Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Following the adoption of much more recent ag-grid packages. This permits any recursive dependencies of the old version to be updated. The yarn upgrade also made it necessary to adjust the @vscode/vsce version we request, and as well the one we get through ovsx, so that we end-up using a slightly older version of @vscode/vsce. More recent versions would require some modifications in the way we package and also include a binary under a proprietary license, that's so far not approved for use in this project. Finally, following the yarn upgrade, we pull a new version of a dependency, that fails the license check. We've opened an IP ticket for i, but that has not yet been approved. On the face of it, the dependency in question is probably compatible to the project, so we've added it to be temporarily excluded from the license check. --- Doing the yarn upgrade, we went from 5 to 2 known vulnerabilities, as per "yarn audit": Before: 5 vulnerabilities found - Packages audited: 926 Severity: 5 Moderate After: 2 vulnerabilities found - Packages audited: 981 Severity: 2 Moderate Signed-off-by: Marc Dumais <marc.dumais@ericsson.com>
- Loading branch information