search

warrenday / graphql-network-inspector

A better network inspector for viewing and debugging GraphQL requests.
MIT License
466 stars 46 forks source link

Update packages 1 #48

Closed christo8989 closed 2 years ago

christo8989 commented 2 years ago

No functional changes to the code. Updated packages and added more checks to the pipeline (if that's okay).

Some packages are left on previous versions due to react-scripts. To see the list, run yarn outdated.

Changes to take note of...

  1. Use lts node version via .nvmrc (nvm install && nvm use)
  2. Added check-types and lint.
  3. Updated react and removed the unnecessary imports.

Side note. I wanted to add yarn audit --groups dependencies to the checks but the react-code-block package has vulnerabilities. I don't think it matters but worth mentioning.

warrenday commented 2 years ago

We may be able to find a replacement for react-code-block and add the audit check. Definitely something worth having given the app can see network requests. Let's get this in for now then think about adding audit/replacing react-code-block later.

warrenday commented 2 years ago

Once this is merged i'll also change the required checks on the workflow pipeline to node v (16) only. The 14.4 check is now redundent.

Screenshot 2021-11-18 at 15 58 50

y

christo8989 commented 2 years ago

We may be able to find a replacement for react-code-block and add the audit check. Definitely something worth having given the app can see network requests. Let's get this in for now then think about adding audit/replacing react-code-block later.

Some of the vulnerabilities are around ddos attacks on regex which probably shouldn't effect this app. But if there's another option than sounds good. But I think no rush.