Skip to content

Updated axios, playwright versions to resolve dependencies #6018

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Updated axios, playwright versions to resolve dependencies #6018

wants to merge 1 commit into from
+18 −34

Conversation

@angelcaz-msft
Copy link
Member

@angelcaz-msft angelcaz-msft commented Nov 28, 2025

What

Updated axios to ^1.12.2 and playwright (including playwright-core) to ^1.55.1 across the entire repository by adding globalOverrides in common/config/rush/pnpm-config.json.

Why

To address security vulnerabilities found in older versions of axios (< 1.12.2) and playwright (1.55.0). These dependencies were being pulled in transitively by other packages, so globalOverrides was used to enforce the secure versions repository-wide.

image

How Tested

  • Ran rush update --full and rush update --full --variant stable to regenerate lockfiles.
  • Verified common/config/rush/pnpm-lock.yaml to ensure axios and playwright versions are updated and overrides are applied.
  • Validated that the build passes locally.

Process & policy checklist

  • I have updated the project documentation to reflect my changes if necessary.
  • I have read the CONTRIBUTING documentation.

Is this a breaking change?

  • This change causes current functionality to break.

@angelcaz-msft angelcaz-msft requested review from a team as code owners November 28, 2025 21:41
@angelcaz-msft angelcaz-msft added the does not need changelog Changes that does not affect the published package in any way do not need changelog entry label Nov 28, 2025
@github-actions
Copy link
Contributor

github-actions bot commented Nov 28, 2025

📦 Calling bundle size

Bundle Base Size (bytes) Current Size (bytes) Change Delta (bytes)
build.bundle.js 6767681 6767742 ⚠️ increased 61
580.bundle.js 12407925 12407925 ➖ unchanged 0

Total change: +61 B ⚠️

@github-actions
Copy link
Contributor

github-actions bot commented Nov 28, 2025

📦 Chat bundle size

Bundle Base Size (bytes) Current Size (bytes) Change Delta (bytes)
build.bundle.js 1793916 1793883 ⬇️ decreased -33
398.bundle.js 375829 375829 ➖ unchanged 0
450.bundle.js 4454 4454 ➖ unchanged 0
82.bundle.js 28161 28161 ➖ unchanged 0
91.bundle.js 4102 4102 ➖ unchanged 0

Total change: -33 B ⬇️

@github-actions
Copy link
Contributor

github-actions bot commented Nov 28, 2025

📦 CallWithChat bundle size

Bundle Base Size (bytes) Current Size (bytes) Change Delta (bytes)
build.bundle.js 7758336 7758397 ⚠️ increased 61
450.bundle.js 4470 4470 ➖ unchanged 0
580.bundle.js 12407938 12407938 ➖ unchanged 0
727.bundle.js 372564 372564 ➖ unchanged 0
82.bundle.js 28177 28177 ➖ unchanged 0
91.bundle.js 4118 4118 ➖ unchanged 0

Total change: +61 B ⚠️

@github-actions
Copy link
Contributor

github-actions bot commented Nov 28, 2025

@azure/communication-react jest test coverage for stable.

Lines Statements Functions Branches
Base 29739 / 47381
62.76%		 29739 / 47381
62.76%		 810 / 1491
54.32%		 2394 / 3842
62.31%
Current 29740 / 47383
62.76%		 29740 / 47383
62.76%		 810 / 1491
54.32%		 2394 / 3842
62.31%
Diff 1 / 2
0%		 1 / 2
0%		 0 / 0
0%		 0 / 0
0%

@github-actions
Copy link
Contributor

github-actions bot commented Nov 28, 2025

@azure/communication-react jest test coverage for beta.

Lines Statements Functions Branches
Base 58580 / 95109
61.59%		 58580 / 95109
61.59%		 1180 / 2709
43.55%		 3417 / 5799
58.92%
Current 58644 / 95117
61.65%		 58644 / 95117
61.65%		 1180 / 2709
43.55%		 3406 / 5799
58.73%
Diff 64 / 8
0.06%		 64 / 8
0.06%		 0 / 0
0%		 -11 / 0
-0.19%

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@JamesBurnside JamesBurnside Awaiting requested review from JamesBurnside JamesBurnside is a code owner automatically assigned from Azure/acs-ui-web-calling-reviewer-1

@dmceachernmsft dmceachernmsft Awaiting requested review from dmceachernmsft dmceachernmsft is a code owner automatically assigned from Azure/acs-ui-web-calling-reviewer-1

@carocao-msft carocao-msft Awaiting requested review from carocao-msft carocao-msft is a code owner automatically assigned from Azure/acs-ui-web-calling-reviewer-1

@edwardlee-msft edwardlee-msft Awaiting requested review from edwardlee-msft edwardlee-msft is a code owner automatically assigned from Azure/acs-ui-web-calling-reviewer-1

@mgamis-msft mgamis-msft Awaiting requested review from mgamis-msft mgamis-msft is a code owner automatically assigned from Azure/acs-ui-web-calling-reviewer-2

@prabhjot-msft prabhjot-msft Awaiting requested review from prabhjot-msft prabhjot-msft is a code owner automatically assigned from Azure/acs-ui-web-calling-reviewer-2

@AliRafiee AliRafiee Awaiting requested review from AliRafiee AliRafiee is a code owner automatically assigned from Azure/acs-ui-web-chat-reviewer-1

@juancamilor juancamilor Awaiting requested review from juancamilor juancamilor is a code owner automatically assigned from Azure/acs-ui-web-chat-reviewer-1

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

does not need changelog Changes that does not affect the published package in any way do not need changelog entry

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@angelcaz-msft