chore(deps): upgrade @nestjs to 9.3.9

[bahrmichael]

This PR upgrades the @nestjs libraries which were previously at 8.4.4 to 9.3.9.

[wing328]

@bahrmichael thanks for the PR.

The build failed. Can you pleas take a look when you've time?

[bahrmichael]

@wing328 I added a TS instruction, assuming TS became more strict over time and that the previous build failure is not a problem.

[wing328]

I added a TS instruction, assuming TS became more strict over time and that the previous build failure is not a problem.

can we make it less strict for the time being so that the build passes?

what about updating the build to make the tests pass instead?

[bahrmichael]

I'm not sure why the build fails sometimes, and I don't have permission to rerun it. It succeeds locally when I run it with node@16.19.1. Seeing the renovate changes where it sometimes failed and sometimes succeeds it feels like this is out of my control.

can we make it less strict for the time being so that the build passes?

I couldn't find any information how to do that. TS becoming more strict is just a guess, that might be related to other upgrades. Reverting them is not a good idea just to not have the ts-ignore line.

[OptoCloud]

Why not just cast it to any if you are going to ignore the error either way?

(error.response.data as any).on('data', data => this.logger.log(data.toString('utf8')));

[bahrmichael]

Why not just cast it to any if you are going to ignore the error either way?

(error.response.data as any).on('data', data => this.logger.log(data.toString('utf8')));

Good idea! I added this change :)

[trunneml]

Could someone please approve the workflow. This PR upgrades a dep with a security issue.

[bahrmichael]

@wing328 friendly bump :)

[wing328]

approved the workflow to run. let's see how that goes.

[wing328]

I noticed that the build passed via 5c81540

and the commit after that (6a0140c) broke the build.

is 6a0140c critical? can it be reverted for the time being to see if the build passes again?

[wiesnery]

@wing328 this is the second issue, that I see idle for a while and blocked me. Can we work on the community management, so that more members look over issues more frequently? This project is also used in business contexts but the speed of issue management almost holds me back from promoting it any further in sensitive environments.

[wiesnery]

For the time being: This dependably PR seems to build smoothly: #694

A lot of people are waiting on it.

[wing328]

The best way to make certain issues a higher priority is via sponsorship: https://opencollective.com/openapi_generator

[bahrmichael]

I added a revert, and things work fine locally. I'm going to unsubscribe from this issue and trust that you will resolve the security issue soon.

For anyone who doesn't want to wait for this PR, you can use overrides in the package.json.

  "overrides": {
    "@nestjs/common": "9.3.9",
    "@nestjs/core": "9.3.9",
    "@nestjs/testing": "9.3.9"
  }

[wing328]

now all tests passed as indicated in ae627d1

thanks for the PR.

[wing328]

FYI. Merged #699 in order for the build/release to pass in the master.

[wing328]

@bahrmichael thanks again for the PR 🙏

I triggered a release and when I tried to install the latest openapi-generator-cli with npm install -g @openapitools/openapi-generator-cli, I got the following warnings:

➜  openapi-generator7 git:(master) npm install -g @openapitools/openapi-generator-cli

npm WARN ERESOLVE overriding peer dependency
npm WARN While resolving: @nestjs/axios@0.0.8
npm WARN Found: @nestjs/common@9.3.11
npm WARN node_modules/@openapitools/openapi-generator-cli/node_modules/@nestjs/common
npm WARN   @nestjs/common@"9.3.11" from @openapitools/openapi-generator-cli@2.6.0
npm WARN   node_modules/@openapitools/openapi-generator-cli
npm WARN     @openapitools/openapi-generator-cli@"*" from the root project
npm WARN   1 more (@nestjs/core)
npm WARN 
npm WARN Could not resolve dependency:
npm WARN peer @nestjs/common@"^7.0.0 || ^8.0.0" from @nestjs/axios@0.0.8
npm WARN node_modules/@openapitools/openapi-generator-cli/node_modules/@nestjs/axios
npm WARN   @nestjs/axios@"0.0.8" from @openapitools/openapi-generator-cli@2.6.0
npm WARN   node_modules/@openapitools/openapi-generator-cli
npm WARN 
npm WARN Conflicting peer dependency: @nestjs/common@8.4.7
npm WARN node_modules/@nestjs/common
npm WARN   peer @nestjs/common@"^7.0.0 || ^8.0.0" from @nestjs/axios@0.0.8
npm WARN   node_modules/@openapitools/openapi-generator-cli/node_modules/@nestjs/axios
npm WARN     @nestjs/axios@"0.0.8" from @openapitools/openapi-generator-cli@2.6.0
npm WARN     node_modules/@openapitools/openapi-generator-cli

added 9 packages, removed 2 packages, and changed 102 packages in 43s

23 packages are looking for funding
  run `npm fund` for details

Is that something you can help us with by filing a PR to address these warnings?

[wing328]

@wiesnery if you want to, you can now sponsor https://github.com/sponsors/kay-schecker (the author of openapi-generator-cli) directly to financially support his awesome open-source work.