Upgrade Babel 7.23 - Githubissues

endojs / endo

Endo is a distributed secure JavaScript sandbox, based on SES

Apache License 2.0

829 stars 72 forks source link

Upgrade Babel 7.23 #1893

Closed kriskowal closed 11 months ago

kriskowal commented 11 months ago

closes: #1846

Description

This should put #1846 to bed. The latest patch releases for Babel have addressed the property override mistake observed while bundling under lockdown.

As evidence, integrating this branch into Agoric SDK https://github.com/Agoric/agoric-sdk/pull/8514 obviates the need to run the bundler with overrideTaming: severe.

Security Considerations

Scaling Considerations

Documentation Considerations

Testing Considerations

Upgrade Considerations

mhofman commented 11 months ago

Nit title: 7.23 not 2.23

kriskowal commented 11 months ago

Nit title: 7.23 not 2.23

Fixed

kriskowal commented 11 months ago

Please run a npx yarn-deduplicate

Done.

kriskowal commented 11 months ago

After dedup, the diff of the yarn.lock looks as expected. If tests pass, we should be good to go.

PS: to double check, you ran yarn install after npx yarn-deduplicate to make sure the yarn.lock was stable?

I did not and it was not stable. Please see the new commit.