chore(#864-2): change instanbul to nyc for coverage on all projects #232
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Member
mdebarros
commented
Aug 20, 2021
mdebarros
commented
- Removed istanbul dependency + npm script
- Added .nycrc.yml with commented out standard Mojaloop code-coverage milestones - Added Todo in README.md with note about future code-coverage improvements - Updated test:coverage & test:coverage-check script in package.json - removed unnecessary configs defined in the .nycrc.yml - Minor bump to patch level to reflect dependency updates - Fixed audit-resolve issues: ```text -------------------------------------------------- tar needs your attention. [ high ] Arbitrary File Creation/Overwrite due to insufficient absolute path sanitization vulnerable versions <3.2.2 || >=4.0.0 <4.4.14 || >=5.0.0 <5.0.6 || >=6.0.0 <6.1.1 found in: - dependencies: @mojaloop/event-sdk>grpc>@mapbox/node-pre-gyp>tar [ high ] Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning vulnerable versions <3.2.3 || >=4.0.0 <4.4.15 || >=5.0.0 <5.0.7 || >=6.0.0 <6.1.2 found in: - dependencies: @mojaloop/event-sdk>grpc>@mapbox/node-pre-gyp>tar -------------------------------------------------- path-parse needs your attention. [ moderate ] Regular Expression Denial of Service in path-parse vulnerable versions <1.0.7 found in: - dependencies: proxyquire>resolve>path-parse ``` > Outcome: Fixed ```text -------------------------------------------------- yargs-parser needs your attention. [ low ] Prototype Pollution vulnerable versions <13.1.2 || >=14.0.0 <15.0.1 || >=16.0.0 <18.1.2 found in: - dependencies: @mojaloop/central-services-shared>widdershins>yargs>yargs-parser -------------------------------------------------- sanitize-html needs your attention. [ moderate ] Improper Input Validation vulnerable versions <2.3.1 found in: - dependencies: @mojaloop/central-services-shared>shins>sanitize-html [ moderate ] Improper Input Validation vulnerable versions <2.3.2 found in: - dependencies: @mojaloop/central-services-shared>shins>sanitize-html ``` > Outcome: Ignored for a week > Impact: Minimal as this is used to render documentation end-point
…into chore/#864-Change-Instanbul-to-Nyc-for-coverage-on-all-projects
mdebarros
requested review from
elnyry-sam-k,
lewisdaly,
oderayi,
shashi165 and
vgenev
as code owners
elnyry-sam-k
approved these changes
Aug 20, 2021
37 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.