Commit Graph

29 Commits

Author SHA1 Message Date
Stephen Compall
4462a0b873
remove unneeded yarn resolutions (#14714)
* regenerate yarn lock

CHANGELOG_BEGIN
CHANGELOG_END
2022-08-16 11:30:31 -04:00
Stephen Compall
b1ca1d7aa8
Address async security advisory (#14595)
- CVE-2021-43138

CHANGELOG_BEGIN
CHANGELOG_END
2022-08-03 10:08:17 -04:00
dependabot[bot]
ba81b90119
Bump grunt from 1.4.0 to 1.5.3 (#14594) 2022-08-02 15:44:04 +00:00
Stephen Compall
74fd30a43b
Address root package.json security advisories (#14586)
- CVE-2021-42740
- CVE-2022-25878

CHANGELOG_BEGIN
CHANGELOG_END
2022-08-02 11:02:54 -04:00
Stefano Baghino
9fef07a02a
Address CVE-2021-44906 (#13376)
changelog_begin
changelog_end
2022-03-23 09:27:15 +00:00
Victor Peter Rouven Müller
2617213251
Fix dependabot alert for glob-parent (#12890)
* Fix dependabot alert for glob-parent

changelog_begin
changelog_end

* Also update the yarn lock file after making changes xD
2022-02-11 12:58:37 +00:00
Victor Peter Rouven Müller
c0c40bd10f
Add autoformatting to ts bindings & navigator frontend (#12693)
* Add autoformatting for the ts&tsx files (typescript effectively)

changelog_begin
changelog_end

* Format ts files

* Fix ts linter warnings
2022-02-11 11:44:52 +00:00
Moritz Kiefer
f07791e580
Upgrade typescript and typedoc (#12457)
Typedoc has a peer dep on typescript so we need to bump both.

changelog_begin
changelog_end
2022-01-18 15:52:39 +01:00
Moritz Kiefer
dd09c38f4a
Upgrade rules-nodejs (#11290)
I got confused by an error and thought I might as well debug it on the
latest version instead of debugging it on 3.5.1.

changelog_begin
changelog_end
2021-10-19 14:13:55 +00:00
Stefano Baghino
9ed1eb3ce3
Address security notice on ansi-regex (#11243)
* Address security notice on `ansi-regex`

Addressed this via resolution of `chalk` on a common version
which seems close enough to other old versions not to break
anything (tested manually) while removing the `ansi-regex`
transitive dependency that causes our daily builds to break.

Also removed `package-lock.json` since we are using `yarn`.

changelog_begin
changelog_end
2021-10-14 11:15:34 +00:00
Moritz Kiefer
91be1e1659
Drop matchdep dependency from docs build (#11023)
We really don’t need 600 lines of mostly deprecated and unmaintained
dependencies which get flagged by blackduck & dependabot if we can
inline this into a static array which we never changed since we first
added the docs.

changelog_begin
changelog_end
2021-09-27 09:48:00 +02:00
Moritz Kiefer
cd2fda6f3e
Fix broken package.json config (#10044)
Duplicate field names are not good

changelog_begin
changelog_end
2021-06-17 14:34:49 +02:00
Moritz Kiefer
85667af7be
Address npm vulnerabilities (#9978)
Nothing sensible we can do about ws than force a newer version. It’s
pulled in via transitive deps that don’t have newer versions yet.

For glob-parent we can do something more sensible by bumping grunt-browserify.

changelog_begin
changelog_end
2021-06-14 08:07:52 +00:00
Moritz Kiefer
cae429237e
Upgrade rules-nodes to version 3.5.0 (#9635)
* Upgrade rules-nodes to version 3.4.2

No particularly strong reason for doing that. I just like staying up2date.

changelog_begin
changelog_end

* Patch Windows

changelog_begin
changelog_end

* .

changelog_begin
changelog_end

* .

changelog_begin
changelog_end

* .

changelog_begin
changelog_end

* .

changelog_begin
changelog_end

* .

changelog_begin
changelog_end

* .

changelog_begin
changelog_end

* .

changelog_begin
changelog_end

* .

changelog_begin
changelog_end
2021-05-25 16:04:39 +02:00
Moritz Kiefer
5c28de36cb
Upgrade grunt to address cve (#9611)
changelog_begin
changelog_end
2021-05-07 08:29:52 +00:00
Moritz Kiefer
642385a692
Upgrade elliptic dependency to address vulnerabilities (#9055)
* Upgrade elliptic dependency to address vulnerabilities

This PR bumps our already existing resolution on elliptic to address a
security issue.

