Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update dependecies 02/23 #7608

Merged
merged 10 commits into from
Feb 14, 2023
Merged

Update dependecies 02/23 #7608

merged 10 commits into from
Feb 14, 2023

Conversation

tomasklim
Copy link
Member

@tomasklim tomasklim commented Feb 10, 2023
edited
Loading

Description

  • updated dependencies across monorepo, react-native should be checked by @juriczech
  • replaced dropbox patch by @ts-except-error to save time during updating
  • esbuild now cannot handle undefined env so NODE_ENV=development is set for yarn suite:dev:desktop
  • added yarn outdated plugin, it is more, its more clear than yarn interactive-tools
  • removed stringify-object lib from connect-explorer and replaced by JSON.stringify

Related Issue

https://www.notion.so/satoshilabs/Dependency-Management-1b5bf845aa1f4ca7b9d57ea9ccd3fe63?p=a64c0f8e60b54a658f13265f0db777c7&pm=c

#7614 overview of outdated libs excluding react-native for now

@socket-security
Copy link

socket-security bot commented Feb 10, 2023
edited
Loading

Socket Security Pull Request Report

👍 No new dependency issues detected in pull request

Pull request report summary
Issue Status
Install scripts ✅ 0 issues
Native code ✅ 0 issues
Bin script confusion ✅ 0 issues
Bin script shell injection ✅ 0 issues
Unresolved require ✅ 0 issues
Invalid package.json ✅ 0 issues
HTTP dependency ✅ 0 issues
Git dependency ✅ 0 issues
Potential typo squat ✅ 0 issues
Known Malware ✅ 0 issues
Telemetry ✅ 0 issues
Protestware/Troll package ✅ 0 issues
Bot Commands

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore [email protected] [email protected]

Ignoring: [email protected], [email protected], [email protected], [email protected], [email protected], @zkochan/[email protected], [email protected], [email protected]

Powered by socket.dev

@tomasklim
Copy link
Member Author

tomasklim commented Feb 13, 2023
edited
Loading

@SocketSecurity ignore [email protected]
@SocketSecurity ignore [email protected]
@SocketSecurity ignore [email protected]
@SocketSecurity ignore [email protected]
@SocketSecurity ignore [email protected]

regarding the js-yaml and @zkochan/js-yaml comment here nrwl/nx#11953 (comment)

karliatto
karliatto reviewed Feb 13, 2023
View reviewed changes
package.json
"type-fest": "2.12.2",
"bcrypto": "5.4.0",
"react": "18.2.0",
"electron": "20.3.5",
"electron": "20.3.12",
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What about updating electron to 22? #7172

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

#7626

@tomasklim
Copy link
Member Author

@SocketSecurity ignore [email protected]
@SocketSecurity ignore @zkochan/[email protected]
@SocketSecurity ignore [email protected]
@SocketSecurity ignore [email protected]

@tomasklim tomasklim mentioned this pull request Feb 13, 2023
Merged
@Nodonisko
Copy link
Contributor

Can you try to update also react-redux? Seems there are no real breaking changes for us anyway https://github.com/reduxjs/react-redux/releases/tag/v8.0.0

@tomasklim
Copy link
Member Author

@SocketSecurity ignore [email protected]
@SocketSecurity ignore [email protected]

@tomasklim tomasklim enabled auto-merge (rebase) February 14, 2023 12:48
@tomasklim tomasklim merged commit ed445ce into develop Feb 14, 2023
@tomasklim tomasklim deleted the feat/update-deps branch February 14, 2023 13:11
@tomasklim
Copy link
Member Author

Can you try to update also react-redux? Seems there are no real breaking changes for us anyway https://github.com/reduxjs/react-redux/releases/tag/v8.0.0

It actually breaks type checking. @dahaca will look into it #4651

@tsusanka tsusanka added chore dependencies Pull requests that update a dependency file and removed chore labels Mar 1, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@karliatto karliatto karliatto left review comments

@dahaca dahaca dahaca approved these changes

@Nodonisko Nodonisko Awaiting requested review from Nodonisko Nodonisko is a code owner

@szymonlesisz szymonlesisz Awaiting requested review from szymonlesisz szymonlesisz is a code owner

@marekrjpolak marekrjpolak Awaiting requested review from marekrjpolak marekrjpolak is a code owner

@mroz22 mroz22 Awaiting requested review from mroz22 mroz22 is a code owner

@matejkriz matejkriz Awaiting requested review from matejkriz matejkriz is a code owner

@andrcj andrcj Awaiting requested review from andrcj

@sime sime Awaiting requested review from sime

Assignees

@dahaca dahaca

Labels
dependencies Pull requests that update a dependency file Roadmap: Off
Projects
No open projects
Suite Pull Requests
Archived in project
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@tomasklim @Nodonisko @karliatto @dahaca @tsusanka