Bump vscode extension module #16795
Bump vscode extension module #16795
Conversation
|
FYI the CI failure looks like a bit of flakiness. |
kimadeline
left a comment
kimadeline
left a comment
There was a problem hiding this comment.
The security problems should be addressed by #16658.
|
@kimadeline Do we want to bump the lock file version? |
|
@karthiknadig The documentation says the following about
Even though we are using npm 6, this should be fine. npm 7 GAed in February 2021 (blog post), it would be nice to eventually upgrade as well 🙂 |
|
Please hold off merging this as some additional APIs are are needed from the vscode side and this has a bug of creating duplicate log channels. |
| "vscode-debugadapter": "^1.28.0", | ||
| "vscode-debugprotocol": "^1.28.0", | ||
| "vscode-extension-telemetry": "0.1.4", | ||
| "vscode-extension-telemetry": "0.2.2", |
There was a problem hiding this comment.
@lramos15 Should it be updated to 0.2.8 now?
There was a problem hiding this comment.
Yes, but I would still hold out as I've had to bump the version a bunch due to some issues with the web component
FWIW, you don't want to do this, because the CI builder is still using npm 6, so when it installs to build and test, it will use a completely different set of dependencies because it can't handle the new lockfile format. (You'll see on install it says "okay, I'll do my best") |
|
FWIW this will be required for #16871, as the current build doesn't have a browser version. |
|
I filed microsoft/vscode-extension-telemetry#67, but the latest version drops a parameter that we use from the |
|
Done in #17010. |
5 participants
This upgrades the
vscode-extension-telemetrymodule to the latest version which includes security fixes, web support, and a new centralized place for telemetry logging.I did notice that there are 14 moderate security problems with npm modules when running
npm installbut didn't want to break anything so left them be.