Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Based on node securiy feedback, update affected dependencies. #73

Merged
merged 4 commits into from
Nov 1, 2016
Merged

Based on node securiy feedback, update affected dependencies. #73

merged 4 commits into from
Nov 1, 2016

Conversation

annyhe
Copy link
Contributor

@annyhe annyhe commented Oct 26, 2016
edited
Loading

Got 8 security vulnerabilities down to five. The remaining security errors exist due to package minimatch in mocha (breaking changes if update), gulp, and sequelize-cli (for db migration scripts).

@annyhe annyhe changed the title W-3325015 based on node securiy feedback, update affected dependencies. Based on node securiy feedback, update affected dependencies. Oct 26, 2016
@coveralls
Copy link

Coverage Status

Coverage remained the same at 83.173% when pulling 842fb1c on halfError into 95a65ed on master.

@iamigo
Copy link
Contributor

iamigo commented Oct 27, 2016

Keep backing out changes 'til the build works again :(

@coveralls
Copy link

Coverage Status

Coverage remained the same at 83.173% when pulling 51695f4 on halfError into 95a65ed on master.

@annyhe
Copy link
Contributor Author

annyhe commented Oct 27, 2016

@pallavi2209 @iamigo This pull request is failing due to node security errors, and passing the original CI tests. Please review.

iamigo
iamigo approved these changes Oct 27, 2016
View reviewed changes
tests/view/components/controlledInputTest.js
@@ -44,7 +49,7 @@ describe('ControlledInput Test', () => {
it('on input with new props, expect name and input value to be updated');

// use ReactDOM.findDOMNode, not inputField directly, in Simulate.change
it.skip('on change, input value updates to new value', () => {
it('on change, input value updates to new value', () => {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

awesome!

@annyhe
Copy link
Contributor Author

annyhe commented Oct 27, 2016

Thanks Ian. Any comments or concerns @pallavi2209 ?

@iamigo
Copy link
Contributor

iamigo commented Oct 27, 2016

This is one where we'll want to give it some extra diligence with manual testing in staging (esp. bulk upserts and socket.io communication) to make sure those dependency updates don't unintentionally break any of our core functionality which is harder to tease out from our unit tests.

@coveralls
Copy link

Coverage Status

Coverage remained the same at 83.202% when pulling 8c7f229 on halfError into 11c1b3d on master.

@pallavi2209 pallavi2209 merged commit c3bd428 into master Nov 1, 2016
@pallavi2209 pallavi2209 deleted the halfError branch November 1, 2016 22:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@iamigo iamigo iamigo approved these changes

Assignees

@iamigo iamigo

@pallavi2209 pallavi2209

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@annyhe @coveralls @iamigo @pallavi2209