Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade to Formidable 3, Node 14, and audit fix #1192

Merged
merged 1 commit into from
Oct 1, 2022
Merged

Upgrade to Formidable 3, Node 14, and audit fix #1192

merged 1 commit into from
Oct 1, 2022

Conversation

benasher44
Copy link
Contributor

@benasher44 benasher44 commented Aug 3, 2022
edited
Loading

Formidable 2 has a CVE that is flagged as requiring upgrading to Formidable 3. Formidable 3 is ESM only. To easily support this in node-soap without going through the full CommonJS -> ESM migration, we can do a dynamic import to load Formidable 3. This isn't a huge deal in this library, since the one place where Formidable 3 is used is async anyway.

TS didn't support correctly transpiling import calls until somewhat recently, so doing this required upgrading TypeScript. This also drops Node 12 support, which is EOL.

I also ran audit fix to get this library back to 0 audit issues.

benasher44
benasher44 commented Aug 3, 2022
View reviewed changes
tsconfig.json
"module": "commonjs",
"moduleResolution": "nodenext",
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

needed to have import transpiled to import and not back to require

benasher44
benasher44 commented Aug 3, 2022
View reviewed changes
tsconfig.json
@@ -1,8 +1,9 @@
{
"compileOnSave": true,
"compilerOptions": {
"target": "es3",
"target": "es2020",
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

with node 12 drop, the target can be bumped to ES2020 (based on https://node.green)

jsdevel
jsdevel requested changes Aug 17, 2022
View reviewed changes
package.json Show resolved Hide resolved
@jsdevel
Copy link
Collaborator

jsdevel commented Aug 21, 2022

@benasher44 please get the build to pass

@benasher44
Copy link
Contributor Author

Lint issue is fixed!

@benasher44
Copy link
Contributor Author

Hi @jsdevel! I wanted to check in to see if it might be possible to merge and release this 🙏. Thanks for your support and consideration!

@jsdevel jsdevel merged commit cded0c3 into vpulim:master Oct 1, 2022
sandrozbinden-axa pushed a commit to axa-health/node-soap that referenced this pull request Oct 6, 2022
@benasher44 @sandrozbinden-axa
Upgrade to Formidable 3, Node 14, and audit fix (vpulim#1192)
4b7a959
@benasher44 benasher44 mentioned this pull request Oct 7, 2022
Closed
@benasher44
Copy link
Contributor Author

Hi @jsdevel. Thanks for merging this! I wanted to see if it might be possible to publish a new release to npm. Including #1200 would be nice as well, but it's okay if it doesn't make it.

@sangeetauke1
Copy link

Hi Team,
We would need to know when the next version will be released from soap with formidable security and other fixes, kindly let us know. This is impacting releases.
Thanks,
Sangeeta

@benasher44
Copy link
Contributor Author

@jsdevel @vpulim I saw you all closed the issues tab. We (Ashby) would be happy to take on ownership of this repo/package. You can reach out to me on LinkedIn or Twitter

@mohd-akram mohd-akram mentioned this pull request Apr 11, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jsdevel jsdevel jsdevel approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@benasher44 @jsdevel @sangeetauke1