Skip to content

js: Update mocha 7 => 9, drop Node.js v8 support#901

Merged
vixentael merged 3 commits into
cossacklabs:masterfrom
ilammy:bump-more-deps
Feb 7, 2022
Merged

js: Update mocha 7 => 9, drop Node.js v8 support#901
vixentael merged 3 commits into
cossacklabs:masterfrom
ilammy:bump-more-deps

Conversation

@ilammy
Copy link
Copy Markdown
Collaborator

@ilammy ilammy commented Feb 7, 2022
edited
Loading

You'd be laughing, but there's more! Dependabot decided to remind me about CVE-2021-3807 which got fixed in October.

Updating mocha lets us update transitive dependency on ansi-regex to fix a potential security vulnerability stop npm audit whining. This also updates all sorts of other stuff, but I can't do anything about JS ecosystem being braindead, sorry. (Though, I'm surprised that jumping over a major version did not break anything that much.)

One thing that did break is support for Node.js v8 for running tests. Node.js v8 has been EOL since 2020, we only keep testing for it because it did not require maintenance on our part. Well, now our transitive development dependencies require at least Node.js v10, so that's our new minimum supported version then.

JsThemis and WasmThemis have a chance to be still working with older Node.js (even before v8), but we don't test that now.

Checklist

  • Change is covered by automated tests
  • The coding guidelines are followed
  • Changelog is updated (in case of notable or breaking changes)

ilammy added 3 commits February 7, 2022 10:20
@ilammy
wasm: Update mocha 7 => 9
61614cf 
This lets us update transitive dependency on ansi-regex to fix
a potential security vulnerability^W^W^W^W^W stop npm audit whining.
This also updates all sorts of other stuff, but I can't do anything
about JS ecosystem being braindead, sorry.
@ilammy
jsthemis: Update mocha 7 => 9
e64af06
@ilammy
node.js: Drop support for Node.js v8
7d4edc0 
Node.js v8 has been EOL since 2020, we only keep testing for it because
it did not require maintenance on our part. Well, now our transitive
development dependencies require at least Node.js v10, so that's our
new minimum supported version then.

JsThemis and WasmThemis have a chance to be still working with older
Node.js (even before v8), but we don't test that now.
@ilammy ilammy added compatibility Backward and forward compatibility, platform interoperability issues, breaking changes W-WasmThemis 🌐 Wrapper: WasmThemis, JavaScript API, npm packages W-JsThemis 🍭 Wrapper: JsThemis for Node.js, JavaScript API, npm packages dependencies Pull requests that update a dependency file labels Feb 7, 2022
@ilammy ilammy added this to the 0.15.0 milestone Feb 7, 2022
@ilammy ilammy requested a review from vixentael as a code owner February 7, 2022 01:43
@vixentael
Copy link
Copy Markdown
Contributor

vixentael commented Feb 7, 2022

stop npm audit whining

ahha.

bye-bye Nodejs v8 ✋

@vixentael vixentael merged commit 425ec5e into cossacklabs:master Feb 7, 2022
@vixentael vixentael deleted the bump-more-deps branch February 7, 2022 10:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@vixentael vixentael vixentael approved these changes

Assignees

No one assigned

Labels

compatibility Backward and forward compatibility, platform interoperability issues, breaking changes dependencies Pull requests that update a dependency file W-JsThemis 🍭 Wrapper: JsThemis for Node.js, JavaScript API, npm packages W-WasmThemis 🌐 Wrapper: WasmThemis, JavaScript API, npm packages

Projects

None yet

Milestone

0.15.0

Development

Successfully merging this pull request may close these issues.

2 participants

@ilammy @vixentael