Skip to content

Bump dependencies #426

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
compulim merged 9 commits into from
Sep 23, 2024
Merged

Bump dependencies #426

compulim merged 9 commits into from
Sep 23, 2024

Conversation

@compulim
Copy link
Collaborator

@compulim compulim commented Sep 10, 2024
edited
Loading

Changelog

Changed

Description

Specific changes

  • npm install botframework-streaming@latest --save-exact
  • npm audit fix
    • We are relying restify for testing and it is referencing a vulnerable version of path-to-regexp. It is okay for now as the attack vector won't hit production. But we should move away from restify if it doesn't update in a while
  • Updated tests to use EchoBot
  • PR validation check will now run against Node.js 20.x and 22.x in additional to 18.x

@compulim compulim marked this pull request as ready for review September 10, 2024 20:03
@compulim compulim requested a review from a team as a code owner September 10, 2024 20:03
@compulim compulim changed the title Bump deps Bump dependencies Sep 19, 2024
@compulim compulim merged commit d078f33 into master Sep 23, 2024
@compulim compulim deleted the bump-deps branch September 23, 2024 18:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tracyboehrer tracyboehrer tracyboehrer approved these changes

@OEvgeny OEvgeny OEvgeny approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@compulim @tracyboehrer @OEvgeny