Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

upgrade dependencies to fix npm audit warnings #2

Merged
merged 6 commits into from
Mar 21, 2023
Merged

upgrade dependencies to fix npm audit warnings #2

merged 6 commits into from
Mar 21, 2023

Conversation

pretorh
Copy link
Owner

@pretorh pretorh commented Mar 21, 2023

replace gulp:
install latest jshint and mocha directly. add npm script to run lint. remove gulp file and dependencies (old packages. not upgrading since part of #1 is to remove)

replace request with node-fetch:
request is deprecated, and there were vulnerabilities on this. replace with node-fetch and update usage (private function only)

update nock:
fixes npm audit vulnerability

breaking change only in dev (gulp watch not replaced)

see #1

@pretorh
replace request with node-fetch@2
822f6fc 
request is deprecated, update to node-fetch (2.x only, commonjs)

update private `requestData` function to use request instead
@pretorh
setup: update mocha
68fd437 
preparation step in removing gulp
@pretorh
setup: install jshint directly, add lint npm script
18b6aba 
install latest jshint explicitly and add script to run it

can later replace/fix more lint issues

preparation step in removing gulp
@pretorh
remove gulp
c9ae038 
can use `npm run lint` to lint and `npm test` to test. this removes
watching for changes to auto lint/test

this fixes most of the critical npm vulnerabilities
@pretorh
setup: upgrade nock dev dependency
2d5d2fc
@pretorh pretorh mentioned this pull request Mar 21, 2023
Open
5 tasks
@pretorh pretorh merged commit 809ce59 into master Mar 21, 2023
@pretorh pretorh deleted the fix/upgrade-dependencies-to-fix-npm-audit-warnings branch March 21, 2023 07:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@pretorh