Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Dependency updates to fix security vulnerabilities #306

Merged
merged 7 commits into from
Jun 9, 2023

Conversation

Trickfilm400
Copy link
Contributor

@Trickfilm400 Trickfilm400 commented Jun 8, 2023

Changes

  • update superagent to latest version to fix security vulnerabilities
  • update qs and cookiejar to the latest version
  • Lock @types/superagent to 4.1.13 due to the failing typescript compiler

Notes / Questions

  • I think we should drop node < 16 support (because they are EOL) and for further dependency updates)
  • The test npm test were failing before and after the dependency updates
    • Should I provide a follow-up PR and try to fix these issues
  • Also, I didn't update all dependencies in the PR yet, because nearly all of them have breaking changes
    • Should I provide a follow-up PR and update all these dependencies?
  • I noticed, that in the ci.yml file there are some old node versions, which were scheduled for removal, but are still in there
    • Should I update them?

Issues Addressing:

This PR addresses the following issues:

This PR was inspired by #292

@keithamus
Copy link
Member

Looks like some tests were not built all that resilient 😆. Updated them to be slightly more so.

@keithamus keithamus merged commit ce9866f into chaijs:master Jun 9, 2023
@keithamus
Copy link
Member

@Trickfilm400 thats merged and released as 4.4.0. Thanks for your hard work here!

If you want to continue by updating breaking versions and dropping support for older versions, we can work together on releasing 5.0.0!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
2 participants