Upgrade react + related deps; upgrade react-styleguidist by wfro · Pull Request #394 · instacart/Snacks

wfro · 2020-01-13T18:19:36Z

Part 2 of 2 of resolving the CVE here: https://github.com/instacart/snacks/network/alert/yarn.lock/serialize-javascript/open

Upgrades react/react-dom from 16.4.2 => 16.12.0
- Also upgrades any deps that rely on certain versions of
  react like enzyme/react-test-renderer
Upgrades react-styleguidist from 9 => 10. This was the original
target package to upgrade since it had the outdated
serialize-javascript dependency

codecov · 2020-01-13T18:36:58Z

Codecov Report

Merging #394 into master will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff           @@
##           master     #394   +/-   ##
=======================================
  Coverage   83.84%   83.84%           
=======================================
  Files          62       62           
  Lines        1300     1300           
  Branches      230      230           
=======================================
  Hits         1090     1090           
  Misses        159      159           
  Partials       51       51

stefceror

👍

NinjaBanjo · 2020-01-13T19:16:38Z

package.json

-    "react-dom": "16.4.2",
-    "react-styleguidist": "9.0.9",
-    "react-test-renderer": "16.4.2",
+    "react": "^16.12.0",


we should prob make sure this is a minor version change, as react updating is not insignificant (bundle sizes and all)

good idea 👍 , I think this would actually somehow be the first non-patch release.

* Upgrades react/react-dom from 16.4.2 => 16.12.0. * Also upgrades any deps that rely on certain versions of react like enzyme/react-test-renderer * Upgrades react-styleguidist from 9 => 10. This was the original target package to upgrade since it had the outdated serialize-javascript dependency * Sets an explicit version of node in package.json * Updates circleci config to use node 10 (required by the newer version of react-styleguidist)

wfro · 2020-01-14T22:52:59Z

Had to rebase due to lockfile conflicts.

wfro requested review from NinjaBanjo, mmarcuccio, nathanmarks and stefceror January 13, 2020 18:36

stefceror previously approved these changes Jan 13, 2020

View reviewed changes

NinjaBanjo reviewed Jan 13, 2020

View reviewed changes

NinjaBanjo previously approved these changes Jan 13, 2020

View reviewed changes

wfro dismissed stale reviews from NinjaBanjo and stefceror via f2e8400 January 14, 2020 22:45

wfro force-pushed the will-upgrade-react branch from 5495ec5 to f2e8400 Compare January 14, 2020 22:45

wfro requested review from NinjaBanjo and stefceror January 14, 2020 22:52

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Upgrade react + related deps; upgrade react-styleguidist#394

Upgrade react + related deps; upgrade react-styleguidist#394
wfro wants to merge 1 commit intomasterfrom
will-upgrade-react

wfro commented Jan 13, 2020

Uh oh!

codecov bot commented Jan 13, 2020 •

edited

Loading

Uh oh!

stefceror left a comment

Uh oh!

NinjaBanjo Jan 13, 2020

Uh oh!

wfro Jan 13, 2020

Uh oh!

wfro commented Jan 14, 2020

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

Conversation

wfro commented Jan 13, 2020

Uh oh!

codecov bot commented Jan 13, 2020 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Codecov Report

Uh oh!

stefceror left a comment

Choose a reason for hiding this comment

Uh oh!

NinjaBanjo Jan 13, 2020

Choose a reason for hiding this comment

Uh oh!

wfro Jan 13, 2020

Choose a reason for hiding this comment

Uh oh!

wfro commented Jan 14, 2020

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

codecov bot commented Jan 13, 2020 •

edited

Loading