chore: upgrade to typescript 4.8

[candrews]

• Follows CONTRIBUTING rules

What does this PR do?

Upgrade typescript from 3.9.10 to 4.8.3

Includes necessary upgrades to these packages as well: @typescript-eslint/eslint-plugin
@typescript-eslint/parser
eslint
eslint-config-prettier
eslint-plugin-jest
jest
tap
ts-jest
ts-loader
ts-node

Where should the reviewer start?

There's no functional change here. The only changes made are the results newly identified issues from the upgraded typescript and eslint.

How should this be manually tested?

Run snyk :)

Any background context you want to provide?

Using the latest versions of dependencies is a general best practice for a number of reasons.

My primary motivation here is that I want to add a feature to snyk cli (for which I will submit a pull request in the future) that uses a dependency that's written in Typescript 4.8, and Typescript 3.9 (which snyk cli currently uses) cannot compile against it.

What are the relevant tickets?

Screenshots

Additional questions

[CLAassistant]

All committers have signed the CLA.

[candrews]

@magdziarek could you please take a look? Thank you!

[candrews]

I just rebased this again...

@novalex thank you for the approval!

@teodora-sandu @jonathansantilli @admons @tonidevine1 and anyone else - Is there anything I can do to move this along?

[PeterSchafer]

Dear @candrews,
thank you very much for your contribution. We have reviewed your changes and they generally look good. Unfortunately they cause tests to fail.
You should be able to reproduce this by running npm run test while some tests might locally fail due to missing dependencies, some failures are related to the changes in the PR itself.
Thanks again!

[candrews]

Thanks for this information and for enabling workflows! I'll get right on figuring out and addressing these issues.

[candrews]

@PeterSchafer I've updated this PR - all failures have been fixed.

When I run npm test now, I get the same result as when I run npm test against master, which is that these 4 tests fail:

Summary of all failing tests
 FAIL  test/jest/unit/lib/ecosystems/resolve-test-facts.spec.ts
  ● resolve and test facts › successfully resolving and testing file-signatures fact for c/c++ projects with new unmanaged service

    getaddrinfo ENOTFOUND api.example.com



  ● resolve and test facts › failed resolving and testing file-signatures since createDepGraph throws exception with new unmanaged service

    getaddrinfo ENOTFOUND api.example.com



  ● resolve and test facts › failed resolving and testing file-signatures since getDepGraph throws exception with new unmanaged service

    getaddrinfo ENOTFOUND api.example.com



  ● resolve and test facts › failed resolving and testing file-signatures since getIssues throws exception with new unmanaged service

    getaddrinfo ENOTFOUND api.example.com

Thank you again for taking a look, approving the workflow, and providing feedback. I believe your concerns have now been addressed, so hopefully this is now ready to merge.

[candrews]

@PeterSchafer I updated this PR fixing the error in test/jest/acceptance/config.spec.ts that the test_and_release workflow discovered (npm test didn't report this error, so I didn't know about it 🤷). I also rebased it against master and resolved conflicts.

[PeterSchafer]

@candrews Thanks for the additional changes. I just triggered test_and_release again and it continues to fail. First because of a linting issue, second due to other tests still failing. Could you please run npm run format before a commit.
The failing tests should be reproducible when running the individual test targets like npm run test:unit. I hope this helps.

[candrews]

Could you please run npm run format before a commit.

I'm sorry I forgot to do that :(

The failing tests should be reproducible when running the individual test targets like npm run test:unit.

I fixed the "tap" test compilation errors. I get failures in the tests themselves, but I'm hoping that's due to my system's setup and that they pass when run in the workflow environment.

The node 12 tests is failing because Typescript no longer Node 12. Node 12 has been end of life and out of support since 30 Apr 2022 (5 months ago). Therefore I suggest Snyk stop running tests with it; I've added a commit to do so.

I don't know why the 2 windows tests, v2 / Jest Acceptance Tests (windows/amd64) and Acceptance Tests (snyk-win.exe), are failing. The tests don't have any output that indicates what the problem is. If you give me some hints as to what the problem is or how I can reproduce it, I'd be happy to do my best to fix it.

[candrews]

I found (and fixed) more race conditions in the tap tests. Can you please run the workflow so can I see if there's anything else wrong?

I continue to not know why the Windows tests faill; I am eager to get whatever information you can share about them.

[candrews]

**code/snyk (Snyk Internal (Org)) ** — 9 new Code Analysis issues found Details

I have no idea what this means. And the link goes to an access denied page.

[novalex]

I have no idea what this means. And the link goes to an access denied page.

That is a check for newly introduced vulnerabilities, but the 9 detected issues are just because of the test file changes and not actually new issues so have bypassed it.

[candrews]

I broke this PR up into a few smaller ones that are easier to review in hope of making at least some progress 🤞

[ipapast]

is this PR still relevant @candrews? or can we close it?

[candrews]

It's still relevant. Snyk's typescript dependency is still out of date and per Snyk's own documentation, having out of date dependencies is problematic for maintainbility as well as security.

[ipapast]

It's still relevant. Snyk's typescript dependency is still out of date and per Snyk's own documentation, having out of date dependencies is problematic for maintainbility as well as security.

okay then, I thought this would be done in more, smaller PRs from the comment here #3875 (comment)

[candrews]

I'd love to get this done in whatever works for Snyk - big PR or small PRs, whatever we can actually do to make progress would be great from my perspective.

If Snyk wants to do smaller PRs, can the workflows please be run for them, and then we can merge them? #4147 might be a nice starting point.

[ipapast]

I'd love to get this done in whatever works for Snyk - big PR or small PRs, whatever we can actually do to make progress would be great from my perspective.

If Snyk wants to do smaller PRs, can the workflows please be run for them, and then we can merge them? #4147 might be a nice starting point.

no problem by me, I was only going through the pull request reviews pending, and noticed the comment I mentioned. feel free to work in any way you prefer :)

[thisislawatts]

This upgrade has now been implemented as part of #5046