mirror of
https://github.com/angular/angular-cli.git
synced 2025-05-25 16:57:51 +08:00
56bba34d75
potractor <7 contains a low severity vulnerability due to one of its dependencies (yargs-parser) See: https://npmjs.com/advisories/1500 Fixes #17642
50 lines
1.5 KiB
TypeScript
50 lines
1.5 KiB
TypeScript
/**
|
|
* @license
|
|
* Copyright Google Inc. All Rights Reserved.
|
|
*
|
|
* Use of this source code is governed by an MIT-style license that can be
|
|
* found in the LICENSE file at https://angular.io/license
|
|
*/
|
|
import { Rule } from '@angular-devkit/schematics';
|
|
import {
|
|
addPackageJsonDependency,
|
|
getPackageJsonDependency,
|
|
} from '../../utility/dependencies';
|
|
import { latestVersions } from '../../utility/latest-versions';
|
|
|
|
export default function (): Rule {
|
|
return (host, context) => {
|
|
const dependenciesToUpdate: Record<string, string> = {
|
|
'karma': '~5.0.0',
|
|
'protractor': '~7.0.0',
|
|
'ng-packagr': latestVersions.ngPackagr,
|
|
};
|
|
|
|
for (const [name, version] of Object.entries(dependenciesToUpdate)) {
|
|
const current = getPackageJsonDependency(host, name);
|
|
if (!current || current.version === version) {
|
|
continue;
|
|
}
|
|
|
|
addPackageJsonDependency(host, {
|
|
type: current.type,
|
|
name,
|
|
version,
|
|
overwrite: true,
|
|
});
|
|
}
|
|
|
|
// Check for @angular-devkit/schematics and @angular-devkit/core
|
|
for (const name of ['@angular-devkit/schematics', '@angular-devkit/core']) {
|
|
const current = getPackageJsonDependency(host, name);
|
|
if (current) {
|
|
context.logger.info(
|
|
`Package "${name}" found in the workspace package.json. ` +
|
|
'This package typically does not need to be installed manually. ' +
|
|
'If it is not being used by project code, it can be removed from the package.json.',
|
|
);
|
|
}
|
|
}
|
|
};
|
|
}
|