Dev #134
Dev #134
Conversation
update vite to 5.4.19
vite updates
Turalio-code-update
Bumps the npm_and_yarn group with 3 updates in the /backend directory: [axios](https://github.com/axios/axios), [path-to-regexp](https://github.com/pillarjs/path-to-regexp) and [express](https://github.com/expressjs/express). Bumps the npm_and_yarn group with 7 updates in the /frontend directory: | Package | From | To | | --- | --- | --- | | [axios](https://github.com/axios/axios) | `1.7.8` | `1.9.0` | | [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `5.4.10` | `5.4.19` | | [@babel/helpers](https://github.com/babel/babel/tree/HEAD/packages/babel-helpers) | `7.25.7` | `7.27.6` | | [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.25.7` | `7.27.6` | | [esbuild](https://github.com/evanw/esbuild) | `0.21.5` | `0.25.5` | | [@vitejs/plugin-react](https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react) | `4.3.3` | `4.5.2` | | [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `5.4.19` | `6.3.5` | | [http-proxy-middleware](https://github.com/chimurai/http-proxy-middleware) | `2.0.7` | `2.0.9` | Updates `axios` from 1.7.7 to 1.9.0 - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](axios/axios@v1.7.7...v1.9.0) Updates `path-to-regexp` from 0.1.10 to 0.1.12 - [Release notes](https://github.com/pillarjs/path-to-regexp/releases) - [Changelog](https://github.com/pillarjs/path-to-regexp/blob/master/History.md) - [Commits](pillarjs/path-to-regexp@v0.1.10...v0.1.12) Updates `express` from 4.21.1 to 4.21.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/4.21.2/History.md) - [Commits](expressjs/express@4.21.1...4.21.2) Updates `axios` from 1.7.8 to 1.9.0 - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](axios/axios@v1.7.7...v1.9.0) Updates `vite` from 5.4.10 to 5.4.19 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v5.4.19/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v5.4.19/packages/vite) Updates `@babel/helpers` from 7.25.7 to 7.27.6 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.27.6/packages/babel-helpers) Updates `@babel/runtime` from 7.25.7 to 7.27.6 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.27.6/packages/babel-runtime) Updates `esbuild` from 0.21.5 to 0.25.5 - [Release notes](https://github.com/evanw/esbuild/releases) - [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG-2024.md) - [Commits](evanw/esbuild@v0.21.5...v0.25.5) Updates `@vitejs/plugin-react` from 4.3.3 to 4.5.2 - [Release notes](https://github.com/vitejs/vite-plugin-react/releases) - [Changelog](https://github.com/vitejs/vite-plugin-react/blob/main/packages/plugin-react/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite-plugin-react/commits/plugin-react@4.5.2/packages/plugin-react) Updates `vite` from 5.4.19 to 6.3.5 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v5.4.19/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v5.4.19/packages/vite) Updates `http-proxy-middleware` from 2.0.7 to 2.0.9 - [Release notes](https://github.com/chimurai/http-proxy-middleware/releases) - [Changelog](https://github.com/chimurai/http-proxy-middleware/blob/v2.0.9/CHANGELOG.md) - [Commits](chimurai/http-proxy-middleware@v2.0.7...v2.0.9) --- updated-dependencies: - dependency-name: axios dependency-version: 1.9.0 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: path-to-regexp dependency-version: 0.1.12 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: express dependency-version: 4.21.2 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: axios dependency-version: 1.9.0 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 5.4.19 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: "@babel/helpers" dependency-version: 7.27.6 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: "@babel/runtime" dependency-version: 7.27.6 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: esbuild dependency-version: 0.25.5 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: "@vitejs/plugin-react" dependency-version: 4.5.2 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 6.3.5 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: http-proxy-middleware dependency-version: 2.0.9 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
…m_and_yarn-c09eb8c198 Bump the npm_and_yarn group across 2 directories with 9 updates
auth to case number migration
Ndc-rxnorm-mapping
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| defaults: | ||
| run: | ||
| working-directory: frontend | ||
| name: Check tsc, lint, and prettier on front end | ||
| name: Check tsc, lint, and prettier on front end | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - uses: actions/checkout@v1 | ||
| - uses: actions/setup-node@v1 | ||
| with: | ||
| node-version: '21.x' | ||
| - run: npm install | ||
| - run: npm run lint | ||
| - run: npm run prettier | ||
| env: | ||
| CI: true | ||
| lint_backend: | ||
| defaults: | ||
| - uses: actions/checkout@v4 | ||
| with: | ||
| clean: true | ||
| - uses: actions/setup-node@v1 | ||
| with: | ||
| node-version: "21.x" | ||
| - run: npm install | ||
| - run: npm run lint | ||
| - run: npm run prettier | ||
| env: |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 6 months ago
To fix the issue, we will add a permissions block at the root of the workflow file. This block will define the minimal permissions required for the workflow to function. Since the workflow primarily involves linting, testing, and installing dependencies, it only needs contents: read permissions. This ensures that the GITHUB_TOKEN has the least privilege necessary to perform these tasks.
