Closed Bug 1605235 Opened 2 months ago Closed 2 months ago

update npm 6.13.4 to close package.json binary planting bug

Categories

(Firefox :: Messaging System, defect, P1)

defect

Tracking

()

RESOLVED FIXED
Firefox 73
Tracking Status
firefox73 --- fixed

People

(Reporter: dmose, Assigned: dmose)

References

(Blocks 1 open bug)

Details

Attachments

(1 file)

We should fix the various ways in which we use npm so that we're requiring 6.13.4 whereever possible (see https://blog.npmjs.org/post/189618601100/binary-planting-with-the-npm-cli for details).

In particular, we'd like developers using npm locally to be using 6.13.4 whenever possible.

For this, I'm intending to update browser/components/newtab/{package.json,.nvmrc}.

Ideally we'd be doing the right thing for taskcluster mochitest & unit test runs as well, but I suspect that's not really a big deal, since presumably, while they could potentially corrupt the VMs they're running in, presumably those VMs don't have the privs to do anything interesting (like, say, commit code). dveditz, does that sound right?

Pushed by dmosedale@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/2fa2cb1fe36b
Update node/npm to 8.17.0/6.13.4, r=Mardak
Status: NEW → RESOLVED
Closed: 2 months ago
Resolution: --- → FIXED
Target Milestone: --- → Firefox 73
You need to log in before you can comment on or make changes to this bug.