Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(deps): Update dependencies #360

Merged
merged 7 commits into from
Sep 5, 2020
Merged

fix(deps): Update dependencies #360

merged 7 commits into from
Sep 5, 2020

Conversation

adrienjoly
Copy link
Member

@adrienjoly adrienjoly commented Sep 5, 2020
edited
Loading

...except mongodb and algoliasearch. (because of breaking changes, to be addressed in a separate PR)

Improved security

npm install, before:

added 1280 packages from 1645 contributors and audited 1280 packages in 75.474s
found 36 vulnerabilities (30 low, 6 high)

=> after:

added 241 packages from 103 contributors, removed 176 packages, updated 150 packages, moved 25 packages and audited 1345 packages in 77.437s
found 6 vulnerabilities (5 low, 1 high)

@adrienjoly
$ npx npm-check-updates -u
717d382 
(except mongodb)
@adrienjoly adrienjoly self-assigned this Sep 5, 2020
@adrienjoly adrienjoly added dependencies Pull requests that update a dependency file security / privacy labels Sep 5, 2020
@adrienjoly adrienjoly added this to 📥 Inbox / ideas in Development via automation Sep 5, 2020
@adrienjoly adrienjoly moved this from 📥 Inbox / ideas to ⚙ In progress in Development Sep 5, 2020
@adrienjoly adrienjoly marked this pull request as ready for review September 5, 2020 13:51
@adrienjoly adrienjoly merged commit 3ad78f6 into master Sep 5, 2020
Development automation moved this from ⚙ In progress to ✔️ Done / pending QA Sep 5, 2020
@adrienjoly adrienjoly deleted the fix/deps-2020-09 branch September 5, 2020 13:52
adrienjoly pushed a commit that referenced this pull request Sep 5, 2020
@semantic-release-bot
chore(release): 1.34.20 [skip ci]
0670b66 
## [1.34.20](v1.34.19...v1.34.20) (2020-09-05)

### Bug Fixes

* **deps:** Update dependencies ([#360](#360)) ([3ad78f6](3ad78f6))
@adrienjoly adrienjoly moved this from ✔️ Done / pending QA to 🌲 In production in Development Sep 5, 2020
adrienjoly added a commit that referenced this pull request Sep 6, 2020
@adrienjoly
Merge branch 'master' into pr/agathe-vaisse/326
0304c3d 
* master: (251 commits)
  fix(logs): Remove or clarify old production + unit test logs (#365)
  chore(release): 1.35.0 [skip ci]
  feat: ⚰️ Bury collaborative playlists (never-finished feature) (#364)
  chore(release): 1.34.23 [skip ci]
  fix(logs): Reduce amount of logging in production (#363)
  chore(release): 1.34.22 [skip ci]
  fix(tests): Test avatar upload (#362)
  chore(release): 1.34.21 [skip ci]
  fix(logs): Re-import colors package, to prevent "undefined" entries in logs (#361)
  chore(release): 1.34.20 [skip ci]
  fix(deps): Update dependencies (#360)
  chore(prod): devDeps should not be installed in production fixes #256
  chore(release): 1.34.19 [skip ci]
  fix(e2e-tests): Finish migration from Webdriver to Cypress (#358)
  chore(deps): bump handlebars from 4.4.0 to 4.7.6 (#357)
  chore(deps): bump bl from 2.2.0 to 2.2.1 (#353)
  chore(release): 1.34.18 [skip ci]
  fix(css): Remove obsolete definitions (#350)
  chore(release): 1.34.17 [skip ci]
  fix(lint): Fix ESLint & Codacy issues (#348)
  ...

# Conflicts:
#	app/models/notif.js
#	test/unit/notif-tests.js
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@adrienjoly adrienjoly

Labels
dependencies Pull requests that update a dependency file security / privacy
Projects
Development
  
🌲 In production
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@adrienjoly