The permissions block will be added immediately after the name and on keys in the workflow file.
| @@ -3,2 +3,4 @@ | ||
| on: [push, pull_request] | ||
| permissions: | ||
| contents: read | ||
|
|
| CI: true | ||
| lint_backend: | ||
| defaults: | ||
| run: | ||
| working-directory: backend | ||
| name: Check tsc, lint, and prettier on back end | ||
| working-directory: backend | ||
| name: Check tsc, lint, and prettier on back end | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - uses: actions/checkout@v1 | ||
| - uses: actions/setup-node@v1 | ||
| with: | ||
| node-version: '21.x' | ||
| - run: npm install | ||
| - run: npm run lint | ||
| - run: npm run prettier | ||
| env: | ||
| CI: true | ||
| - uses: actions/checkout@v1 | ||
| - uses: actions/setup-node@v1 | ||
| with: | ||
| node-version: "21.x" | ||
| - run: npm install | ||
| - run: npm run lint | ||
| - run: npm run prettier | ||
| env: |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 6 months ago
To fix the issue, we need to add a permissions block to the workflow file. This block should specify the minimal permissions required for the workflow to function correctly. Since the workflow only performs linting, testing, and formatting tasks, it does not require write access to the repository. Therefore, the permissions block should set contents: read at the root level of the workflow to apply to all jobs. This ensures that the GITHUB_TOKEN has only read access to the repository contents.
| @@ -3,2 +3,4 @@ | ||
| on: [push, pull_request] | ||
| permissions: | ||
| contents: read | ||
|
|
| CI: true | ||
| test_frontend: | ||
| defaults: | ||
| defaults: | ||
| run: | ||
| working-directory: frontend | ||
| name: Test on node ${{ matrix.node-version }} and ${{ matrix.os }} on backend | ||
| runs-on: ${{ matrix.os }} | ||
| strategy: | ||
| matrix: | ||
| os: [ubuntu-latest, windows-latest, macos-latest] | ||
| node-version: [21] | ||
|
|
||
| steps: | ||
| - uses: actions/checkout@v1 | ||
| - name: Use Node.js ${{ matrix.node-version }} | ||
| uses: actions/setup-node@v1 | ||
| with: | ||
| node-version: ${{ matrix.node-version }} | ||
| - run: npm install | ||
| - run: npm test | ||
| env: | ||
| CI: true | ||
| - uses: actions/checkout@v1 | ||
| - name: Use Node.js ${{ matrix.node-version }} | ||
| uses: actions/setup-node@v1 | ||
| with: | ||
| node-version: ${{ matrix.node-version }} | ||
| - run: npm install | ||
| - run: npm test | ||
| env: | ||
| CI: true | ||
|
|
||
| test_backend: | ||
| defaults: |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 6 months ago
To fix the issue, we will add a permissions block at the root of the workflow file. This block will define the minimal permissions required for the workflow. Since the workflow primarily performs linting and testing tasks, it does not require write permissions. We will set contents: read as the permission, which is sufficient for accessing the repository's contents.
The permissions block will be added immediately after the name field at the top of the file. This ensures that the permissions apply to all jobs in the workflow unless overridden by a job-specific permissions block.
| @@ -1,2 +1,4 @@ | ||
| name: Lint and Test | ||
| permissions: | ||
| contents: read | ||
|
|
.github/workflows/ci-workflow.yml
Outdated
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 6 months ago
To fix the issue, we will add a permissions block to the root of the workflow file. This block will define the minimal permissions required for the workflow to function. Since the workflow primarily involves linting, testing, and installing dependencies, it only needs read access to the repository contents. We will set contents: read as the permission for the entire workflow.
| @@ -4,2 +4,5 @@ | ||
|
|
||
| permissions: | ||
| contents: read | ||
|
|
||
| jobs: |
Describe your changes
Please include a summary of the changes and the related issue/task. Please also include relevant motivation and context. List any dependencies that are required for this change, including links to other pull requests/branches in other repositories if applicable.
Issue ticket number and Jira link
Please include the Jira Ticket Number and Link for this issue/task.
Checklist before requesting a review
devnot main (the only exception to this is releases fromdevand hotfix branches)Checklist for conducting a review
Workflow
Owner of the Pull Request will be responsible for merge after all requirements are met, including approval from at least one reviewer. Additional changes made after a review will dismiss any approvals and require re-review of the additional updates. Auto merging can be enabled below if additional changes are likely not to be needed. The bot will auto assign reviewers to your Pull Request for you.