Update expect to 28 #12
Conversation
It no longer passes typescript check during build
|
Expect 29 is out https://www.npmjs.com/package/expect |
|
Yeah, I thought we might want to have both 28 and 29, so I was going to take it one step at a time. Not sure if that's what @yannbf wants to do or not, though. |
|
Hey peeps, just to give you some updates, there are a few typescript issues from this change. We are trying to figure out how to fix them. |
|
I gave up on trying to do anything fancy here. I think that there's still a bit of a typescript incompatibility between jest globals, expect, and jest-dom. But, this at least unblocks us and I tested it out in my own project and the types are working now. @yannbf I'd love if we could get some upgraded jest/expect out there with 7.0, so we can stop hacking around |
|
Hey @IanVS thanks a lot, I will discuss with the team and take a look at this as soon as I can! <3 |
|
Hi, I'd really love to get expect updated. Is there a chance anyone can take a look at it? |
|
@yannbf and I should discuss and get this sorted. |
|
New dependency changes detected. Learn more about Socket for GitHub ↗︎ 🚨 Potential security issues found in this pull request. To accept the risk, merge this PR and you will not be notified again. Bot CommandsTo ignore an alert, reply with a comment starting with
|
| Package | Eval Type | Location | Source |
|---|---|---|---|
| @sinclair/[email protected] (upgraded) | Function | conditional/structural.js | package.json via @types/[email protected], [email protected] |
| @yarnpkg/[email protected] (added) | Function | index.js | package.json via [email protected] |
| @yarnpkg/[email protected] (added) | Function | index.js | package.json via [email protected] |
⚠️ New author
A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Scrutinize new collaborator additions to packages because they now have the ability to publish code into your dependency tree. Packages should avoid frequent or unnecessary additions or changes to publishing rights.
| Package | New Author | Previous Author | Source |
|---|---|---|---|
| [email protected] (added) | bmishkin | square | package.json via [email protected] |
Pull request alert summary
| Issue | Status |
|---|---|
| Install scripts | ✅ 0 issues |
| Native code | ✅ 0 issues |
| Bin script confusion | ✅ 0 issues |
| Bin script shell injection | ✅ 0 issues |
| Shell access | ✅ 0 issues |
| Uses eval | |
| Unresolved require | ✅ 0 issues |
| Invalid package.json | ✅ 0 issues |
| HTTP dependency | ✅ 0 issues |
| Git dependency | ✅ 0 issues |
| GitHub dependency | ✅ 0 issues |
| New author | |
| Potential typo squat | ✅ 0 issues |
| Known Malware | ✅ 0 issues |
| Telemetry | ✅ 0 issues |
| Protestware/Troll package | ✅ 0 issues |
📊 Modified Dependency Overview:
| ➕ Added Package | Capability Access | +/- Transitive Count |
Publisher |
|---|---|---|---|
| [email protected] | eval, filesystem, environment | +15 |
ds300 |
| ⬆️ Updated Package | Version Diff | Added Capability Access | +/- Transitive Count |
Publisher |
|---|---|---|---|---|
| @types/[email protected] | 29.5.0...28.1.3 | eval | +7/-12 |
types |
| [email protected] | 27.5.1...28.1.3 | None | +11/-10 |
simenb |
I also removed the typecast, but I'm not certain if that will cause problems. It seems like we shouldn't be changing the type, if all we're doing is re-exporting a version of the package that works in the browser.