I don’t believe in keeping deps at arbitrarily outdated versions so
this PR fully regenerates the yarn.lock files.

changelog_begin
changelog_end

* Apparently upgrading Navigator is bad

changelog_begin
changelog_end
2021-03-09 14:44:10 +01:00
Moritz Kiefer
0ff3804266
Upgrade bl to address security vulnerability (#7312)
I’ve removed dockerode which we don’t seem to use and which depends on
a bunch of outdated versions in particular bl 1.x transitively.

changelog_begin
changelog_end
2020-09-03 09:49:06 +00:00
Moritz Kiefer
5668576b78
Upgrade rules-nodejs to the latest release (#6870)
changelog_begin
changelog_end
2020-07-27 16:50:23 +00:00
Brian Healey
6ad3279bbd
upgrade elliptic version to address vulnerability (#6459)
* upgrade elliptic version to address vulnerability

* Revert "upgrade elliptic version to address vulnerability"

This reverts commit dbf19c32

* upgrade elliptic version to address vulnerability

CHANGELOG_BEGIN
CHANGELOG_END
Signed-off-by: Brian Healey <brian.healey@digitalasset.com>

* Use range for elliptic rather than specific version
2020-06-23 12:00:01 -04:00
Brian Healey
d0304fb7aa
Upgrade yarn dependencies (#6300)
* upgrade npm libraries to address security vulnerabilities

CHANGELOG_BEGIN
Address npm library versions to address potential security
vulnerabilities
CHANGELOG_END
Signed-off-by: Brian Healey <brian.healey@digitalasset.com>

* format bazel
2020-06-11 13:36:40 -04:00
Moritz Kiefer
7c031f25f7
Upgrade rules_nodejs to version 1.6.0 (#5539)
* Upgrade rules_nodejs to version 1.6.0

closes #5367

This includes the fixes for the issues in jest that we’ve been seeing.

changelog_begin
changelog_end

* Fix eslint rules

* A bit of progress

* Try to add LinkablePackageInfo (doesn’t seem to work yet)

* Add rootDirs

* revert da_ts_library

* da_ts_library: add LinkablePackageInfo info

* Remove react hook workaround

Since rules_nodejs 1.6.0 this fails with the following error:
```
  ● Test suite failed to run

    Configuration error:

    Could not locate module react mapped as:
    /.../execroot/com_github_digital_asset_daml/bazel-out/k8-opt/bin/language-support/ts/daml-react/test.sh.runfiles/com_github_digital_asset_daml/node_modules/react/umd/react.development.js.

    Please check your configuration for these entries:
    {
      "moduleNameMapper": {
        "/^react$/": "/.../execroot/com_github_digital_asset_daml/bazel-out/k8-opt/bin/language-support/ts/daml-react/test.sh.runfiles/com_github_digital_asset_daml/node_modules/react/umd/react.development.js"
      },
      "resolver": null
    }

      49 | // like a promis without being one.
      50 | /* eslint-disable @typescript-eslint/no-floating-promises */
    > 51 | var react_1 = __importStar(require("react"));
         |                            ^
      52 | var react_hooks_1 = require("@testing-library/react-hooks");
      53 | var index_1 = __importStar(require("./index"));
      54 | var events_1 = require("events");

      at createNoMappedModuleFoundError (../../../../../../../../../../../node_modules/jest-resolve/build/index.js:501:17)
      at Object.<anonymous> (index.test.js:51:28)

Test Suites: 1 failed, 1 total
Tests:       0 total
Snapshots:   0 total
Time:        1.88s
Ran all test suites within paths "language-support/ts/daml-react/DamlLedger.d.ts", "language-support/ts/daml-react/DamlLedger.js", "language-support/ts/daml-react/context.d.ts", "language-support/ts/daml-react/context.js", "language-support/ts/daml-react/hooks.d.ts", "language-support/ts/daml-react/hooks.js", "language-support/ts/daml-react/index.d.ts", "language-support/ts/daml-react/index.js", "language-support/ts/daml-react/index.test.d.ts", "language-support/ts/daml-react/index.test.js".
=
```

