Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update tedious package #265

Merged
merged 3 commits into from
Jan 24, 2023
Merged

Update tedious package #265

merged 3 commits into from
Jan 24, 2023

Conversation

DrKittens
Copy link
Contributor

@DrKittens DrKittens commented Jan 12, 2023
edited
Loading

Latest version resolves a critical bug around xml dom.

Ref: GHSA-crh6-fp67-6883

Currently still testing impacts of this major version change but it hasnt broken my MariaDB connection for the app or SSJS so far.

*Testing on RHEL9 NOT WINDOWS so could be OS specific breakage i'd miss.

This is probably low-priority for the project as i dont think we do anything with untrusted XML.

werewolfboy13
werewolfboy13 requested changes Jan 13, 2023
View reviewed changes
Copy link
Collaborator

@werewolfboy13 werewolfboy13 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Needs more testing before PR can be pushed as this is a major version bump.

@werewolfboy13 werewolfboy13 marked this pull request as draft January 13, 2023 21:24
@DrKittens DrKittens mentioned this pull request Jan 15, 2023
Merged
@ect0s
Copy link
Contributor

ect0s commented Jan 24, 2023

I think our dependence on Tedious is due to Sequelize, and its an optional dependency there if I'm reading yarn info correctly.

@werewolfboy13 I know you may hesitate, but this should a low impact.

@werewolfboy13
Copy link
Collaborator

I think our dependence on Tedious is due to Sequelize, and its an optional dependency there if I'm reading yarn info correctly.

@werewolfboy13 I know you may hesitate, but this should a low impact.

I just want nothing to break, if it's optional should be fine. I'll push this on my internal tools and see what happens. This will occur in a couple days or so.

@werewolfboy13 werewolfboy13 marked this pull request as ready for review January 24, 2023 02:10
@ect0s ect0s merged commit c5c3255 into Team-Silver-Sphere:master Jan 24, 2023
@Thomas-Smyth Thomas-Smyth changed the title [Tedious] Update to latest version from v9.2.1 Update tedious package Feb 12, 2023
@Thomas-Smyth Thomas-Smyth added minor Minor Change core feature request Feature request related to the core SquadJS API labels Feb 12, 2023
@DrKittens DrKittens deleted the tedious branch August 3, 2023 15:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@werewolfboy13 werewolfboy13 werewolfboy13 approved these changes

@ect0s ect0s ect0s approved these changes

Assignees
No one assigned
Labels
core feature request Feature request related to the core SquadJS API minor Minor Change
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@DrKittens @ect0s @werewolfboy13 @Thomas-Smyth