Update dependencies [#3201161]

update pacakge dependencies

solves security advisory https://www.npmjs.com/advisories/1623

Package           Current  Wanted   Latest  Location                       Depended by
@esm-bundle/chai    4.1.5   4.3.0    4.3.0  node_modules/@esm-bundle/chai  once
@web/test-runner   0.9.13  0.9.13  0.12.15  node_modules/@web/test-runner  once
eslint             7.18.0  7.21.0   7.21.0  node_modules/eslint            once
rollup             2.38.1  2.40.0   2.40.0  node_modules/rollup            once

Issue fork once-3201161

Show commands

Start within a Git clone of the project using the version control instructions.

Add & fetch this issue fork’s repository

Or, if you do not have SSH keys set up on git.drupalcode.org:

Add & fetch this issue fork’s repository

3201161-security changes, plain diff MR !19
Check out this branch for the first time

Check out existing branch, if you already have it locally
3201161-update changes, plain diff MR !15
Check out this branch for the first time

Check out existing branch, if you already have it locally

About issue forks

Comments

Comment #1

2 March 2021 at 10:50

nod_ created an issue. See original summary.

Comment #2

2 March 2021 at 11:02

nod_ opened merge request !15

Comment #3

nod_

French

Lille

commented 2 March 2021 at 11:03

Issue summary:	View changes
Status:	Active	» Needs review

Comment #4

justafish

she/her

English

London, UK

commented 2 March 2021 at 17:25

Status:

Needs review

» Reviewed & tested by the community

Comment #5

2 March 2021 at 17:35

justafish committed afbeb06 on 1.0.x authored by nod_
```
Resolve #3201161 "Update"
```

Comment #6

nod_

French

Lille

commented 2 March 2021 at 17:40

Status:

Reviewed & tested by the community

» Fixed

Comment #7

justafish

she/her

English

London, UK

commented 3 March 2021 at 11:27

Status:

Fixed

» Needs review

I'm still seeing vulnerabilities reported at https://git.drupalcode.org/project/once/-/security/vulnerability_report

Comment #8

nod_

French

Lille

commented 3 March 2021 at 11:34

umm we don't seem to need @esm-bundle/chai, so that's one down

Comment #9

3 March 2021 at 11:48

nod_ opened merge request !19

Comment #10

nod_

French

Lille

commented 3 March 2021 at 11:51

seems to do the trick https://git.drupalcode.org/project/once/-/pipelines/127/security

Comment #11

3 March 2021 at 14:45

justafish committed cef2ac8 on 1.0.x authored by nod_
```
Issue #3201161: update dependencies
```

Comment #12

nod_

French

Lille

commented 3 March 2021 at 15:05

alerts still things showing up on the report https://git.drupalcode.org/project/once/-/security/vulnerability_report but everything is up to date (on our side) might need to contribute upstream but I don't think we can do much more from here.

Comment #13

justafish

she/her

English

London, UK

commented 3 March 2021 at 19:10

Status:

Needs review

» Fixed

The report is clear now

Comment #14

17 March 2021 at 19:14

Status:

Fixed

» Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.

Update dependencies

Issue fork once-3201161

Comments

Comment #1

Comment #2

Comment #3

Comment #4

Comment #5

Comment #6

Comment #7

Comment #8

Comment #9

Comment #10

Comment #11

Comment #12

Comment #13

Comment #14

News items

Our community

Documentation

Drupal code base

Governance of community