Skip to content

deps(scaladoc): update flexmark from 0.42.12 to 0.62.2 #17347

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
May 2, 2023
Merged

deps(scaladoc): update flexmark from 0.42.12 to 0.62.2 #17347

merged 4 commits into from
May 2, 2023

Conversation

Dedelweiss
Copy link
Contributor

@Dedelweiss Dedelweiss commented Apr 25, 2023
edited
Loading

This pr updates the flexmark dependencies used in Scaladoc from 0.42.12, which is from 2019, up to the latest release of 0.64.0 to 0.62.2. This is mainly done to tackle a bunch of CVEs that are attached to the old versions of
flexmark.

fixes #16223

@Dedelweiss Dedelweiss force-pushed the support-scaladoc-correction branch 12 times, most recently from db46ecf to f53251c Compare May 1, 2023 08:04
@Dedelweiss Dedelweiss changed the title WIP: Support scaladoc correction WIP: deps(scaladoc): update flexmark from 0.42.12 to 0.62.2 May 1, 2023
@Dedelweiss Dedelweiss force-pushed the support-scaladoc-correction branch 5 times, most recently from d5063f5 to 0b0bb05 Compare May 1, 2023 10:54
@ckipp01 ckipp01 mentioned this pull request May 1, 2023
Closed
ckipp01
ckipp01 reviewed May 1, 2023
View reviewed changes
Copy link
Member

@ckipp01 ckipp01 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Btw you have some unrelated changes in here. Make sure to rebase on the latest main and that might fix them.

@Dedelweiss Dedelweiss force-pushed the support-scaladoc-correction branch 5 times, most recently from 10fd95a to 80c2fcc Compare May 1, 2023 14:27
ckipp01 added 3 commits May 1, 2023 16:27
@ckipp01 @Dedelweiss
deps(scaladoc): update flexmark from 0.42.12 to 0.64.0
3ce3ee5 
This pr updates the flexmark dependencies used in Scaladoc from 0.42.12,
which is from 2019, up to the latest release of 0.64.0. This is mainly
done to tackle a bunch of CVEs that are attatched to the old versions of
flexmark.
@ckipp01 @Dedelweiss
chore: clean up imports in scaladoc
a6f9e3d
@ckipp01 @Dedelweiss
fix: downgrade flexmark to 0.62.2
6fb7b62 
0.64.0 requires Java 11, so we can't move that high
@Dedelweiss Dedelweiss force-pushed the support-scaladoc-correction branch 2 times, most recently from d2b3d03 to 4795e77 Compare May 1, 2023 14:30
@Dedelweiss Dedelweiss changed the title WIP: deps(scaladoc): update flexmark from 0.42.12 to 0.62.2 deps(scaladoc): update flexmark from 0.42.12 to 0.62.2 May 2, 2023
@Dedelweiss Dedelweiss marked this pull request as ready for review May 2, 2023 07:20
ckipp01
ckipp01 requested changes May 2, 2023
View reviewed changes
Copy link
Member

@ckipp01 ckipp01 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great job on this @Dedelweiss! Just a single nit about a comment that we can remove. Other than that this should be good to go!

@Dedelweiss
Correction for the test error
0411f87 
- Add some flexmark research for find_lib
- Improve the way to add new research for find_lib
@Dedelweiss Dedelweiss force-pushed the support-scaladoc-correction branch from 4795e77 to 0411f87 Compare May 2, 2023 07:23
ckipp01
ckipp01 approved these changes May 2, 2023
View reviewed changes
Copy link
Member

@ckipp01 ckipp01 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great work getting this across the finish line @Dedelweiss. LGTM!

@ckipp01 ckipp01 merged commit 4d53eab into scala:main May 2, 2023
@Kordyjan Kordyjan added this to the 3.3.1 milestone Aug 2, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ckipp01 ckipp01 ckipp01 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
3.3.1
Development

Successfully merging this pull request may close these issues.

Update flexmark to a modern version and try to avoid CVEs.
3 participants
@Dedelweiss @ckipp01 @Kordyjan