Skip to content

Upgrade 2.x deps#287

Closed
raymondfeng wants to merge 63 commits into2.x-latestfrom
upgrade-2.x-deps
Closed

Upgrade 2.x deps#287
raymondfeng wants to merge 63 commits into2.x-latestfrom
upgrade-2.x-deps

Conversation

@raymondfeng
Copy link
Copy Markdown
Member

@raymondfeng raymondfeng commented Mar 22, 2019
edited
Loading

Description

Upgrade deps to remove npm audit warnings.

Related issues

  • connect to <link_to_referenced_issue>

Checklist

  • New tests added or existing tests modified to cover all changes
  • Code conforms with the style
    guide

jannyHou and others added 30 commits May 5, 2016 17:33
@jannyHou
Add flag var lazyConnect to ds config
d334425
Merge pull request #185 from strongloop/feature/lazy-connect
defe5f4 
Add flag var lazyConnect to ds config
@rmg
update copyright notices and license
5eaa909
@bajtos
2.19.0
58d9322 
 * update copyright notices and license (Ryan Graham)
 * Add flag var lazyConnect to ds config (juehou)
@bajtos
Stop caching config files
7b226b2
@bajtos
test: fix security warning
5f5e86e 
Add a simple implementation of getRandomValues to the browser context
to get rid of the following warning:

    [SECURITY] node-uuid: crypto not usable, falling back to insecure
    Math.random()
@bajtos
travis: drop io.js, add Node v4 and v6
2457132
@bajtos
Merge pull request #196 from strongloop/fix/travis
296c385 
travis: drop io.js, add Node v4 and v6
@bajtos
Merge pull request #194 from strongloop/fix/require-cache
c2484a6 
Stop caching config files
@rmg
Update URLs in CONTRIBUTING.md (#198)
ce7fe3f
@bajtos
2.20.0
9b23e71 
 * Update URLs in CONTRIBUTING.md (#198) (Ryan Graham)
 * travis: drop io.js, add Node v4 and v6 (Miroslav Bajtoš)
 * Stop caching config files (Miroslav Bajtoš)
@bajtos
Merge pull request #195 from strongloop/fix/crypto-warning-in-tests
eb49c7a 
test: fix security warning
@ashwinik001 @bajtos
Configurable dir for components and middleware
129938b 
Add two new options `middlewareRootDir` and `componentRootDir`
allowing users to load middleware and/or components from a custom
place
@bajtos
Merge pull request #171 from dopeddude/component-and-middleware-rootp…
1382e8a 
…ath-configuration

Configurable directory for components and middleware

Close #171
@bajtos
2.21.0
8fb9f75 
 * Configurable dir for components and middleware (Doped Dude)
 * test: fix security warning (Miroslav Bajtoš)
Globalization for Loopback-boot
1121721
@davidcheung
Merge pull request #200 from strongloop/globalize-2.x
13a0494 
Globalize Loopback-boot
Change test cases port to be dynamic
dcc575f 
To avoid port collision when running in Jenkins
@davidcheung
Merge pull request #205 from strongloop/indepdent-port
e68502a 
Change test cases port to be dynamic
@jskrzypek @bajtos
Replace fs.existsSync calls with fs.statSync
09c3f83
@bajtos
Merge pull request #204 from jskrzypek/replace-exists-sync
5311295 
Replace fs.existsSync calls with wrapped fs.statSync

Close #204
@bajtos
2.22.0
d2c55e7 
 * Replace fs.existsSync calls with fs.statSync (Joshua Estrin Skrzypek)
 * Change test cases port to be dynamic (David Cheung)
 * Globalization for Loopback-boot (David Cheung)
@bajtos
Normalize line endings to support both LF and CRLF
efea20f 
This should fix build failures on Windows caused by line-ending
mismatch.
@bajtos
Merge pull request #217 from strongloop/fix-ci-windows
eeea74e 
Normalize line endings to support both LF and CRLF [2.x]
@bajtos
Fix resolution of middleware modules
d2d9e87 
Fix the code loading "loopback#errorhandler" (for example) to correctly
look up the "loopback" module in node_modules of the bootstrapped
application, instead of looking it up in node_modules of loopback-boot.
@davidcheung
Merge pull request #222 from strongloop/fix/middleware-outside-node-m…
d9e744a 
…odules-2x

