You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@avro.apache.org by "ASF subversion and git services (Jira)" <ji...@apache.org> on 2022/01/24 08:55:00 UTC

[jira] [Commented] (AVRO-3317) JavaScript: Update dependencies

    [ https://issues.apache.org/jira/browse/AVRO-3317?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17480926#comment-17480926 ] 

ASF subversion and git services commented on AVRO-3317:
-------------------------------------------------------

Commit 825adb27867696d7864c3962f386f3bfb29726be in avro's branch refs/heads/branch-1.11 from Martin Grigorov
[ https://gitbox.apache.org/repos/asf?p=avro.git;h=825adb2 ]

AVRO-3317: JavaScript: Update dependencies (#1468)

* AVRO-3317: Update dependencies

Change tests style from TDD to BDD.
TDD style was failing with: "suite is not defined"
Replace Mocha's arguments with their long names.

Signed-off-by: Martin Tzvetanov Grigorov <mg...@apache.org>

* AVRO-3317: Re-generate package-lock.json

Signed-off-by: Martin Tzvetanov Grigorov <mg...@apache.org>

* AVRO-3317 JavaScript: Update dependencies

Re-generate package-lock.json with Node v12 (npm 6.14.6) to preserve
lockfileVersion=1

Signed-off-by: Martin Tzvetanov Grigorov <mg...@apache.org>

* AVRO-3317 JavaScript: Update dependencies

Run 'npm audit fix' to update some transitive dependencies.

Signed-off-by: Martin Tzvetanov Grigorov <mg...@apache.org>
(cherry picked from commit d369f4013d36492236d64670c533b8e28c8b186e)


> JavaScript: Update dependencies
> -------------------------------
>
>                 Key: AVRO-3317
>                 URL: https://issues.apache.org/jira/browse/AVRO-3317
>             Project: Apache Avro
>          Issue Type: Improvement
>          Components: javascript
>            Reporter: Martin Tzvetanov Grigorov
>            Assignee: Martin Tzvetanov Grigorov
>            Priority: Minor
>              Labels: pull-request-available
>          Time Spent: 40m
>  Remaining Estimate: 0h
>
> Dependabot created a [PR|https://github.com/apache/avro/pull/1461/files] to update Mocha to a newer version but it needs reworking of the tests from TDD style to BDD.
>  
> Also there are some more dependabot alerts about vulnerabilities in packages listed in package-lock.json: [https://github.com/apache/avro/security/dependabot]
>  
> It would be good to update all the dependencies and package-lock.json!



--
This message was sent by Atlassian Jira
(v8.20.1#820001)