Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

⬆️ attempting to force node-fetch to be 2.6.7 or higher #244

Merged
merged 1 commit into from
Mar 23, 2022
Merged

⬆️ attempting to force node-fetch to be 2.6.7 or higher #244

merged 1 commit into from
Mar 23, 2022

Conversation

maschad
Copy link
Contributor

@maschad maschad commented Mar 18, 2022
edited
Loading

@maschad maschad force-pushed the upgrade-vulnerability-cross-fetch branch from c835f05 to f1b449c Compare March 18, 2022 19:32
@codecov-commenter
Copy link

Codecov Report

Merging #244 (f1b449c) into master (8662752) will decrease coverage by 0.73%.
The diff coverage is 83.33%.

@@            Coverage Diff             @@
##           master     #244      +/-   ##
==========================================
- Coverage   38.41%   37.67%   -0.74%     
==========================================
  Files         131      131              
  Lines        4844     4809      -35     
  Branches     1010     1003       -7     
==========================================
- Hits         1861     1812      -49     
- Misses       2728     2746      +18     
+ Partials      255      251       -4
Impacted Files Coverage Δ
...s/wallet/src/remote-signers/guard-remote-signer.ts 33.33% <75.00%> (ø)
packages/relayer/src/rpc-relayer/index.ts 12.50% <80.00%> (ø)
packages/api/src/index.ts 92.30% <100.00%> (ø)
packages/indexer/src/index.ts 50.00% <100.00%> (ø)
packages/metadata/src/index.ts 66.66% <100.00%> (ø)
packages/auth/src/index.ts 66.66% <0.00%> (-33.34%) ⬇️
...ges/multicall/src/providers/provider-middleware.ts 42.85% <0.00%> (-28.58%) ⬇️
packages/multicall/src/multicall.ts 47.14% <0.00%> (-12.36%) ⬇️
packages/multicall/src/utils.ts 34.61% <0.00%> (-11.54%) ⬇️
...kages/multicall/src/providers/external-provider.ts 41.17% <0.00%> (-11.00%) ⬇️
... and 1 more

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update bed5950...f1b449c. Read the comment docs.

@attente
Copy link
Contributor

attente commented Mar 18, 2022
edited
Loading

I wonder if switching to isomorphic-fetch is going to be an issue for you in React Native:

2022-03-18 16:11:41-04:00

The issue in question: matthew-andrews/isomorphic-fetch#125. Seems like it was closed without resolution.

@pkieltyka
Copy link
Member

Good news if that node 17 implements native support for fetch() so it’s a matter of time before we can do without any of these polyfill libs

Sounds like we should stick to cross-fetch and upgrade to the latest major, as well node-fetch if it’s a sub-deb. Using the latest majors of both should work just fine

@maschad maschad force-pushed the upgrade-vulnerability-cross-fetch branch 3 times, most recently from fd20856 to 15f011c Compare March 22, 2022 18:58
@maschad maschad force-pushed the upgrade-vulnerability-cross-fetch branch from 15f011c to 55ddb43 Compare March 22, 2022 19:00
@maschad maschad merged commit c7d05e6 into master Mar 23, 2022
@maschad maschad deleted the upgrade-vulnerability-cross-fetch branch March 23, 2022 19:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@attente attente Awaiting requested review from attente

@pkieltyka pkieltyka Awaiting requested review from pkieltyka

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@maschad @codecov-commenter @attente @pkieltyka