Fix resolution of middleware modules [2.x]
@bajtos
2.23.0
9cb3d06 
 * Fix resolution of middleware modules (Miroslav Bajtoš)
 * Normalize line endings to support both LF and CRLF (Miroslav Bajtoš)
@benkroeger
add support for absolute middleware paths on win32
49016b4 
uses simple regex check to test if a path matches NTFS notation
@bajtos
Fix browser tests on Node.js 0.10
67c4f1e
@bajtos
Merge pull request #244 from strongloop/fix/node-0.10-ci
cda21ea 
Fix browser tests on Node.js 0.10
bajtos and others added 24 commits June 26, 2017 15:04
@bajtos
2.25.0
6db7cad 
 * Support es2015 module exports (Babel, TypeScript) (John McLaughlin)
@dhmlau
Merge pull request #251 from strongloop/update-translations-2.x-backport
39b885f 
Update translations 2.x backport
@lehni @bajtos
Add support for ES6 style async boot scripts
5132609
@bajtos
Merge pull request #252 from lehni/feature/async-boot-scripts-2.x
7f34b0d 
Add support for ES6 style async boot scripts
@bajtos
2.26.0
fa656e4 
 * Add support for ES6 style async boot scripts (Jürg Lehni)
 * Update Italian translated strings Q2 2017 (Allen Boone)
 * Update translated strings Q2 2017 (Allen Boone)
@lehni
Do not call callbacks twice in async boot scripts
c9a1e0c 
See #252 for details
@bajtos
Merge pull request #260 from lehni/feature/async-boot-scripts-2.x
ded190e 
Do not call callbacks twice in async boot scripts
@bajtos
2.26.1
cdab45d 
 * Do not call callbacks twice in async boot scripts (Jürg Lehni)
@bajtos
Add CODEOWNERS file
e81e195
@zbarbuto
Ignore js sourcemap files from boot
3d3609d
@bajtos
Merge pull request #263 from NextFaze/fix/ignore-maps
35e6683 
Ignore js sourcemap files from boot
@bajtos
2.26.2
b668116 
 * Ignore js sourcemap files from boot (Zak Barbuto)
@bajtos
Merge pull request #265 from strongloop/chore/add-codeowners-2.x
0038e4c 
Add CODEOWNERS to 2.x branch
@bajtos
CODEOWNERS: add zbarbuto
cb5651c
@bajtos
Merge pull request #267 from strongloop/welcome-zbarbuto-2x
223a266 
CODEOWNERS: add zbarbuto
@bajtos
CODEOWNERS: move @lehni to Alumni section
ff5db96
@bajtos
Merge pull request #270 from strongloop/good-bye-lehni-2x
7156baa 
Good bye lehni 2x
@bajtos
Drop support for Node.js versions 0.10 and 0.12
b0408f2 
Some of our dependencies are no longer supporting pre-4.0 versions of
Node.js. As a result, our CI builds are failing on these platforms.

This pull request removes 0.10 and 0.12 from our Travis CI build matrix
and also adds "engines" field to package.json to tell our internal
Jenkins CI to stop testing 0.10 and 0.12 versions too.
@bajtos
Merge pull request #272 from strongloop/drop-support-node-0.x
11058e9 
Drop support for Node.js versions 0.10 and 0.12
@bajtos
2.27.0
5060032 
 * Drop support for Node.js versions 0.10 and 0.12 (Miroslav Bajtoš)
 * CODEOWNERS: move @lehni to Alumni section (Miroslav Bajtoš)
 * CODEOWNERS: add zbarbuto (Miroslav Bajtoš)
 * Add CODEOWNERS file (Miroslav Bajtoš)
@bajtos
Upgrade lodash from 3.x to 4.x
81cdf6b
@bajtos
Merge pull request #278 from strongloop/upgrade-lodash
17cbdf5 
Upgrade lodash from 3.x to 4.x
@bajtos
2.27.1
2746bf5 
 * Upgrade lodash from 3.x to 4.x (Miroslav Bajtoš)
@raymondfeng
chore: upgrade deps to fix npm audit complaints
97a0636
b-admike
b-admike reviewed Mar 22, 2019
View reviewed changes
Copy link
Copy Markdown
Member

@b-admike b-admike left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM overall, just have some questions.

test/helpers/browser.js
function createContext() {
var context = {
// required by browserify
XMLHttpRequest: function() { throw new Error('not implemented'); },
Copy link
Copy Markdown
Member

@b-admike b-admike Mar 22, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this change also associated with the upgrade?

Copy link
Copy Markdown
Member Author

@raymondfeng raymondfeng Mar 22, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes. Otherwise, it throws an error - not implemented

.npmrc
@@ -0,0 +1 @@
package-lock=true
Copy link
Copy Markdown
Member

@b-admike b-admike Mar 22, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we need to enable package-lock here? Is that something we want to do throughout our repos?

Copy link
Copy Markdown
Member Author

@raymondfeng raymondfeng Mar 22, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I enabled it to run npm audit.

@raymondfeng
Copy link
Copy Markdown
Member Author

raymondfeng commented Mar 22, 2019

FYI: I'm not sure why this PR shows 63 commits.

@raymondfeng raymondfeng mentioned this pull request Mar 22, 2019
Merged
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@b-admike b-admike b-admike left review comments

@nabdelgadir nabdelgadir nabdelgadir approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.