Snyk has created this PR to upgrade log4js from 0.6.35 to 0.6.38.
See this package in npm:
https://www.npmjs.com/package/log4js
See this project in Snyk:
d9a12bfb-7ccd-443f-9e22-f30d339cc8c5?utm_source=github&utm_medium=upgrade-pr
Snyk has created this PR to upgrade unorm from 1.4.1 to 1.6.0.
See this package in npm:
https://www.npmjs.com/package/unorm
See this project in Snyk:
d9a12bfb-7ccd-443f-9e22-f30d339cc8c5?utm_source=github&utm_medium=upgrade-pr
Snyk has created this PR to upgrade formidable from 1.2.1 to 1.2.2.
See this package in npm:
https://www.npmjs.com/package/formidable
See this project in Snyk:
d9a12bfb-7ccd-443f-9e22-f30d339cc8c5?utm_source=github&utm_medium=upgrade-pr
Snyk has created this PR to upgrade tinycon from 0.0.1 to 0.6.8.
See this package in npm:
https://www.npmjs.com/package/tinycon
See this project in Snyk:
d9a12bfb-7ccd-443f-9e22-f30d339cc8c5?utm_source=github&utm_medium=upgrade-pr
Snyk has created this PR to upgrade etherpad-yajsml from 0.0.2 to 0.0.4.
See this package in npm:
https://www.npmjs.com/package/etherpad-yajsml
See this project in Snyk:
d9a12bfb-7ccd-443f-9e22-f30d339cc8c5?utm_source=github&utm_medium=upgrade-pr
Snyk has created this PR to upgrade express-rate-limit from 5.1.1 to 5.2.3.
See this package in npm:
https://www.npmjs.com/package/express-rate-limit
See this project in Snyk:
d9a12bfb-7ccd-443f-9e22-f30d339cc8c5?utm_source=github&utm_medium=upgrade-pr
Snyk has created this PR to upgrade npm from 6.14.8 to 6.14.11.
See this package in npm:
https://www.npmjs.com/package/npm
See this project in Snyk:
d9a12bfb-7ccd-443f-9e22-f30d339cc8c5?utm_source=github&utm_medium=upgrade-pr
Snyk has created this PR to upgrade semver from 5.6.0 to 5.7.1.
See this package in npm:
https://www.npmjs.com/package/semver
See this project in Snyk:
d9a12bfb-7ccd-443f-9e22-f30d339cc8c5?utm_source=github&utm_medium=upgrade-pr
Snyk has created this PR to upgrade measured-core from 1.11.2 to 1.51.1.
See this package in npm:
https://www.npmjs.com/package/measured-core
See this project in Snyk:
d9a12bfb-7ccd-443f-9e22-f30d339cc8c5?utm_source=github&utm_medium=upgrade-pr
Snyk has created this PR to upgrade resolve from 1.1.7 to 1.19.0.
See this package in npm:
https://www.npmjs.com/package/resolve
See this project in Snyk:
d9a12bfb-7ccd-443f-9e22-f30d339cc8c5?utm_source=github&utm_medium=upgrade-pr
Snyk has created this PR to upgrade underscore from 1.8.3 to 1.12.0.
See this package in npm:
https://www.npmjs.com/package/underscore
See this project in Snyk:
d9a12bfb-7ccd-443f-9e22-f30d339cc8c5?utm_source=github&utm_medium=upgrade-pr
Also add symlinks from the old `bin/` and `tests/` locations to avoid
breaking scripts and other tools.
Motivations:
* Scripts and tests no longer have to do dubious things like:
require('ep_etherpad-lite/node_modules/foo')
to access packages installed as dependencies in
`src/package.json`.
* Plugins can access the backend test helper library in a non-hacky
way:
require('ep_etherpad-lite/tests/backend/common')
* We can delete the top-level `package.json` without breaking our
ability to lint the files in `bin/` and `tests/`.
Deleting the top-level `package.json` has downsides: It will cause
`npm` to print warnings whenever plugins are installed, npm will
no longer be able to enforce a plugin's peer dependency on
ep_etherpad-lite, and npm will keep deleting the
`node_modules/ep_etherpad-lite` symlink that points to `../src`.
But there are significant upsides to deleting the top-level
`package.json`: It will drastically speed up plugin installation
because `npm` doesn't have to recursively walk the dependencies in
`src/package.json`. Also, deleting the top-level `package.json`
avoids npm's horrible dependency hoisting behavior (where it moves
stuff from `src/node_modules/` to the top-level `node_modules/`
directory). Dependency hoisting causes numerous mysterious
problems such as silent failures in `npm outdated` and `npm
update`. Dependency hoisting also breaks plugins that do:
require('ep_etherpad-lite/node_modules/foo')
There are some problems with nyc:
* The coverage numbers aren't useful in our case because most of the
code is executed outside the test process (the test code is mostly
API client logic).
* nyc messes with line numbers, which makes it much harder to debug
problems.
* We're seeing frequent SIGABRT crashes while nyc is printing the
results table. I'm not sure if nyc is the cause of the crashes, or
if it's making a race condition worse, or if the crashes have
nothing to do with nyc, but we don't lose much by removing it so
we might as well see if the crash frequency improves.
Rewrite the `callAll` and `aCallAll` functions to support all
reasonable hook behaviors and to report errors for unreasonable
behaviors (e.g., calling the callback twice).
Now a hook function like the following works as expected when invoked
by `aCallAll`:
```
exports.myHookFn = (hookName, context, cb) => {
cb('some value');
return;
};
```
