Upgrade outdated packages for Dependabot and fix tests so they pass #44
Conversation
| }, | ||
| "homepage": "https://github.com/niksy/node-stdlib-browser#readme" | ||
| "homepage": "https://github.com/niksy/node-stdlib-browser#readme", | ||
| "packageManager": "[email protected]+sha512.a6b2f7906b721bba3d67d4aff083df04dad64c399707841b7acf00f6b133b7ac24255f2652fa22ae3534329dc6180534e98d17432037ff6fd140556e2bb3137e" |
There was a problem hiding this comment.
Yarn added this. Happy to remove
|
|
||
| function getConfig(filename, options = {}) { | ||
| async function getConfig(filename, options = {}) { | ||
| const cpy = (await import(/* webpackChunkName: "cpy" */ 'cpy')).default; |
|
A lot of the changes are completely unrelated to updating outdated packages, and most of the updates are minor version bumps which are already covered with I would expect this contribution to cover why certain update is even needed, especially if it’s major version bump. If it’s just to update to major version but that breaks existing functionality (e.g. there’s a reason why Security fixes are usually carried down to lower versions so in most cases this can be left as-is. |
|
Hi @niksy thanks for the response.
The tests or lint weren't completing without those fixes, and husky wouldn't let me commit without both passing. Give it a try on a fresh install.
Yeah I'm not sure why I'm getting outdated patch versions then. My goal is to upgrade the dependencies to silence a few security warnings I'm getting on my own project via a transitive dependency, and most of the warnings point to this project. I figured I'd just submit a patch but like so many version upgrades, it's often not enough to just bump a version and have things running smoothly, unfortunately. Like I said, I'm happy to revert or down-scope or revert if you need. Just trying to be of assistance keeping this dep up to date. Feel free to run your project the way you like. |
2 participants
I was getting dependabot errors in my project so I wanted to upgrade the packages. That of course led to a yak-shaving exercise but thankfully the llm agent helped out.
You know the project better than I do so feel free to pull down and make changes or if you point me (and the robot) in the right direction I'm happy to update. All tests pass and I fixed 2 lint errors that were blocking commit.