Skip to content

2.0.2 #104

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 11 commits into from
May 24, 2018
Merged

2.0.2 #104

merged 11 commits into from
May 24, 2018

Conversation

tylerbrandt
Copy link
Contributor

No description provided.

mfahadahmed and others added 7 commits April 18, 2018 10:47
@mfahadahmed @mikeproeng37
Added unit tests for invalid types in User-Id validation. (#90)
d9c5ada
@mfahadahmed @mikeproeng37
Input validation in Activate, Track and GetVariation methods. (#91)
7988063
chore(ci): replace node target with v9/v10.0 (#101)
ba57b53 
Travis is erroring ([example](https://travis-ci.org/optimizely/javascript-sdk/jobs/380942404)) when the "node" or "10" target is given, but the tests are passing with node 10 (at least on my machine). Update "node" targets to "9"/"10.0" until this is resolved.

```
$ node --version
v10.0.0
$ npm run test-travis

> @optimizely/optimizely-sdk@2.0.1 test-travis /Users/tbrandt/optly/Projects/javascript-sdk/packages/optimizely-sdk
> npm run test && grunt
...
  362 passing (653ms)
```

Mitigation for #102
chore: add package-lock.json (#100)
149fada
Fix vulnerabilities by removing request dependency (#98)
449849c 
Summary:
[`srcclr`](https://optimizely.sourceclear.io/teams/3OOu2k/scans/3772139?login=saml) flags `request` and some of its transitive dependencies as vulnerable. Since we are only barely using it, we can switch to the native node modules `http`/`https` instead. The result is a [clean run](https://optimizely.sourceclear.io/teams/3OOu2k/scans/3772270?login=saml).
```
$ srcclr scan .
SourceClear scanning engine ready
Running the NPM scanner
Scanning completed
Found 12997 lines of code
Processing results...
Processing results complete

Summary Report
Scan ID                                   614c7376-d1ae-4d77-ad5f-3078f6a17917
Scan Date & Time                          May 16 2018 04:26PM PDT
Account type                              PRO
Scan engine                               2.14.7 (latest 2.14.7)
Analysis time                             12 seconds
User                                      tbrandt
Project                                   /Users/tbrandt/optly/Projects/javascript-sdk/packages/optimizely-sdk
Package Manager(s)                        NPM

Open-Source Libraries
Total Libraries                           5
Direct Libraries                          5
Transitive Libraries                      0
Vulnerable Libraries                      0
Third Party Code                          77.4%

Security
With Vulnerable Methods                   0
High Risk Vulnerabilities                 0
Medium Risk Vulnerabilities               0
Low Risk Vulnerabilities                  0

Licenses
Unique Library Licenses                   3
Libraries Using GPL                       0
Libraries With No License                 1
Libraries With Multiple Licenses          1

Full Report Details                       https://optimizely.sourceclear.io/teams/3OOu2k/scans/3772270?login=saml
```

Also add srcclr.yml with `scope: production` so we can scan more easily in the correct way.

Test Plan: Existing automated tests

Reviewers: matt.carroll, ola.nordstrom, michael.hood, ali, greeshma

Reviewed By: ali, greeshma

JIRA Issues: OASIS-2776

Differential Revision: https://phabricator.optimizely.com/D19829
2.0.2-beta
d297dde
Merge branch 'master' into release-2.0.2-beta
31736c7
@tylerbrandt tylerbrandt requested a review from mikeproeng37 May 22, 2018 00:09
mikeproeng37
mikeproeng37 approved these changes May 22, 2018
View reviewed changes
Copy link
Contributor

@mikeproeng37 mikeproeng37 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Lgtm. Can you also put an entry in the changelog about the fix

@tylerbrandt tylerbrandt changed the base branch from master to 2.0.x May 24, 2018 21:52
@tylerbrandt tylerbrandt changed the title 2.0.2-beta 2.0.2 May 24, 2018
@mikeproeng37
Copy link
Contributor

Still looks good

@tylerbrandt
Copy link
Contributor Author

Travis won't run on this PR because the "into" branch is 2.0.x

@tylerbrandt tylerbrandt merged commit ef6f7dc into 2.0.x May 24, 2018
@tylerbrandt tylerbrandt deleted the release-2.0.2-beta branch May 24, 2018 22:33
tylerbrandt pushed a commit that referenced this pull request May 24, 2018
2.0.2 (#104) (#105)
825ca23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mikeproeng37 mikeproeng37 mikeproeng37 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@tylerbrandt @mikeproeng37 @mfahadahmed