Bump deps #56

goto-bus-stop · 2020-06-15T10:28:32Z

just did a blanket npm update.
Should fix #55, because acorn-node 1.8 depends on acorn 7.
Finally closes #48, because this exposes the option added in browserify/static-eval#31.

archmoj · 2020-06-15T13:20:10Z

LGTM 💃

Shadowninja33 · 2021-05-25T16:25:32Z

Are there any updates on bumping the dependancies? This is currently a blocker on my team, similar to #55

ggrimsley · 2022-03-30T19:51:10Z

Hi @goto-bus-stop, is there anything I can help with to have this PR moved forward?

Edit: I looked into acorn-node@1.8.2 and I see that it depends on acorn@7.0.0, which shows a vulnerability in Snyk. There's a fixed version available: acorn@7.1.1 is clean. Upstream, acorn-node@2.0.0 and acorn-node@2.0.1 are both on acorn@7.0.0. Would myself or someone else going and opening a PR for acorn-node to use acorn@7.1.1, and then having static-module use that new acorn-node build be the best course of action?

goto-bus-stop added 4 commits June 15, 2020 12:11

Do npm update

532e459

bump static-eval

eaa38da

pass-through allowAccessToMethodsOnFunctions option

7b23e66

update tape

3c18ee1

goto-bus-stop mentioned this pull request Jun 15, 2020

Transform which ran with v1 not working with v3 #48

Open

archmoj mentioned this pull request Jun 15, 2020

Static eval bump scijs/cwise#32

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump deps #56

Bump deps #56

goto-bus-stop commented Jun 15, 2020

archmoj commented Jun 15, 2020

Shadowninja33 commented May 25, 2021 •

edited

ggrimsley commented Mar 30, 2022 •

edited

Bump deps #56

Are you sure you want to change the base?

Bump deps #56

Conversation

goto-bus-stop commented Jun 15, 2020

archmoj commented Jun 15, 2020

Shadowninja33 commented May 25, 2021 • edited

ggrimsley commented Mar 30, 2022 • edited

Shadowninja33 commented May 25, 2021 •

edited

ggrimsley commented Mar 30, 2022 •

edited