Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade to jest v24-26 and babel to version 7 #182

Closed
bidoubiwa opened this issue Dec 10, 2020 · 1 comment · Fixed by #193
Closed

Upgrade to jest v24-26 and babel to version 7 #182

bidoubiwa opened this issue Dec 10, 2020 · 1 comment · Fixed by #193
Labels
good first issue Good for newcomers

Comments

@bidoubiwa
Copy link
Contributor

Because or Jest version is v23 we have vulnerabilities caused by yargs-parser.
We tried to fix it by using the resolutions, this introduced more problems. Also, resolutions are patches and not a solution.

linked issue: jestjs/jest#7424

This vulnerability has been fixed in jest v24>

Jest version 24 uses Babel 7:
https://jestjs.io/blog/2019/01/25/jest-24-refreshing-polished-typescript-friendly#typescript-support

But we use a previous version that is not compatible with jest v24.

To fix this problem properly we should consider upgrading jest to v24 or higher and babel to version 7.
@curquiza curquiza added the good first issue Good for newcomers label Dec 10, 2020
@curquiza
Copy link
Member

curquiza commented Dec 10, 2020
edited
Loading

Also related to #123 I think.
Here is the PR with the resolutions solution which should not be a definitive solution: #181 (will not be merged)

@bidoubiwa bidoubiwa mentioned this issue Jan 6, 2021
Merged
bors bot added a commit that referenced this issue Jan 13, 2021
@bors @bidoubiwa
Merge #193
19058dc 
193: Remove yars parser vulnerability r=bidoubiwa a=bidoubiwa

This PR fixes: #182 and #123 

This has been done by doing the following: 

- Removing all v6.0 dependencies
- Adding all v7.0> dependencies
- Remove `-q` flag that was not compatible with `babel-cli` v7.0 >
- Remove outdated test-coverage that was not used. A newer way of test-coverage compatible with babel v7.0 should be looked for


## Fix failing search

After the update of webpack from 4.* to 5.* some additional parameters are expected for the results we want to have.

**1** in `index.js` we previously used both ES syntax and CommonJs syntax, which resulted in the following error: 
`Uncaught TypeError: "exports" is read-only`

**2** webpack now adds the modules inside the `window` object and because we used a `default` export it was only accessible at `window.docSearchBar.default()`. 
```javascript
// index.js
/* eslint-disable import/no-commonjs */
import docsSearchBar from './src/lib/main';

export default docsSearchBar;
```


 Fortunately webpack has an option to solve this issue: 

> # libraryExport 
> Configure which module or modules will be exposed via the libraryTarget. It is undefined by default, same behaviour will be applied if you set libraryTarget to an empty string e.g. '' it will export the whole (namespace) object. The examples below demonstrate the effect of this configuration when using libraryTarget: 'var'.
>
>The following configurations are supported:
>
> libraryExport: 'default' - The default export of your entry point will be assigned to the library target:
> ```
> // if your entry has a default export of `MyDefaultModule`
> var MyDefaultModule = _entry_return_.default;
>```

Co-authored-by: Charlotte Vermandel <[email protected]>
@bors bors bot closed this as completed in dd9b615 Jan 13, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
good first issue Good for newcomers
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Remove yars parser vulnerability meilisearch/docs-searchbar.js
2 participants
@curquiza @bidoubiwa