Skip to content

chore: add test ci & dependency update#14

Merged
andibeuge merged 3 commits into
mainfrom
chore/add-test-pipeline
May 13, 2026
Merged

chore: add test ci & dependency update#14
andibeuge merged 3 commits into
mainfrom
chore/add-test-pipeline

Conversation

@andibeuge
Copy link
Copy Markdown
Contributor

@andibeuge andibeuge commented May 7, 2026
edited
Loading

add central ci to run tests and updates dependencies

Andreas Beuge added 2 commits May 7, 2026 15:04
chore: add test ci
e3ffce9
fix: bump serialize-javascript to 7.0.5 via npm overrides
8c59375 
Resolves Dependabot alerts #25 (GHSA-5c6j-r48x-rmvq, high — RCE via
RegExp.flags injection) and #28 (CVE-2026-34043, medium — DoS via CPU
exhaustion). mocha pins serialize-javascript@^6.0.2 so an override is
needed to force resolution to the patched version.
@andibeuge andibeuge changed the title chore: add test ci chore: add test ci & dependency update May 7, 2026
@andibeuge andibeuge requested a review from dogabudak May 7, 2026 13:14
ilin-andrey
ilin-andrey reviewed May 8, 2026
View reviewed changes
Comment thread .github/workflows/ci.yaml Outdated
@dogabudak
Copy link
Copy Markdown
Contributor

dogabudak commented May 11, 2026

@ilin-andrey Actually, what is the advantage of using mocha and not native tests, since node >= 18 already required. I guess it was used due to older versions.

#15

@dogabudak
Copy link
Copy Markdown
Contributor

dogabudak commented May 11, 2026

@andibeuge I removed mocha from this package

@andibeuge
Copy link
Copy Markdown
Contributor Author

andibeuge commented May 13, 2026

@copilot resolve the merge conflicts in this pull request

@andibeuge
chore: merge main, remove mocha, update node to 24 in CI
27ff94b 
Co-authored-by: andibeuge <97287249+andibeuge@users.noreply.github.com>
Copy link
Copy Markdown
Contributor

Copilot AI commented May 13, 2026

@copilot resolve the merge conflicts in this pull request

Merge conflicts resolved in commit 27ff94b. The branch now includes the mocha → native node test runner change from main, removes the no-longer-needed serialize-javascript override, and updates the CI to Node.js 24.

@andibeuge andibeuge merged commit 3b2d977 into main May 13, 2026
3 checks passed
@andibeuge andibeuge deleted the chore/add-test-pipeline branch May 13, 2026 16:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ilin-andrey ilin-andrey ilin-andrey approved these changes

@dogabudak dogabudak Awaiting requested review from dogabudak

+1 more reviewer

Copilot code review Copilot Copilot left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

@ilin-andrey ilin-andrey

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@andibeuge @dogabudak @ilin-andrey