Created by: ackintosh
PR checklist
-
Read the contribution guidelines. -
Ran the shell script under ./bin/to update Petstore sample so that CIs can verify the change. (For instance, only need to run./bin/{LANG}-petstore.sh,./bin/openapi3/{LANG}-petstore.shif updating the {LANG} (e.g. php, ruby, python, etc) code generator or {LANG} client's mustache templates). Windows batch files can be found in.\bin\windows\. If contributing template-only or documentation-only changes which will change sample output, be sure to build the project first. -
Filed the PR against the correct branch: master,4.1.x,5.0.x. Default:master. -
Copied the technical committee to review the pull request if your PR is targeting a particular programming language.
Description of the PR
Updated the babel-cli version to fix the alert below.
Regular Expression Denial of Service https://www.npmjs.com/advisories/786
$ cd samples/client/petstore/javascript-flowtyped
$ npm audit
=== npm audit security report ===
┌──────────────────────────────────────────────────────────────────────────────┐
│ Manual Review │
│ Some vulnerabilities require your attention to resolve │
│ │
│ Visit https://go.npm.me/audit-guide for additional guidance │
└──────────────────────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low │ Regular Expression Denial of Service │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ braces │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=2.3.1 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ babel-cli [dev] │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ babel-cli > chokidar > anymatch > micromatch > braces │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/786 │
└───────────────┴──────────────────────────────────────────────────────────────┘
found 1 low severity vulnerability in 6034 scanned packages
1 vulnerability requires manual review. See the full report for details.Used npx cli tool to know how we should update the package.json and .babelrc.
$ cd samples/client/petstore/javascript-flowtyped
$ npx babel-upgrade --write
🙌 Thanks for trying out https://github.com/babel/babel-upgrade !
Updating closest package.json dependencies
Index: /Users/akihito1/src/github.com/ackintosh/openapi-generator-1/samples/client/petstore/javascript-flowtyped/package.json
===================================================================
--- /Users/akihito1/src/github.com/ackintosh/openapi-generator-1/samples/client/petstore/javascript-flowtyped/package.json Before Upgrade
+++ /Users/akihito1/src/github.com/ackintosh/openapi-generator-1/samples/client/petstore/javascript-flowtyped/package.json After Upgrade
@@ -21,12 +21,13 @@
"dependencies": {
"portable-fetch": "^3.0.0"
},
"devDependencies": {
- "babel-cli": "^6.26.0",
- "babel-core": "^6.26.3",
- "babel-plugin-transform-flow-strip-types": "^6.22.0",
+ "@babel/cli": "^7.0.0",
+ "@babel/core": "^7.0.0",
+ "@babel/plugin-transform-flow-strip-types": "^7.0.0",
"babel-preset-react-app": "^3.1.1",
"flow-copy-source": "^1.3.0",
- "rimraf": "^2.6.2"
+ "rimraf": "^2.6.2",
+ "@babel/preset-flow": "^7.0.0"
}
}
\ No newline at end of file
Updating .babelrc config at .babelrc
Index: .babelrc
===================================================================
--- .babelrc Before Upgrade
+++ .babelrc After Upgrade
@@ -1,8 +1,9 @@
{
"presets": [
- "react-app"
+ "react-app",
+ "@babel/preset-flow"
],
"plugins": [
- "transform-flow-strip-types"
+ "@babel/plugin-transform-flow-strip-types"
]
}
\ No newline at end of file