Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

core(deps): GITHUB-1972 bump yup to 1.1.1 #1972

Merged
merged 1 commit into from
Jul 5, 2023
Merged

core(deps): GITHUB-1972 bump yup to 1.1.1 #1972

merged 1 commit into from
Jul 5, 2023

Conversation

quad
Copy link
Contributor

@quad quad commented May 10, 2023
edited
Loading

Closes: #1153

What?

  • Bumps yup to 1.1.1.
  • Make the previously implicit dependency on regenerator-runtime explicit

Why?

Testing / Proof

  • ✅ Tests pass

@bigcommerce/checkout @bigcommerce/payments

@quad quad force-pushed the patch-1 branch 2 times, most recently from b48f6d9 to 9e8ed9e Compare May 10, 2023 01:06
@quad quad changed the title Bump yup to 1.1.1 core(deps): bump yup to 1.1.1 May 10, 2023
@quad quad force-pushed the patch-1 branch 3 times, most recently from c91034e to a1aeeed Compare May 10, 2023 02:13
@quad quad marked this pull request as ready for review May 10, 2023 02:15
@quad quad requested a review from a team as a code owner May 10, 2023 02:15
@quad quad force-pushed the patch-1 branch 7 times, most recently from a1e1362 to 37399c4 Compare May 10, 2023 04:13
@quad quad changed the title core(deps): bump yup to 1.1.1 core(deps): GITHUB-1972 bump yup to 1.1.1 May 10, 2023
@quad quad mentioned this pull request May 10, 2023
Closed
@quad
Copy link
Contributor Author

quad commented May 12, 2023

@mauricio-sg @bc-nick 🙏

@quad
Copy link
Contributor Author

quad commented May 26, 2023

@bc-sebastianszafraniec 🙏

animesh1987
animesh1987 reviewed Jun 16, 2023
View reviewed changes
package.json Outdated
@@ -72,11 +71,12 @@
"lodash": "^4.17.15",
"messageformat": "^2.3.0",
"query-string": "^7.1.1",
"regenerator-runtime": "^0.13.3",
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey @quad can see you have added regenerator-runtime and removed @types/yup? Any specific reason to do so?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

bc-peng
bc-peng reviewed Jun 16, 2023
View reviewed changes
package.json
@@ -63,7 +63,6 @@
"@types/iframe-resizer": "^3.5.9",
"@types/reselect": "^2.2.0",
"@types/shallowequal": "^1.1.1",
"@types/yup": "^0.26.24",
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we be certain that we don't require this type?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

From https://www.npmjs.com/package/@types/yup:

This package has been deprecated

This is a stub types definition. yup provides its own type definitions, so you do not need this installed.

animesh1987
animesh1987 reviewed Jun 16, 2023
View reviewed changes
Copy link
Contributor

@animesh1987 animesh1987 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey @quad thanks for raising this, sorry we couldn't get to this earlier. Have left a minor comment, but looks good apart from that.

@quad
Copy link
Contributor Author

quad commented Jun 20, 2023

Hey @quad thanks for raising this, sorry we couldn't get to this earlier. Have left a minor comment, but looks good apart from that.

Hey @animesh1987, I've replied to the comments!

@quad quad force-pushed the patch-1 branch 2 times, most recently from 2130ecb to 03e87a9 Compare June 22, 2023 07:06
@quad quad requested review from bc-peng and animesh1987 June 22, 2023 07:21
@animesh1987
Copy link
Contributor

Thanks @quad for updating this, leave it with us and we will merge it next week.

@mcharles-square
Copy link

mcharles-square commented Jul 5, 2023
edited
Loading

@animesh1987 Any update on merging?

@animesh1987 animesh1987 merged commit c6b8fee into bigcommerce:master Jul 5, 2023
@mcharles-square
Copy link

Thanks @animesh1987 ! Are changes published to npm automatically or is there another process for publishing?

@animesh1987
Copy link
Contributor

Hey @mcharles-square the changes are published automatically, I have just released the latest version. The changes should be available in v 1.398.1+.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@animesh1987 animesh1987 animesh1987 approved these changes

@bc-peng bc-peng Awaiting requested review from bc-peng

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Upgrade yup dependecy to resolve npm vulnerability
4 participants
@quad @animesh1987 @mcharles-square @bc-peng