fix: update dependencies to address security issue in @babel/runtime < 7.26.10 #372
Conversation
|
What is remaining for this ? |
|
This project looks pretty dead, unfortunately. The last commit was 2 years ago. 😒 |
It's very hard to maintain a project that big when most of the core maintainers move on or can't find time to maintain it (and then it's down to a single person for a long time). I'm in a slightly better place now (although I still have loads on my plate that will make finding time and energy for OSS stuff a challenge), but hopefully the people who came forward and expressed interest in helping will get this project back on track. |
Berkmann18
left a comment
Berkmann18
left a comment
There was a problem hiding this comment.
The code changes look good, hovewer the commit doesn't follow the Angular commit convention so the commit message and PR title would need to be updated.
|
@marcelpanse Do you mind updating the PR title and commit message to something like: "fix: update dependencies to address security issue in @babel/runtime < 7.26.10" |
marcelpanse
changed the title
|
Looks like we need to update the min node version from 16 to 18, is that doable? |
|
I dont have the permissions, but the solution here is to update the engine.node version to 22 (current lts) and the nvmrc file also to 22.14.0 |
|
I went and made a duplicate PR #375, i tried to address all the primary issues i was seeing when running the library |
|
ok following this - i was tryign to figure out why there were 2 pr's that looked the same. @jdalrymple if you are still around i'll work with you on the other pr and close this one. We could really use some help on this project if you have bandwidth and interest! |
|
@all-contributors please add @marcelpanse for security |
|
I've put up a pull request to add @marcelpanse! 🎉 |
4 participants
Package: @babel/runtime
Affected versions: < 7.26.10
Patched version: 7.26.10
Any chance we can get this merged & published on NPM?