Skip to content

upgrade vsce to 1.93.0 #207

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jun 24, 2021
Merged

upgrade vsce to 1.93.0 #207

merged 1 commit into from
Jun 24, 2021

Conversation

SethTisue
Copy link
Member

@SethTisue SethTisue commented Jun 22, 2021
edited
Loading

motivation: this also upgrades underscore, which Dependabot has been sending us a security alert about (CVE-2021-23358)

@SethTisue
upgrade vsce to 1.93.0
78f14d0 
motivation: this also upgrades underscore, which Dependabot has
been sending us a security alert about (CVE-2021-23358)
@SethTisue
Copy link
Member Author

SethTisue commented Jun 22, 2021
edited
Loading

note that I have no idea what I'm doing here, I'm just blindly trying to get the security alert to go away. I bumped the vsce version in package.json and ran yarn install

hopefully somebody who actually knows their way around this repo can decide if this is actually mergeable...?

tgodzik
tgodzik reviewed Jun 23, 2021
View reviewed changes
package.json
@@ -53,7 +53,7 @@
"rimraf": "^3.0.2",
"ts-node": "^9.0.0",
"typescript": "^4.0.2",
"vsce": "^1.79.5",
"vsce": "^1.93.0",
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It should be ok to upgrade, we have never had any issues with vsce in the Metals extension.

MaximeKjaer
MaximeKjaer approved these changes Jun 24, 2021
View reviewed changes
Copy link
Contributor

@MaximeKjaer MaximeKjaer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me. I looked through the vsce commits since 1.79.5, but it doesn't look like anything major that we depend on has changed. Updating should be fine.

@MaximeKjaer MaximeKjaer merged commit 99868aa into scala:main Jun 24, 2021
@SethTisue SethTisue deleted the vsc-1.93.0 branch June 24, 2021 14:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@MaximeKjaer MaximeKjaer MaximeKjaer approved these changes

@tgodzik tgodzik tgodzik approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@SethTisue @MaximeKjaer @tgodzik