Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[sitecore-jss-dev-tools][sitecore-jss-cli] Replace old and security vulnerable 'request' NPM package with axios #541

Merged
merged 12 commits into from Jan 29, 2021
Merged

[sitecore-jss-dev-tools][sitecore-jss-cli] Replace old and security vulnerable 'request' NPM package with axios #541

merged 12 commits into from Jan 29, 2021

Conversation

illiakovalenko
Copy link
Contributor

@illiakovalenko illiakovalenko commented Jan 27, 2021
edited

Description

Motivation

How Has This Been Tested?

  • Some unit tests
  • Manually

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)
  • Documentation update (non-breaking change; modified files are limited to the /docs directory)

Checklist:

  • I have read the Contributing guide.
  • My code follows the code style of this project.
  • My code/comments/docs fully adhere to the Code of Conduct.
  • My change is a code change and it requires an update to the documentation.
  • My change is a documentation change and it requires an update to the navigation.

ambrauer
ambrauer requested changes Jan 27, 2021
View reviewed changes
Copy link
Contributor

@ambrauer ambrauer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great. Think we need to upgrade the other packages' axios versions (see comment), but otherwise just a couple other minor comments.

packages/sitecore-jss-dev-tools/package.json Show resolved Hide resolved
docs/data/routes/release-notes/en.md Outdated Show resolved Hide resolved
packages/sitecore-jss-dev-tools/src/package-deploy.ts Outdated Show resolved Hide resolved
packages/sitecore-jss-cli/src/create/create.source.github.ts Show resolved Hide resolved
@nickwesselman
Copy link
Contributor

nickwesselman commented Jan 27, 2021
edited

Hey @illiakovalenko! Can you confirm that this will work with NODE_EXTRA_CA_CERTS?

Edit: We realized later that this environment variable can't be set with dotenv anyway. I know it's not technically in scope of this, but could we potentially add our own environment variable for configuring the ca on our https agent?

https://medium.com/@jamomani/adding-trusted-ca-to-node-client-with-axios-2792024bca4
https://docs.aws.amazon.com/sdk-for-javascript/v2/developer-guide/node-registering-certs.html

cc @anastasiya29 @ambrauer

Edit again: Nevermind, let's take care of this elsewhere so you can merge.

@illiakovalenko illiakovalenko merged commit 7141d1e into dev Jan 29, 2021
@illiakovalenko illiakovalenko deleted the feature/442065 branch January 29, 2021 07:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ambrauer ambrauer ambrauer approved these changes

@anastasiya29 anastasiya29 Awaiting requested review from anastasiya29

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@illiakovalenko @nickwesselman @ambrauer