Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add resolution to fix security altert #181

Closed
wants to merge 1 commit into from
Closed

Conversation

curquiza
Copy link
Member

@curquiza curquiza commented Dec 9, 2020

Does not work for the moment 😒

  • Build -> βœ…
  • Manual tests in the browser -> βœ…
  • Automatic tests -> ❌

@curquiza curquiza added dependencies Pull requests that update a dependency file skip-changelog The PR will not appear in the release changelogs labels Dec 9, 2020
@bidoubiwa
Copy link
Contributor

This is a vulnerability that has been fixed in jest v24 linked to this PR jestjs/jest#7497. As this resolves the vulnerabilities, the tests fails for another reason:

Jest version 24 uses Babel 7:
https://jestjs.io/blog/2019/01/25/jest-24-refreshing-polished-typescript-friendly#typescript-support

But we use a previous version that is not compatible with jest v24.

To fix this problem properly we should consider upgrading jest to v24 or higher and babel to version 7.

@curquiza
Copy link
Member Author

I close this PR then! Thanks @bidoubiwa for the investigation!

@curquiza curquiza closed this Dec 10, 2020
@curquiza curquiza deleted the fix-security-alert branch January 14, 2021 19:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file skip-changelog The PR will not appear in the release changelogs
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants