Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Problem/Motivation
The node packages used to build the module's JavaScript haven't been updated in as many as six years. Running npm audit
lights up the screen like fireworks with vulnerability warnings.
Steps to reproduce
cd js
npm i
npm audit
Proposed resolution
- Remove unused packages.
- Replace outdated packages.
- Update all remaining dependencies.
Issue fork permissions_by_term-3425955
Show commands
Start within a Git clone of the project using the version control instructions.
Or, if you do not have SSH keys set up on git.drupalcode.org:
Comments
Comment #3
marcoliverComment #4
fathima.asmat CreditAttribution: fathima.asmat at CTI Digital commented@marcoliver, the PR looks good but just a query. is there any reason why we didn't upgrade
@babel/core
to 7.24.0 but instead 7.23.9.7.24.0
was released 7 days ago and I think the first commit on the PR was made before then?Comment #5
marcoliver@fathima.asmat Good catch, thanks! No particular reason, I just didn't see that there was an update available.
I bumped the versions once more. The JS tests are now run in the pipeline as well.
Comment #8
marcoliverThanks for testing, and thanks for José Trindade to raising this issue! Merged. Will tag a new release shortly.