Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dependency updates #1376

Open
wants to merge 14 commits into
base: master
Choose a base branch
from
Open

Dependency updates #1376

wants to merge 14 commits into from

Conversation

Apollon77
Copy link
Contributor

@Apollon77 Apollon77 commented Oct 21, 2024
edited
Loading

Pull Request Template

PR Checklist

  • I have run npm test locally and all tests are passing.
  • I have added/updated tests for any new behavior.
  • If this is a significant change, an issue has already been created where the problem / solution was discussed: [N/A, or add link to issue here]

PR Description

This Pr is doing one bigger round of dependency updates for all dependencies that do not have breaking changes and so could be released. The PR can be reviewed by commit (ok the last commits are a bit experimental because of a mem issue popped up in tests on node.js 18).

It does

  • Cleanup package-locks and removes package-locks in sub packages where they should not exist. npm install is only allowed to be run on root level!
  • Remove "gitHead" entry in package.json which should not be there and seems to be a leftover from a crashed lerna publish process
  • Add workspaces definition in main package.json because "lerna bootstrap" is no longer supported and replaced by this.
  • Updates all dependencies that can be easiely updated without braking changes. I will craete issues for the rest of the deps to do them one by one later or by users that can oversee the changes needed (eg. for Mongodb)
  • Adjusts jest configuration as needed by dep upgrade
  • Adjusts code for eslint changes
  • Adds Node.js 20 and 22 for github tests, remove node.js 14
  • Fixes one case where a promise was potentially resolved twice - see change in packages/node-nlp/src/recognizer/recognizer.js
  • Fixes one case where if-else was wrong order. This could change behavior - see change in packages/lang-ko/src/korean-conjugation.js
  • closes Patch for XLSX vulnerability #1371 ...

@Apollon77 Apollon77 mentioned this pull request Oct 21, 2024
Open
3 tasks
@Apollon77
Copy link
Contributor Author

Hm ... I can not get the tests in nodejs 18 (likely 16 too) stable .. they always produce OOM :-(
https://github.com/axa-group/nlp.js/actions/runs/11437900724/job/31818383309#step:6:1763

@Apollon77
chore: downgrade microsoft dep again
e5c4eab
@Apollon77
tests: revert some changes
b86a1db 
mow that we now that the microsoft dep was the mem reason
@Apollon77
Copy link
Contributor Author

Ha, it was the one microsoft dependency .. wow ... ok, reverted and fine now

@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Oct 21, 2024

Quality Gate Passed Quality Gate passed

Issues
1 New issue
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@Apollon77