Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

1.x: Switch to vscode fork of sqlite3 #2170

Merged
merged 2 commits into from Mar 7, 2022
Merged

1.x: Switch to vscode fork of sqlite3 #2170

merged 2 commits into from Mar 7, 2022

Conversation

davidmehren
Copy link
Member

Component/Part

dependencies

Description

Microsoft maintains a fork of the sqlite3 package at
https://github.com/microsoft/vscode-node-sqlite3

Switching to that allows us to drop various very old dependencies,
removing 5 high security alerts in the process.

References:
TryGhost/node-sqlite3#1493 (comment)

Steps

  • Added implementation
  • I read the contribution documentation and
    made sure that:
    • My commits are signed-off to accept the DCO.
    • This PR targets the correct branch: master for 1.x & docs, develop for 2.x

Related Issue(s)

@davidmehren davidmehren added the type: maintenance Regular maintenance, like updating dependencies label Mar 5, 2022
@davidmehren davidmehren added this to the Next 1.x Release milestone Mar 5, 2022
@davidmehren davidmehren self-assigned this Mar 5, 2022
@davidmehren
Switch to vscode fork of sqlite3
c59a4d8 
Microsoft maintains a fork of the sqlite3 package at
https://github.com/microsoft/vscode-node-sqlite3

Switching to that allows us to drop various very old dependencies,
removing 5 high security alerts in the process.

References:
TryGhost/node-sqlite3#1493 (comment)
Signed-off-by: David Mehren <git@herrmehren.de>
@davidmehren
Remove explicit dependency resolutions
62764f3 
All our dependencies already use recent-enough
versions of these dependencies, so we don't need to override them anymore.

Signed-off-by: David Mehren <git@herrmehren.de>
@davidmehren davidmehren merged commit 99c7c01 into master Mar 7, 2022
@davidmehren davidmehren deleted the maint/master-dep-cleanup branch March 7, 2022 13:03
@ErikMichelson ErikMichelson removed this from the Next 1.x Release milestone Apr 12, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@DerMolly DerMolly DerMolly approved these changes

@ErikMichelson ErikMichelson ErikMichelson approved these changes

Assignees

@davidmehren davidmehren

Labels
type: maintenance Regular maintenance, like updating dependencies
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@davidmehren @DerMolly @ErikMichelson