Skip to content

chore(deps): Integrate dependabot suggested changes. #991

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 10 commits into from
Feb 22, 2022
Merged

chore(deps): Integrate dependabot suggested changes. #991

merged 10 commits into from
Feb 22, 2022

Conversation

@drstrangelooker
Copy link
Collaborator

@drstrangelooker drstrangelooker commented Feb 15, 2022

No description provided.

@drstrangelooker drstrangelooker mentioned this pull request Feb 15, 2022
Closed
joeldodge79
joeldodge79 previously approved these changes Feb 15, 2022
View reviewed changes
Copy link
Contributor

@joeldodge79 joeldodge79 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

sweet, thanks!

This was referenced Feb 15, 2022
Closed
Closed
@drstrangelooker drstrangelooker force-pushed the drstrangelove/dependabot-fixes branch from 5fb1a45 to 979227f Compare February 15, 2022 21:16
joeldodge79
joeldodge79 previously approved these changes Feb 15, 2022
View reviewed changes
@github-actions
Copy link
Contributor

github-actions bot commented Feb 16, 2022

Codegen Tests

    1 files    18 suites   30s ⏱️
403 tests 389 ✔️ 14 💤 0 ❌
404 runs  390 ✔️ 14 💤 0 ❌

Results for commit 71a798b.

@github-actions
Copy link
Contributor

github-actions bot commented Feb 16, 2022

APIX Tests

    1 files    78 suites   3m 35s ⏱️
313 tests 300 ✔️ 13 💤 0 ❌
329 runs  316 ✔️ 13 💤 0 ❌

Results for commit 71a798b.

@github-actions
Copy link
Contributor

github-actions bot commented Feb 16, 2022

Typescript Tests

    7 files    76 suites   4m 11s ⏱️
169 tests 165 ✔️   4 💤 0 ❌
588 runs  572 ✔️ 16 💤 0 ❌

Results for commit 71a798b.

joeldodge79
joeldodge79 reviewed Feb 17, 2022
View reviewed changes
Copy link
Contributor

@joeldodge79 joeldodge79 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Gonna add @bryans99 because this just got beyond my currently available JS/TS skills

@joeldodge79 joeldodge79 requested a review from bryans99 February 17, 2022 00:30
bryans99
bryans99 reviewed Feb 17, 2022
View reviewed changes
@joeldodge79
Copy link
Contributor

joeldodge79 commented Feb 18, 2022

Once this PR is merged, does that mean that yarn.lock will NOT show up as a modified file after a yarn install or yarn build - currently it does and that's borking the package publishing step. So I'd like to hold off on the 22.2 release till we resolve that

@drstrangelooker
Copy link
Collaborator Author

drstrangelooker commented Feb 22, 2022

That should be the case. Yarn.lock should not change.

drstrangelooker
drstrangelooker commented Feb 22, 2022
View reviewed changes
Copy link
Collaborator Author

@drstrangelooker drstrangelooker left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM but I can't approve my own changes. Pulled and reran yarn with no changes to yarn.lock, so it should be ok.

bryans99
bryans99 reviewed Feb 22, 2022
View reviewed changes
examples/access-token-server/package.json
"typescript": "^4.4.3"
},
"resolutions": {
"**/node-fetch": "2.6.7",
Copy link
Collaborator

@bryans99 bryans99 Feb 22, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is node-fetch needed here?

Copy link
Collaborator Author

@drstrangelooker drstrangelooker Feb 22, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yes https://github.com/looker-open-source/sdk-codegen/security/dependabot/21

Copy link
Collaborator

@bryans99 bryans99 Feb 22, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry, should have been clearer. node-fetch ^2.6.7 is included as a direct dependency in package.json so I was wondering if this is needed. Will approve anyway

@drstrangelooker drstrangelooker merged commit 3de9fe1 into main Feb 22, 2022
@drstrangelooker drstrangelooker deleted the drstrangelove/dependabot-fixes branch February 22, 2022 22:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@bryans99 bryans99 bryans99 approved these changes

+1 more reviewer

@joeldodge79 joeldodge79 joeldodge79 left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@drstrangelooker @joeldodge79 @bryans99