-
-
Notifications
You must be signed in to change notification settings - Fork 241
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bump read-pkg to v6, make other changes for linting to pass #205
Conversation
Not sure what’s wrong, but I’m seeing this in AppVeyor:
This error does not make sense at all: |
👋 @mysticatea what are your thoughts on the failing AppVeyor? |
@mysticatea 👋🙏 |
@kachkaev There is a fork at https://github.com/bcomnes/npm-run-all2. I am myself not sure whether to use this or the forked package but it seems like the fork is well updated. Could you check if your changes in this PR are also present in that fork. Then maybe @mysticatea can get the changes from the fork. Also, @mysticatea it would be great if you went through the PRs. Or if you don't want to maintain, maybe you can deprecate this project or hand it over to another maintainer so that existing users know what to use. Looking forward to a response. |
@mysticatea 👋😅 |
I deleted the fork to clean up the list of my repos. Feel free to re-use the diff in this PR though! |
In scope:
hosted-git-info
#204 (CVE-2021-23362)require("read-pkg")
withawait import("read-pkg")
becauseread-pkg@v6
isesm-only
eslint
from^4.19.1
to^6.8.0
and replace"eslint-config-mysticatea": "^12.0.0"
with"@mysticatea/eslint-plugin": "^13.0.0"
to support syntax parsing forawait import()
npm run test
to pass (mostly to do with new ESLint rules)Out of scope
Bump more deps to fix all dev package vulnerabilities. There are still quite a few:
npm audit # found 173 vulnerabilities (118 low, 1 moderate, 53 high, 1 critical) in 659 scanned packages
npm audit --prod # found 0 vulnerabilities
Breaking
Node versions in
packge.json
engines is now:^12.17 || >= 14
(was>= 4
)