joeldenning
commented
1 week ago Thanks for your contribution. This caused a regression bug for Azure Storage users in https://github.com/single-spa/import-map-deployer/issues/167 that was fixed in #168
Closed lhtdesignde closed 3 weeks ago
joeldenning
commented
1 week ago Thanks for your contribution. This caused a regression bug for Azure Storage users in https://github.com/single-spa/import-map-deployer/issues/167 that was fixed in #168
lhtdesignde
commented
1 week ago @joeldenning Thanks for fixing that. I looked into upgrading Azure Storage package as well but as soon as I did that, all tests were failing locally. So I didn't. It was a fairly big update with node 20 and I tried to make sure to look into all packages. Azure Storage didn't mention that the current version would not work with node 20 and all tests passed with the version used here. Just to give you my thought process. Happy to help if there is another need in the future.
joeldenning
commented
4 days ago It was an easy thing to miss - testing all the io-methods manually is arduous. The tests failed for me, too, after upgrading @azure/storage-blob, but since the tests don't actually execute azure storage code (just import it), I was able to work around it via jest's moduleNameMapper mocking to an empty module
Hi,
the import-map-deployer has a critical vulnerability (openssl:3.0.8-r3/CVE-2023-5363) by using an old node version (14).
So I upgraded to the latest LTS Node Version (20) and did some minor package updates, which also fix some vulnerabilities. The most vulnerabilities are in
jestthough. At least 13 critical ones but upgrading that breaks the tests, so I left it for now.Also the package
requestis deprecated and needs replacing.huskyfixes (didn't run pre-commit for me)The PR addresses also following issues: https://github.com/single-spa/import-map-deployer/issues/157 https://github.com/single-spa/import-map-deployer/issues/164