from 1.25.0 to 1.27.0
Update refractor from 3.5.0 to 3.6.0
@DeeDeeG
Gemfile.lock: Update nokogiri and mini_portile2
8e8b932 
Update nokogiri from 1.12.5 to 1.13.3,
Update mini_portile2 from 2.6.1 to 2.8.0
@DeeDeeG
Gemfile[.lock]: Update rails and its dependencies
ff0b92a
@DeeDeeG DeeDeeG merged commit 889b921 into develop Mar 17, 2022
@DeeDeeG DeeDeeG deleted the update-deps-March-2022 branch March 17, 2022 01:46
@DeeDeeG DeeDeeG mentioned this pull request Mar 17, 2022
Merged
5 tasks
DeeDeeG added a commit that referenced this pull request Mar 28, 2022
@DeeDeeG
Release 1.20.4 (#670)
fcaf692 
* Add a blank/free-form issue template
    This is for when an issue doesn't need
    a complex explanation or rationale.

    Or when the submitter already knows what they want to put,
    and our existing, complex and lengthy template would get in the way.


* Update Dependencies for December 2021 (#668)

  - Gemfile.lock: Update nokogiri (1.11.7 to 1.12.5)
      Also update some of nokogiri's dependencies,
      specifically `mini_portile2` and `racc`.

  - Gemfile.lock: Update puma (5.3.2 to 5.5.2)
      Also update puma's dependency nio4r (2.5.7 to 2.5.8).

  - Gemfile[.lock]: Update better_errors 2.4 to 2.9.1
      Also update better_errors' dependency coderay (1.1.2 to 1.1.3).

  - yarn.lock: Update tar (6.1.7 to 6.1.11)

  - deps: Resolve ansi-regex to "^5.0.1"

  - deps: Resolve ansi-html to ansi-html-community
      Pin to an exact version, 0.0.8, which I have personally verified
      only contains the desired change, plus package.json metadata changes
      and updates to README.md.

      (Pinning means we don't have to trust the independent GitHub user
      who published the fork, just the content of the patch.)

      One can do the following commands to download and inspect the contents
      of the packages themselves, as hosted on the npm package registry...
      - `npm pack ansi-html@0.0.7`
      - `npm pack ansi-html-community@0.0.8`
      Then extract the tarballs and compare the content.

      See the following for details of the fork and why it was made:
      - github.com/Tjatse[slash]ansi-html/issues/19
      - github.com/Tjatse[slash]ansi-html/issues/19#issuecomment-913119841

  - deps: Resolve nth-check to 2.0.1

  - ruby: Update Ruby version from 2.7.4 to 2.7.5

  - deps: Update swagger-ui from 3.25.0 to 4.1.3


* Update Dependencies for mid March 2022 (#669)

  - yarn.lock: Update follow-redirects
      Update follow-redirects from 1.11.0 to 1.14.8.

  - yarn.lock: Update selfsigned and node-forge
      Update selfsigned from 1.10.11 to 1.10.13
      Update node-forge from 0.10.0 to 1.2.1

  - Gemfile[.lock]: Update rails from 5.2.6 to 5.2.6.3
      Also update some of its dependencies.

  - yarn.lock: Update url-parse from 1.5.3 to 1.5.9

  - yarn.lock: Update cross-fetch and node-fetch
      Also pull in some new indirect dependencies :/ ...

  - Gemfile.lock: Update puma from 5.5.2 to 5.6.2

  - Docker: Update NodeJS version to 16.x
      This is the new default over at Heroku.

      We should start developing and testing against this version of Node,
      in order to better match how our code will run in production/
      on the real site.

      (Reminder: We can always specify a version for production,
      if we need to, with the "engines" field of the package.json file.)

      See: https://devcenter.heroku.com/articles/nodejs-support#specifying-a-node-js-version

  - yarn.lock: Update prismjs and refractor
      Update prismjs from 1.25.0 to 1.27.0
      Update refractor from 3.5.0 to 3.6.0

  - Gemfile.lock: Update nokogiri and mini_portile2
      Update nokogiri from 1.12.5 to 1.13.3,
      Update mini_portile2 from 2.6.1 to 2.8.0
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@DeeDeeG