* rootDirs is not needed for tsc

This is only required for ts_project

* Update yarn Bazel packages

* docs/theme add missing dependencies

* Remove unused attribute module_root

Co-authored-by: Andreas Herrmann <andreas.herrmann@tweag.io>
2020-04-17 12:03:33 +00:00
Robin Krom
2e9fe6afb6
language: add daml-react package to ts libraries (#4259)
* language: add daml-react package to ts libraries

This adds the library formerly known as `daml-react-hook` into the
monorepo. We renamed it to `@daml/react`.

The tests sadly don't work with bazel right now because the local
imports aren't resolved correctly. Local testing with `yarn run test`
works as usual.

CHANGELOG_BEGIN
CHANGELOG_END

* address moritz comments

* get rid of DAVL mentions

* fix eslint warnings

* Update language-support/ts/daml-react/tsconfig.json

Co-Authored-By: Martin Huschenbett <martin.huschenbett@posteo.me>

Co-authored-by: Martin Huschenbett <martin.huschenbett@posteo.me>
2020-01-29 15:37:47 +01:00
Robin Krom
0a26591849
upgrading to newest nodejs_rules (#4057)
* upgrading to newest nodejs_rules

CHANGELOG_BEGIN
CHANGELOG_END

* addressing andreas comments
2020-01-16 15:55:32 +01:00
Stefano Baghino
9130fa8d68 Rename dummy package to prevent wrong interpretation (#2920) 2019-09-16 15:53:23 +00:00
Andreas Herrmann
df7bff6288 Update to bazel-0.27 (#1957)
* Bazel: 0.24.0 -> 0.27.0

* Update rules_haskell for Bazel 0.27 compatibility

* Update bazel-deps and bazel-watcher

* Windows escape JVM flags

* load commands at top of .bzl file

Bazel 0.27 no longer allows load commands that are not at the beginning
of the file.

* Update Bazel rules

* subpackage boundary

* native is not defined in BUILD files

* yarn: @bazel/hide-bazel-files

Seems to be required since latest rules_nodejs version. Otherwise, yarn
fails with errors about existing BUILD or BUILD.bazel files.

* grpc-java plugin visibility

* Update fat_cc_library

* Nix Python3 toolchain

* Iteration over depset

* dev_env_package: Create symlinks one level deeper

To prevent symlinking the BUILD file as well. The nested BUILD file
confuses Bazel as of 0.27 and rules_nodejs cannot find the node
executable anymore.

* Update rules_nodejs

* Add managed_directories for node_modules

* hie-bios: Extract bazel-genfiles from bazel info

Bazel 0.27 changed the genfiles location which breaks the hie-core test
on macOS.

* update cc_wrapper to Bazel 0.27

* bazel info -> bazel info bazel-genfiles

* Fix typo in BUILD

Co-Authored-By: Stefano Baghino <43749967+stefanobaghino-da@users.noreply.github.com>
2019-07-05 14:04:47 +00:00
Brian Healey
a3faea1c9d upgrade versions for yarn audit (#1560) 2019-06-07 14:53:26 +00:00
Stefano Baghino
7ac438e87b
Remove //language-support/js (#691)
The JavaScript ecosystem support is being spun off in its own
repository. The new home is https://github.com/digital-asset/daml-js

For further details, here is the counterpart issue in the new repo:

https://github.com/digital-asset/daml-js/issues/1
2019-04-25 14:30:25 +02:00
Stefano Baghino
fa5c704e7e
Map Protobuf's 64 bit integers to strings in JS (#324) 2019-04-09 15:19:32 +02:00
Digital Asset GmbH
05e691f558 open-sourcing daml 2019-04-04 09:33:38 +01:00