Skip to content
This repository has been archived by the owner on Jun 16, 2023. It is now read-only.

Update some packages. #98

Merged
merged 1 commit into from
May 10, 2019
Merged

Update some packages. #98

merged 1 commit into from
May 10, 2019

Conversation

sp1tz
Copy link
Contributor

@sp1tz sp1tz commented May 10, 2019

@sp1tz sp1tz self-assigned this May 10, 2019
sp1tz
sp1tz commented May 10, 2019
View reviewed changes
frontend/package.json
@@ -11,7 +11,7 @@
"@types/react": "^16.4.7",
"@types/react-dom": "^16.0.6",
"babel-traverse": "^6.26.0",
"console-feed": "^2.8.3",
"console-feed": "2.8.3",
Copy link
Contributor Author

@sp1tz sp1tz May 10, 2019
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nested dependency needed to be upgraded due to security vulnerability. There's not an easy way to do this with yarn currently, since we can't update beyond 2.8.3 for console-feed. Although, npm has this support.

I deleted the dependency, removed all the associated packages, replaced this specific version, and finally reinstalled what was needed. This updated the sub-dependencies as permitted, w/o changing console-feed.

@sp1tz sp1tz marked this pull request as ready for review May 10, 2019 04:20
@arjunguha arjunguha merged commit 36cf1a9 into master May 10, 2019
@arjunguha arjunguha deleted the bump-versions branch May 10, 2019 14:03
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@lchsam lchsam Awaiting requested review from lchsam

@arjunguha arjunguha Awaiting requested review from arjunguha

@joydeep-b joydeep-b Awaiting requested review from joydeep-b

Assignees

@sp1tz sp1tz

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@sp1tz @arjunguha