Update NodeJS / UI5 dependencies for javascript/frameworks/ui5*/test/**#409
Merged
Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
This PR updates NodeJS/UI5-related dependencies used by the UI5 and UI5 Web Components CodeQL test projects under javascript/frameworks/{ui5,ui5-webcomponents}/test/**, aiming to keep these test fixtures aligned with upstream package updates.
Changes:
- Bumped
@ui5/cli(and resulting lockfile resolutions) for the UI5 XSS eventbus test project. - Bumped
@sapui5/sap.ui.vkfor the UI5 log injection test project (plus lockfile update). - Updated UI5 Web Components + React/TypeScript-related dependencies for the webcomponents XSS fixture (plus lockfile update).
Show a summary per file
| File | Description |
|---|---|
| javascript/frameworks/ui5/test/queries/UI5Xss/xss-eventbus-with-data/package.json | Bumps @ui5/cli version used by this UI5 XSS test fixture. |
| javascript/frameworks/ui5/test/queries/UI5Xss/xss-eventbus-with-data/package-lock.json | Updates the resolved dependency graph after the @ui5/cli bump. |
| javascript/frameworks/ui5/test/queries/UI5Xss/xss-book-example/package.json | Updates UI5 tooling/dev dependencies for the UI5 “book example” fixture. |
| javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-notifications/package.json | Bumps @sapui5/sap.ui.vk for the UI5 log injection fixture. |
| javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-notifications/package-lock.json | Updates the resolved package for the @sapui5/sap.ui.vk bump. |
| javascript/frameworks/ui5-webcomponents/test/queries/xss-input-dangerouslySetInnerHTML/package.json | Updates UI5 webcomponents + React/TS-related dependencies for the webcomponents XSS fixture. |
| javascript/frameworks/ui5-webcomponents/test/queries/xss-input-dangerouslySetInnerHTML/package-lock.json | Updates the resolved dependency graph for the webcomponents fixture changes. |
Review details
Files not reviewed (3)
- javascript/frameworks/ui5-webcomponents/test/queries/xss-input-dangerouslySetInnerHTML/package-lock.json: Generated file
- javascript/frameworks/ui5/test/queries/UI5LogInjection/log-entry-flows-to-notifications/package-lock.json: Generated file
- javascript/frameworks/ui5/test/queries/UI5Xss/xss-eventbus-with-data/package-lock.json: Generated file
- Files reviewed: 4/8 changed files
- Comments generated: 2
- Review effort level: Low
| "react-dom": "^19.2.7", | ||
| "react-scripts": "5.0.1", | ||
| "typescript": "^4.9.5" | ||
| "typescript": "^7.0.2" |
| "@ui5/webcomponents-react": "^2.15.3", | ||
| "react": "^18.3.1", | ||
| "react-dom": "^18.3.1", | ||
| "@types/jest": "^30.0.0", |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
UI5 companion PR for #408.
What This PR Contributes
This pull request updates NodeJS and UI5 dependencies across
javascript/frameworks/{ui5,ui5-webcomponents}/test/**projects . The main focus is on keeping the codebase up-to-date with the latest features, bug fixes, and security patches from the upstream packages.Dependency Updates:
UI5 Web Components and React:
@ui5/webcomponents,@ui5/webcomponents-base,@ui5/webcomponents-fiori,@ui5/webcomponents-icons, and@ui5/webcomponents-reactdependencies to version^2.24.xinxss-input-dangerouslySetInnerHTML/package.json. Also updated React and TypeScript to their latest major versions.SAP UI5 VK:
@sapui5/sap.ui.vkfrom^1.140.0to^1.150.0in bothlog-entry-flows-to-notifications/package.jsonand its lockfile. [1] [2]UI5 CLI and Tooling:
@ui5/clito^4.0.57in bothxss-book-example/package.jsonandxss-eventbus-with-data/package.json. [1] [2]xss-book-example/package.json.Future Works