chore: upgrade cross-fetch #472
Conversation
|
Unit tests on my local machine are failing both for the main branch and for my feature branch. It doesn't look like the CI runs tests, so a human with a working unit test environment should look closer at what I have here. |
Closes facebook#471 "Security vulnerability with cross-fetch in fbjs" Bumps fbjs version to 3.0.3 to enable this change to get picked up. Signed-off-by: Lucas Gonze <lucas@gonze.com>
lucasgonze
force-pushed
the
bug-471-cross-fetch-upgrade
branch
from
194848b
to
21a2868
Compare
|
merged #470 instead since it came first. thanks for bumping this issue though! |
Totally understood. The earlier PR didn't bump the version number to enable upstream users to grab the update, though - is there another way?
|
|
3.0.3 is published now bumping the version in package.json isn't the important bit, it also has to be published to npm. we updated it and the changelog as part of the release (d7156a6). but if there was no release, users would have to grab the update with a "commit-ish" github dependency (https://docs.npmjs.com/cli/v8/configuring-npm/package-json#github-urls) which doesn't need the version to be updated |
Thanks! |
chore: upgrade cross-fetch
Closes #471 "Security vulnerability with cross-fetch in fbjs"
Signed-off-by: Lucas Gonze lucas@gonze.com