-
Notifications
You must be signed in to change notification settings - Fork 2.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update electron (snyk security vulnerability fix) #9832
Conversation
npm has a |
@johnmlee101 looks like this was merged without passing tests. Please add a note explaining why this was done and remove the |
huh? |
✋ This PR was not deployed to staging yet because QA is ongoing. It will be automatically deployed to staging after the next production release. |
Yeah, I saw the green check too 🤷 |
🚀 Deployed to staging by @johnmlee101 in version: 1.1.83-1 🚀
|
🚀 Deployed to production by @chiragsalian in version: 1.1.84-13 🚀
|
Details
Went from
electron
^17.0.0 to ^17.4.5, this translated in the following changes in package-lock.json:@electron/get
1.13.1
->1.14.1
boolean:
3.1.4
->3.2.0
electron:
17.0.0
->17.4.10
The rest of the changes in package-lock.json are the
integrity
hash changingChangelog of electron v17: https://www.electronjs.org/releases/stable?version=17
It looks like it is mostly bug fixes and a few things added, but no breaking changes
Changelog of boolean: https://github.com/thenativeweb/boolean/blob/main/CHANGELOG.md
Same, bug fixes, new function added, no breaking changes
Fixed Issues
$ https://github.com/Expensify/Expensify/issues/218341
$ https://github.com/Expensify/Expensify/issues/218340
$ https://github.com/Expensify/Expensify/issues/218339
$ https://github.com/Expensify/Expensify/issues/218338
$ https://github.com/Expensify/Expensify/issues/218337
$ https://github.com/Expensify/Expensify/issues/218336
$ https://github.com/Expensify/Expensify/issues/218335
$ https://github.com/Expensify/Expensify/issues/218334
Tests
I believe this affects only the Desktop version of the App
Open the desktop app and try to make sure some main flows are still working as expected:
Send new comment in existing chat
Open new chat
Register
Log in
Add VBA
Verify that no errors appear in the JS console
PR Review Checklist
Contributor (PR Author) Checklist
### Fixed Issues
section aboveTests
sectionQA steps
sectiontoggleReport
and notonIconClick
)src/languages/*
filesSTYLE.md
) were followedAvatar
, I verified the components usingAvatar
are working as expected)/** comment above it */
displayName
propertythis
properly so there are no scoping issues (i.e. foronClick={this.submit}
the methodthis.submit
should be bound tothis
in the constructor)this
are necessary to be bound (i.e. avoidthis.submit = this.submit.bind(this);
ifthis.submit
is never passed to a component event handler likeonClick
)StyleUtils.getBackgroundAndBorderStyle(themeColors.componentBG
)Avatar
is modified, I verified thatAvatar
is working as expected in all cases)PR Reviewer Checklist
The Contributor+ will copy/paste it into a new comment and complete it after the author checklist is completed
### Fixed Issues
section aboveTests
sectionQA steps
sectiontoggleReport
and notonIconClick
).src/languages/*
filesSTYLE.md
) were followedAvatar
, I verified the components usingAvatar
have been tested & I retested again)/** comment above it */
displayName
propertythis
properly so there are no scoping issues (i.e. foronClick={this.submit}
the methodthis.submit
should be bound tothis
in the constructor)this
are necessary to be bound (i.e. avoidthis.submit = this.submit.bind(this);
ifthis.submit
is never passed to a component event handler likeonClick
)StyleUtils.getBackgroundAndBorderStyle(themeColors.componentBG
)Avatar
is modified, I verified thatAvatar
is working as expected in all cases)QA Steps
We should tell applause to be on the look out for bugs this may have caused in the desktop version
Screenshots
Web
Mobile Web
Desktop
iOS
Android