Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Maintenance: Security updates #102

Merged
merged 2 commits into from
Sep 20, 2023
Merged

Maintenance: Security updates #102

merged 2 commits into from
Sep 20, 2023

Conversation

MKodde
Copy link
Member

@MKodde MKodde commented Sep 20, 2023
edited
Loading

  1. Yarn & Composer updates installed
  2. Upgraded Webpack Encore from v1 to 4

@MKodde
Install composer updates
d3aed6a 
And ran composer bump to also update the composer.json package version
to reflect the actually installed package versions.
@MKodde
Copy link
Member Author

MKodde commented Sep 20, 2023
edited
Loading

The security updates are now breaking the unit and accpetance tests

I've investigated on my dev env and the following things are in the way:

  1. Chrome and or Chromedriver is not installed correctly. Ive fixed this on my dev machine. But it takes some more effort to land those changes in this project. And should not be part of this PR
  2. Behat tests fail on Symfony errors that the ErrorController is fishing services directly from the container using $this->get. That should be fixed in the stepup-bundle. Also not for this PR.

I feel OK to move forward with this, and tag it pre-release for now. We are about to overhaul this project and upgrade it to SF 5/6. So putting in this work now seems illogical.

@MKodde MKodde requested a review from phavekes September 20, 2023 07:10
phavekes
phavekes reviewed Sep 20, 2023
View reviewed changes
webpack.config.js Outdated
.addLoader({ test: /\.scss$/, loader: 'import-glob-loader' })
.addLoader({test: /\.scss$/, loader: 'webpack-import-glob-loader'})
.configureLoaderRule('eslint', loaderRule => {
loaderRule.test = /\.(jsx?|vue)$/
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What does this do?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for pointing this out.

To answer your question. This loads eslint and configures it to mark jsx and vue files a test resources

And that is completely out of scope for this project. Removed this loader.

FYI This code came from another stepup project where we already upgraded to Encore 4. So I yanked some of the updated config from there. But kept a bit too much 😊

phavekes
phavekes reviewed Sep 20, 2023
View reviewed changes
package.json Outdated
"compass-mixins": "^0.12.10",
"@babel/core": "^7.20.5",
"@babel/preset-env": "^7.20.2",
"@symfony/webpack-encore": "^4", "compass-mixins": "^0.12.10",
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Indent error?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, fixed that 👍

@MKodde MKodde force-pushed the maintenance/security-updates branch 2 times, most recently from 8957d69 to d5c7194 Compare September 20, 2023 09:17
@MKodde MKodde force-pushed the maintenance/security-updates branch from d5c7194 to b72de0f Compare September 20, 2023 09:26
@MKodde MKodde merged commit 616b142 into develop Sep 20, 2023
@MKodde MKodde deleted the maintenance/security-updates branch September 20, 2023 09:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@phavekes phavekes phavekes left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@MKodde @phavekes