Update our package's dependencies for v4 #503
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
See https://github.com/cucumber/cucumber-js/blob/main/docs/migration.md#migrating-to-cucumber-js-7xx Only use cucumber setDefaultTimeout globally and use a shim that replicates the fix in v8 that lets you do custom timeouts more easily so we can still give enough time for steps that may need more time. Use all caps for statuses. Test screenshot step. Btw, the cucumber test output visually looks a bit different now - when a scenario passes, all the steps pass too. Sorry about the little comment changes, etc. Tried to remove a lot of those incidental unrelated changes.
- page.waitFor -> page.waitForTimeout and page.waitForSelector (Got deprication notice. See puppeteer/puppeteer#6214.) - remove removeEventListener (we'd need to change it to removeListener anyway - v4.0.0 and see https://github.com/puppeteer/puppeteer/blob/main/docs/api.md#eventemitterremovelistenerevent-handler). For now we'll count on page close taking care of it, just in case removing it would prevent multiple-file-downloads.
plocket
commented
Feb 16, 2022
plocket
commented
Feb 16, 2022
| "cucumber": "^6.0.5", | ||
| "docassemble-cucumber": "^3.0.0" | ||
| "colors": "1.4.0", | ||
| "@cucumber/cucumber": "^7.3.2", |
There was a problem hiding this comment.
Freeze these for security. [This may be put into a separate issue.] #518
plocket
commented
Feb 16, 2022
| "docassemble-cucumber": "^3.0.0" | ||
| "colors": "1.4.0", | ||
| "@cucumber/cucumber": "^7.3.2", | ||
| "docassemble-cucumber": "^4.0.0" |
There was a problem hiding this comment.
Freeze this for security, but we'll have to update this every time we publish something new. [This may be put into a separate issue.] #518
plocket
commented
Feb 16, 2022
Comment on lines
+37
to
46
| "@cucumber/cucumber": "^7.3.2", | ||
| "axios": "^0.24.0", | ||
| "chai": "^4.2.0", | ||
| "cheerio": "^1.0.0-rc.5", | ||
| "cucumber": "^6.0.5", | ||
| "dotenv": "^8.2.0", | ||
| "mocha": "^7.2.0", | ||
| "puppeteer": "^3.1.0", | ||
| "mocha": "^9.2.0", | ||
| "puppeteer": "^13.1.3", | ||
| "qs": "^6.10.2", | ||
| "sanitize-filename": "^1.6.3", | ||
| "uuid": "^8.3.2" |
There was a problem hiding this comment.
Freeze these. Maybe new issue? [#518]
plocket
commented
Feb 16, 2022
|
Ready for updated review @BryceStevenWilley . Patch freezing will be for issue #518. |
BryceStevenWilley
approved these changes
Feb 17, 2022
This was referenced Feb 17, 2022
plocket
added a commit
that referenced
this pull request
Mar 2, 2022
Created log.txt and git hub artifact for reports. Closes #466. * add log.txt for report messages * create artifact for logs * Update changelog * Update our package's dependencies for v4 (#503) I'm thinking this is just going to be for v4. Not bothering with this for v3 unless we absolutely have to since none of the vulnerabilities are severe. My current rationale is that the more work we do to maintain 3, the less work we can do getting v4 ready for release. Ready to hear opinions. - Close #164, update cucumber to v7 - Prepare for v8 of cucumber because I won't remember it later - Close #394, update puppeteer - Update our version of node (and that of our action that we'll run for other people's libs). [Addresses #393 so we can use the suffolk npm org package.] - Use `npm audit` to fix the remaining vulnerabilities (now 0) - [Remove package.json as discussed in #489 to align our tests' behaviors with those of our users.] * Update action.yml node to v17 * Update from cucumber v6 to v7. See details. See https://github.com/cucumber/cucumber-js/blob/main/docs/migration.md#migrating-to-cucumber-js-7xx Only use cucumber setDefaultTimeout globally and use a shim that replicates the fix in v8 that lets you do custom timeouts more easily so we can still give enough time for steps that may need more time. Use all caps for statuses. Test screenshot step. Btw, the cucumber test output visually looks a bit different now - when a scenario passes, all the steps pass too. Sorry about the little comment changes, etc. Tried to remove a lot of those incidental unrelated changes. * Update puppeteer to latest (13). See details below. - page.waitFor -> page.waitForTimeout and page.waitForSelector (Got deprication notice. See puppeteer/puppeteer#6214.) - remove removeEventListener (we'd need to change it to removeListener anyway - v4.0.0 and see https://github.com/puppeteer/puppeteer/blob/main/docs/api.md#eventemitterremovelistenerevent-handler). For now we'll count on page close taking care of it, just in case removing it would prevent multiple-file-downloads. * Update GitHub worflow node version, tweak changelog item order * Fix npm audit vulnerabilities and update action.yml cucumber * Pin the colors lib in action.yml * Remove package-lock.json #489, use kiln v4 for users, CHANGELOG * Fix custom timeout, remove duplicate report entry, as per review * Allow a developer to wait as a first Step v4. #387. Add test. (#506) Closes #387. Also, generally adds safety measures for when page does not exist. Very similar to PR #459, but moving the responsibility down to a spot that most functions make use of, meaning that it'll be applied to a lot more cases. They mostly won't need it, but it might still be worth being more comprehensive. * Allow a developer to wait as a first Step v4. #387. Add test. Will be able to close once we've added this as an establishing step (in addition to it being a regular step). Also, generally adds safety measures for when page does not exist. * Add test Co-authored-by: Bryce Willey <Bryce.Steven.Willey@gmail.com> Co-authored-by: Bryce Willey <Bryce.Steven.Willey@gmail.com> * add log to gitnore and cleanup console.logs and typos * add empty string to file Co-authored-by: plocket <52798256+plocket@users.noreply.github.com> Co-authored-by: Bryce Willey <Bryce.Steven.Willey@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
[This is fairly complex to match up with the changes in our dependencies.]
I'm thinking this is just going to be for v4. Not bothering with this for v3 unless we absolutely have to since none of the vulnerabilities are severe. My current rationale is that the more work we do to maintain 3, the less work we can do getting v4 ready for release. Ready to hear opinions.
npm auditto fix the remaining vulnerabilities (now 0)