Skip to content
This repository was archived by the owner on Oct 7, 2024. It is now read-only.

Migrate to Yarn v3#157

Merged
Gudahtt merged 1 commit intomainfrom
migrate-to-yarn-v3
Nov 9, 2022
Merged

Migrate to Yarn v3#157
Gudahtt merged 1 commit intomainfrom
migrate-to-yarn-v3

Conversation

@Gudahtt
Copy link
Copy Markdown
Member

@Gudahtt Gudahtt commented Nov 8, 2022

The project has been migrated to Yarn v3. The changes made have been based off of the module template. allow-scripts has been updated to the latest version as well.

@Gudahtt Gudahtt requested a review from a team as a code owner November 8, 2022 23:43
@socket-security
Copy link
Copy Markdown

socket-security bot commented Nov 8, 2022
edited
Loading

Socket Security Pull Request Report

👍 No new dependency issues detected in pull request

Pull request report summary
Issue Status
Install scripts ✅ 0 issues
Native code ✅ 0 issues
Bin script confusion ✅ 0 issues
Bin script shell injection ✅ 0 issues
Unresolved require ✅ 0 issues
Invalid package.json ✅ 0 issues
HTTP dependency ✅ 0 issues
Git dependency ✅ 0 issues
Potential typo squat ✅ 0 issues
Known Malware ✅ 0 issues
Telemetry ✅ 0 issues
Protestware/Troll package ✅ 0 issues
Bot Commands

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore foo@1.0.0 bar@2.4.2

Ignoring: keccak@3.0.2, secp256k1@4.0.3

Powered by socket.dev

@Gudahtt
Migrate to Yarn v3
492e417 
The project has been migrated to Yarn v3. The changes made have been
based off of the module template. `allow-scripts` has been updated to
the latest version as well.
@Gudahtt Gudahtt force-pushed the migrate-to-yarn-v3 branch from 7454082 to 492e417 Compare November 8, 2022 23:54
Gudahtt
Gudahtt commented Nov 8, 2022
View reviewed changes
README.md
### Setup

- Install [Node.js](https://nodejs.org) version 12
- Install [Node.js](https://nodejs.org) version 14
Copy link
Copy Markdown
Member Author

@Gudahtt Gudahtt Nov 8, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This change was unrelated; I just happened to notice that it was wrong. We forgot this when the Node.js minimum version was bumped to v14.

Gudahtt
Gudahtt commented Nov 8, 2022
View reviewed changes
package.json
"@lavamoat/preinstall-always-fail": false,
"keccak": true,
"secp256k1": true
"eth-sig-util>ethereumjs-util>keccak": false,
Copy link
Copy Markdown
Member Author

@Gudahtt Gudahtt Nov 8, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These were all true before, but seemingly they aren't needed at all for local development, so I left them disabled.

@Gudahtt
Copy link
Copy Markdown
Member Author

Gudahtt commented Nov 8, 2022

@SocketSecurity ignore keccak@3.0.2 secp256k1@4.0.3

These are false positives; these dependencies aren't actually changing in this PR. Socket is getting mislead by the lockfile version migration.

@Gudahtt Gudahtt merged commit f9d61ae into main Nov 9, 2022
@Gudahtt Gudahtt deleted the migrate-to-yarn-v3 branch November 9, 2022 00:14
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

1 more reviewer

@darkwing darkwing darkwing approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Gudahtt @darkwing