-
Notifications
You must be signed in to change notification settings - Fork 48
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Based on node securiy feedback, update affected dependencies. #73
Conversation
Keep backing out changes 'til the build works again :( |
@pallavi2209 @iamigo This pull request is failing due to node security errors, and passing the original CI tests. Please review. |
@@ -44,7 +49,7 @@ describe('ControlledInput Test', () => { | |||
it('on input with new props, expect name and input value to be updated'); | |||
|
|||
// use ReactDOM.findDOMNode, not inputField directly, in Simulate.change | |||
it.skip('on change, input value updates to new value', () => { | |||
it('on change, input value updates to new value', () => { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
awesome!
Thanks Ian. Any comments or concerns @pallavi2209 ? |
This is one where we'll want to give it some extra diligence with manual testing in staging (esp. bulk upserts and socket.io communication) to make sure those dependency updates don't unintentionally break any of our core functionality which is harder to tease out from our unit tests. |
Got 8 security vulnerabilities down to five. The remaining security errors exist due to package minimatch in mocha (breaking changes if update), gulp, and sequelize-cli (for db migration scripts).