Skip to content

Commit f5dc6a8

Browse files
Comp0teclaude
andauthored
build(deps): security dependency bumps (axios, qs, fast-uri, react-router, webpack-dev-server) (#1336)
* build(deps): apply security bumps from dependabot PRs - axios 1.15.2 -> 1.17.0 (config hardening against prototype-pollution driven SSRF; transitive of casper-js-sdk and apisauce) - react-router/react-router-dom 6.30.3 -> 6.30.4 - fast-uri 3.1.0 -> 3.1.2 (GHSA-q3j6-qgpj-74h6, GHSA-v39h-62p7-jpjc) - qs pinned to ^6.15.2 via overrides, covering the security payload of the grouped qs/express/body-parser/web-ext bump without taking the web-ext 8 -> 10 major (requires Node >= 20) - webpack-dev-server 5.2.3 -> 5.2.4 - @babel/plugin-transform-modules-systemjs 7.29.0 -> 7.29.7 - @protobufjs/utf8 1.1.0 -> 1.1.1 The lockfile is regenerated locally so npm ci stays in sync; the dependabot-generated lockfiles dropped the casper-wallet-core git dependency transitives (node-fetch et al.) and broke npm ci, which is why the e2e jobs failed on every dependabot PR. Deferred (require Node >= 20 while the project is on Node 18): serialize-javascript 7.0.5 and web-ext 10. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com> * test(e2e): match 'More' button exactly in staking specs The token-details market data banner renders a "Learn more" link (cspr.trade) when market data loads, and the substring selector getByText('More') then resolves to two elements, failing the staking specs with a strict mode violation. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com> --------- Co-authored-by: Claude Fable 5 <noreply@anthropic.com>
1 parent 710fc7b commit f5dc6a8

5 files changed

Lines changed: 221 additions & 136 deletions

File tree

e2e-tests/popup/stakes/delegate.spec.ts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,7 @@ popup.describe('Popup UI: Delegation', () => {
1111
route.fulfill(RPC_RESPONSE.success)
1212
);
1313

14-
await popupPage.getByText('More').click();
14+
await popupPage.getByText('More', { exact: true }).click();
1515

1616
await popupPage.getByText('Delegate', { exact: true }).click();
1717

e2e-tests/popup/stakes/redelagation.spec.ts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,7 @@ popup.describe('Popup UI: Redelegation', () => {
1616
route.fulfill(RPC_RESPONSE.success)
1717
);
1818

19-
await popupPage.getByText('More').click();
19+
await popupPage.getByText('More', { exact: true }).click();
2020

2121
await popupPage.getByText('Redelegate', { exact: true }).click();
2222

e2e-tests/popup/stakes/undelegate.spec.ts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,7 @@ popup.describe('Popup UI: Undelegation', () => {
1111
route.fulfill(RPC_RESPONSE.success)
1212
);
1313

14-
await popupPage.getByText('More').click();
14+
await popupPage.getByText('More', { exact: true }).click();
1515

1616
await popupPage.getByText('Undelegate', { exact: true }).click();
1717

0 commit comments

Comments
 (0)