amanda11
commented
3 years ago @armab @blag Don't we also need to update the dependency in package.json? It's still 6.5.3 in there?
Closed blag closed 3 years ago
amanda11
commented
3 years ago @armab @blag Don't we also need to update the dependency in package.json? It's still 6.5.3 in there?
blag
commented
3 years ago @amanda11 Good catch, I think. Dependabot doesn't seem to update package.json files at all though (#864), and neither does renovate (#865).
When I try to get yarn to update package.json itself, something goes wrong:
yarn upgrade elliptic@6.5.4
# yarn upgrade v0.24.5
# [1/4] 🔍 Resolving packages...
# warning @stackstorm/app-inquiry > cryptiles@4.1.3: This module has moved and is now available at @hapi/cryptiles. Please update your dependencies as this version is no longer maintained an may contain bugs and security issues.
# warning @stackstorm/module-api > cryptiles@4.1.3: This module has moved and is now available at @hapi/cryptiles. Please update your dependencies as this version is no longer maintained an may contain bugs and security issues.
# warning @stackstorm/app-inquiry > request@2.88.0: request has been deprecated, see https://github.com/request/request/issues/3142
# warning @stackstorm/st2-build > gulp-util@3.0.8: gulp-util is deprecated - replace it, following the guidelines at https://medium.com/gulpjs/gulp-util-ca3b1f9f9ac5
# warning @stackstorm/app-inquiry > request > har-validator@5.1.5: this library is no longer supported
# warning @stackstorm/app-inquiry > cryptiles > boom@7.3.0: This module has moved and is now available at @hapi/boom. Please update your dependencies as this version is no longer maintained an may contain bugs and security issues.
# warning @stackstorm/app-inquiry > cryptiles > boom > hoek@6.1.3: This module has moved and is now available at @hapi/hoek. Please update your dependencies as this version is no longer maintained an may contain bugs and security issues.
# [2/4] 🚚 Fetching packages...
# error eslint@6.8.0: The engine "node" is incompatible with this module. Expected version "^8.10.0 || ^10.13.0 || >=11.10.1".
# error Found incompatible module
# info Visit https://yarnpkg.com/en/docs/cli/upgrade for documentation about this command.And the same thing happens when I update package.json by hand and then run yarn install:
yarn install
# yarn install v0.24.5
# [1/4] 🔍 Resolving packages...
# warning @stackstorm/app-inquiry > cryptiles@4.1.3: This module has moved and is now available at @hapi/cryptiles. Please update your dependencies as this version is no longer maintained an may contain bugs and security issues.
# warning @stackstorm/module-api > cryptiles@4.1.3: This module has moved and is now available at @hapi/cryptiles. Please update your dependencies as this version is no longer maintained an may contain bugs and security issues.
# warning @stackstorm/app-inquiry > request@2.88.0: request has been deprecated, see https://github.com/request/request/issues/3142
# warning @stackstorm/st2-build > gulp-util@3.0.8: gulp-util is deprecated - replace it, following the guidelines at https://medium.com/gulpjs/gulp-util-ca3b1f9f9ac5
# warning @stackstorm/app-inquiry > cryptiles > boom@7.3.0: This module has moved and is now available at @hapi/boom. Please update your dependencies as this version is no longer maintained an may contain bugs and security issues.
# warning @stackstorm/app-inquiry > request > har-validator@5.1.5: this library is no longer supported
# warning @stackstorm/app-inquiry > cryptiles > boom > hoek@6.1.3: This module has moved and is now available at @hapi/hoek. Please update your dependencies as this version is no longer maintained an may contain bugs and security issues.
# [2/4] 🚚 Fetching packages...
# error eslint@6.8.0: The engine "node" is incompatible with this module. Expected version "^8.10.0 || ^10.13.0 || >=11.10.1".
# error Found incompatible module
# info Visit https://yarnpkg.com/en/docs/cli/install for documentation about this command.I'm not a JS dev, so I don't know how to fix this.
I guess I'll push my hand edited package.json and see if it breaks the tests for this?
blag
commented
3 years ago That seems to be the only thing required for the previous updates: https://github.com/StackStorm/st2web/pull/854
Note that that PR did not update yarn.lock, that was handled in https://github.com/StackStorm/st2web/pull/857.
AstraLuma
commented
3 years ago @blag
# error eslint@6.8.0: The engine "node" is incompatible with this module. Expected version "^8.10.0 || ^10.13.0 || >=11.10.1".
Sounds like you, personally, are running an old version of node.js. Double check what version you have installed?
Bumps elliptic from 6.5.3 to 6.5.4.
Signed-off-by: dependabot[bot]