chore!: security patches and ci improvement #1487

cschanaj · 2022-08-26T14:19:32Z

BREAKING CHANGE: See cschanaj#4

security fixes with package upgrade
dropped support for node version <16
github action nodejs workflow & dependabot

Refs: ab7c53b

Refs: 05fa38f

* chore(deps): update standard from 14.3.1 to 17.0.0 * ci: run standard --fix * fix: replace unexpected var with let

Refs: 1e55d48

* ci: nodejs workflow on windows-latest * ci: use latest npm in nodejs workflow * ci: set NO_UPDATE_NOTIFIER to true * ci: update more test env * fix: npm test should extend process.env * Revert "ci: update more test env" This reverts commit 3cd55d3. * Revert "ci: set NO_UPDATE_NOTIFIER to true" This reverts commit 31bc1a2. * ci: replace windows tests on appveyor with github actions * Revert "ci: use latest npm in nodejs workflow" This reverts commit 1a9346b. * ci: remove unused travis test

* ci: run test on lts/20.x and v4 github actions * fix: use latest npm if possible * ci: drop test on node/16.x

jackbridger · 2024-01-09T14:00:24Z

Since there have been no sign of merging this PR, I published a scoped version of nyc on https://www.npmjs.com/package/@cschanaj/nyc . I will maintain this scoped package on a best-effort basis without any guarantee. Use it at your own risk.

Fwiw, I am still hoping this PR get merged, so I published my scoped version in another branch https://github.com/cschanaj/nyc/tree/%40cschanaj/nyc .

Hi @cschanaj I think this was approved. Would love to see the security patch

cschanaj and others added 30 commits August 26, 2022 22:14

revert: chore: remove package-lock.json

ab34ca8

Refs: ab7c53b

chore(deps): run npm audit fix

31500bb

chore(deps): upgrade tap and fix test script

1176f51

ci: add node.js github workflow

1c9fc3b

ci: disable npm update-notifier message

c0ad222

ci: update .github/workflows/node.js.yml

dc08e96

ci: get ride of tap deprecation warning

f4e8b72

fix: add an empty ending newline

c6e20c3

chore(deps-dev): bump deprecate package uuid@3.x

4e79f68

fix: add an empty ending newline

bfa9f22

ci: run test on node 10

96ff578

revert: ci: run test on node 10

c25dbf1

Refs: 05fa38f

chore(deps): run npm audit fix --force

f4d6f9c

ci: add .github/dependabot.yml

6e6d28c

ci: update .github/dependabot.yml

151dc1a

ci: run node workflow on node lts as well

9b827f4

chore(deps): bump istanbul-reports from 3.0.2 to 3.1.5 (#9)

c8f7efd

chore(deps): bump istanbul-lib-source-maps from 4.0.0 to 4.0.1 (#8)

88bcaa0

chore(deps): bump istanbul-lib-instrument from 4.0.3 to 5.2.0 (#7)

f32fc19

chore(deps): bump yargs from 15.3.1 to 17.5.1 (#5)

19bb979

chore(deps): update standard from 14.3.1 to 17.0.0 (#10)

63c9578

* chore(deps): update standard from 14.3.1 to 17.0.0 * ci: run standard --fix * fix: replace unexpected var with let

chore(deps): update decamelize from 1.2.0 to 5.0.1 (#11)

ea1bf96

ci: update appveyor.yml (#12)

5b22d6d

fix: update appveyor.yml (#13)

973a07b

ci: update appveyor.yml (#15)

a72306d

ci: nodejs workflow on macos-latest (#14)

a7258e3

chore(deps): bump glob from 7.1.6 to 8.0.3 (#20)

1e55d48

chore(deps): bump convert-source-map from 1.7.0 to 1.8.0 (#19)

43ee97e

chore(deps-dev): bump source-map-support from 0.5.19 to 0.5.21 (#17)

0fd7df6

revert: "chore(deps): bump glob from 7.1.6 to 8.0.3 (#20)"

6490dba

Refs: 1e55d48

cschanaj and others added 8 commits March 5, 2023 12:11

chore(deps): bump yargs from 17.7.1 to 17.7.2 (#48)

11b6844

chore(deps): bump glob from 9.1.0 to 10.2.6 (#51)

b3be4d3

chore(deps): bump rimraf from 4.1.2 to 5.0.1 (#52)

eabc98f

chore(deps-dev): bump tap from 16.3.4 to 16.3.7 (#53)

1d49bc6

chore(deps-dev): bump which from 3.0.0 to 3.0.1 (#54)

90d223e

chore(deps-dev): bump standard from 17.0.0 to 17.1.0 (#55)

92e2fed

chore(deps-dev): bump tap from 16.3.7 to 16.3.8 (#56)

8bfa79d

cschanaj changed the title ~~chore: security patches and ci improvement~~ chore!: security patches and ci improvement Aug 6, 2023

dependabot bot and others added 10 commits August 6, 2023 03:02

chore(deps): bump glob from 10.2.6 to 10.3.3 (#57)

98c6b5f

chore(deps): bump signal-exit from 3.0.7 to 4.1.0 (#58)

8f4306a

ci!: run test on node/20.x and v4 github actions (#64)

9466197

* ci: run test on lts/20.x and v4 github actions * fix: use latest npm if possible * ci: drop test on node/16.x

chore(deps): bump glob from 10.3.3 to 10.3.10 (#62)

1e0987d

chore(deps-dev): bump which from 3.0.1 to 4.0.0 (#60)

c451119

chore(deps): bump istanbul-lib-report from 3.0.0 to 3.0.1 (#59)

0a7293f

chore: github action for npm publish

59d6b91

chore!: update min node version to node/18.x

9e091d3

docs: update README.md to indicate project status

a02bafc

v17.0.0

db1c261

cschanaj force-pushed the main branch from a147919 to db1c261 Compare December 2, 2023 08:33

ci: npm publish action with node/lts

92aa807

cschanaj force-pushed the main branch from fc5f016 to 92aa807 Compare December 2, 2023 08:43

cschanaj and others added 4 commits December 2, 2023 16:44

17.0.1

6b4db61

ci: update npm-publish.yml to update npm

e3dfe34

17.0.2

334f0a1

chore(deps): bump p-map from 4.0.0 to 6.0.0 (#46)

6808e6f

cjaltic-rgare approved these changes Dec 15, 2023

View reviewed changes

dependabot bot added 2 commits February 3, 2024 04:01

chore(deps): bump p-map from 6.0.0 to 7.0.1 (#67)

dc21cdf

chore(deps): bump istanbul-lib-coverage from 3.2.0 to 3.2.2 (#69)

359234f

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore!: security patches and ci improvement #1487

chore!: security patches and ci improvement #1487

cschanaj commented Aug 26, 2022 •

edited

jackbridger commented Jan 9, 2024

chore!: security patches and ci improvement #1487

Are you sure you want to change the base?

chore!: security patches and ci improvement #1487

Conversation

cschanaj commented Aug 26, 2022 • edited

jackbridger commented Jan 9, 2024

cschanaj commented Aug 26, 2022 •

edited