Skip to content

Commit

Permalink
[DEPENDENCY] Pin estraverse to v5.1.0
Browse files Browse the repository at this point in the history
Since the "self-protection" mechanism of our JSModuleAnalyzer [1] is
highly dependent on the set of possible node types provided by
estraverse, we often saw problems in consuming projects after new
releases of estraverse. With [email protected] this is yet again the
case.

This change forces consumers to use a version of estraverse that is
supported by JSModuleAnalyzer (currently 5.1.0). Version updates will
only happen through pull requests created by dependabot.

[1]: https://github.com/SAP/ui5-builder/issues/309#issuecomment-521108883
  • Loading branch information
RandomByte committed Aug 9, 2020
1 parent e7d4431 commit e5bc455
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion package.json
Original file line number Diff line number Diff line change
Expand Up @@ -105,7 +105,7 @@
"escodegen": "^1.14.3",
"escope": "^3.6.0",
"esprima": "^4.0.1",
"estraverse": "^5.1.0",
"estraverse": "5.1.0",
"globby": "^11.0.1",
"graceful-fs": "^4.2.4",
"jsdoc": "^3.6.5",
Expand Down

0 comments on commit e5bc455

Please sign in to comment.