Skip to content

Update JS dependencies, remove eslint-plugin-github #18317

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Jan 18, 2022
Merged

Update JS dependencies, remove eslint-plugin-github #18317

merged 4 commits into from
Jan 18, 2022

Conversation

silverwind
Copy link
Member

@silverwind silverwind commented Jan 18, 2022
edited
Loading

  • Update all JS dependencies
  • Add new lint rules
  • Rebuilds SVGs
  • Tested Monaco and Mermaid

Results in a reduction of 60 less JS dependencies.

@silverwind
Update JS dependencies
805664e 
- Update all JS dependencies
- Add new lint rules
- Regenerate SVGs
- Tested Monaco and Mermaid
@silverwind silverwind changed the title Update JS dependencies Update JS dependencies, remove eslint-plugin-github Jan 18, 2022
@silverwind
Copy link
Member Author

Also included the removal of eslint-plugin-github. It brings a heavyweight typescript dependency and I have a feeling half the rules don't even work properly or are duplicate like in the case of for-each which I've now enabled from the unicorn plugin instead.

@GiteaBot GiteaBot added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label Jan 18, 2022
@silverwind
Copy link
Member Author

This also includes two security-related fixes:

  • mermaid: fix: bug #2632 Fix for XSS vulnerability in classDiagrams @knsvz
  • monaco-editor: adds support for highlighting non basic ASCII, invisible or ambiguous unicode characters.

@GiteaBot GiteaBot added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. labels Jan 18, 2022
@zeripath
Copy link
Contributor

This also includes two security-related fixes:

  • mermaid: fix: bug #2632 Fix for XSS vulnerability in classDiagrams @knsvz
  • monaco-editor: adds support for highlighting non basic ASCII, invisible or ambiguous unicode characters.

I thought we already had fixes for these in already?

@silverwind
Copy link
Member Author

mermaid had another vulnerability
monaco also had something about BIDI in the previous version, seems like a followup

@zeripath zeripath added this to the 1.16.0 milestone Jan 18, 2022
@zeripath zeripath added the topic/build PR changes how Gitea is built, i.e. regarding Docker or the Makefile label Jan 18, 2022
@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Jan 18, 2022
@wxiaoguang wxiaoguang merged commit 8156e0f into go-gitea:main Jan 18, 2022
@silverwind silverwind deleted the deps-31 branch January 18, 2022 15:27
zjjhot added a commit to zjjhot/gitea that referenced this pull request Jan 19, 2022
@zjjhot
Merge remote-tracking branch 'giteaoffical/main'
a27850c 
* giteaoffical/main:
  Restore propagation of ErrDependenciesLeft (go-gitea#18325)
  Fix PR comments UI (go-gitea#18323)
  Make the height of the editor in Review Box smaller (4 lines as GitHub) (go-gitea#18319)
  Fix commit links on compare page (go-gitea#18310)
  Update JS dependencies, remove eslint-plugin-github (go-gitea#18317)
  Add MirrorUpdated field to Repository API type (go-gitea#18267)
  replace satori/go.uuid with gofrs/uuid (go-gitea#18311)
  Place inline diff comment dialogs in the 4th column. (go-gitea#18321)
  Use indirect comparison when showing pull requests (go-gitea#18313)
  Prevent ambiguous column error in organizations page (go-gitea#18314)
  Correctly upload LFS files (go-gitea#18316)
  [skip ci] Updated translations via Crowdin
  update description about vendoring in CONTRIBUTING.md (go-gitea#18280)
  Fix CheckRepoStats and reuse it during migration (go-gitea#18264)
  Minor tweak to tag list (go-gitea#18295)
Chianina pushed a commit to Chianina/gitea that referenced this pull request Mar 28, 2022
@silverwind
Update JS dependencies, remove eslint-plugin-github (go-gitea#18317)
be42f5e 
- Update all JS dependencies
- Add new lint rules
- Regenerate SVGs
- Tested Monaco and Mermaid
* Remove eslint-plugin-github
@go-gitea go-gitea locked and limited conversation to collaborators Apr 28, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@wxiaoguang wxiaoguang wxiaoguang approved these changes

+1 more reviewer

@zeripath zeripath zeripath approved these changes

Reviewers whose approvals may not affect merge requirements
Assignees
No one assigned
Labels
lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. topic/build PR changes how Gitea is built, i.e. regarding Docker or the Makefile
Projects
None yet
Milestone
1.16.0
Development

Successfully merging this pull request may close these issues.
4 participants
@silverwind @zeripath @wxiaoguang @GiteaBot