Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Chore: update dependencies 2023-06 #89

Merged
merged 5 commits into from
Jun 27, 2023
Merged

Chore: update dependencies 2023-06 #89

merged 5 commits into from
Jun 27, 2023

Conversation

pastelmind
Copy link
Collaborator

Updates dependencies to their latest versions

  • TypeScript 5.1.3
  • Vite (fixes CVE-2023-34092)
  • Other dependencies (including Cargo)

We also remove wee_alloc to fix the GHSA-rc23-xxgq-x27g warning from dependabot. Our WASM decoder actively allocates memory while decoding images, so wee_alloc was unusable for us anyway.

@pastelmind
Update TypeScript and other devtools
2a69329 
Updates the following tools to their latest versions:

- TypeScript 5.1.3
- ESLint (and plugins)
- Prettier
- Other tools: rimraf
@pastelmind
Update Vite and other build tools
94589cc 
Updates the following tools to their latest versions:

- Vite 4.3.9 (fixes CVE-2023-34092)
- @rollup/plugin-typescript
- Vitest*

*Vitest is technically not a build tool, but depends on Vite and is
 therefore updated together.
@pastelmind
Update other dependencies
eadaca0
@pastelmind
Update Cargo dependencies
b584d83
@pastelmind
Remove wee_alloc
b936401 
wee_alloc is a security risk as of GHSA-rc23-xxgq-x27g.
Since we don't use it anyway, let's remove it.
@pastelmind pastelmind self-assigned this Jun 27, 2023
@pastelmind pastelmind added the type: maintenance General maintenance label Jun 27, 2023
@pastelmind pastelmind merged commit 7ab3f93 into main Jun 27, 2023
@pastelmind pastelmind deleted the chore-update-deps-202306 branch June 27, 2023 10:23
pastelmind added a commit that referenced this pull request Jun 27, 2023
@pastelmind
chore: fix self-reference to @webtoon/psd
7b2e12e 
During the latest round of dependency updates (#89), packages that
depend on the local version of @webtoon/psd were incorrectly updated to
point to @webtoon/psd@^0.3.0. This commit amends this oversight.
@pastelmind pastelmind mentioned this pull request Jun 27, 2023
Merged
pastelmind added a commit that referenced this pull request Jun 27, 2023
@pastelmind
Merge pull request #90 from webtoon/chore-deps-update-cleanup
d575f3d 
Follow-up for #89
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@pastelmind pastelmind

Labels
type: maintenance General maintenance
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@pastelmind