Skip to content

Add uphold-scripts to allow removal of critical vulnerabilities #100

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
rplopes merged 1 commit into from
Nov 11, 2019
Merged

Add uphold-scripts to allow removal of critical vulnerabilities #100

rplopes merged 1 commit into from
Nov 11, 2019

Conversation

@cristianooliveira
Copy link
Contributor

@cristianooliveira cristianooliveira commented Nov 7, 2019

Description

Add uphold-scripts which will allow to remove critical vulnerabilities and makes the code easier to maintain.

@cristianooliveira cristianooliveira added the enhancement New feature or request label Nov 7, 2019
@cristianooliveira cristianooliveira self-assigned this Nov 7, 2019
@cristianooliveira cristianooliveira force-pushed the support/add-uphold-scripts-to-remove-some-vulnerabilities branch from 8ec3d3c to 23c9296 Compare November 7, 2019 16:44
rplopes
rplopes suggested changes Nov 7, 2019
View reviewed changes
README.md Outdated

```sh
npm version [<new version> | major | minor | patch] -m "Release %s"
yarn version
Copy link

@rplopes rplopes Nov 7, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
❯ yarn version
❯ yarn version [<new version> | major | minor | patch]

@cristianooliveira cristianooliveira force-pushed the support/add-uphold-scripts-to-remove-some-vulnerabilities branch from 23c9296 to 397d1a0 Compare November 8, 2019 12:00
@rplopes
Copy link

rplopes commented Nov 8, 2019

Travis build failing because the latest eslint requires node version >= 8. We need to change the versions under test in CI to match this. Maybe the LTS ones (8, 10, 12)?

waldyrious
waldyrious reviewed Nov 8, 2019
View reviewed changes
README.md Outdated

```sh
npm version [<new version> | major | minor | patch] -m "Release %s"
yarn version [<new version> | major | minor | patch]
Copy link

@waldyrious waldyrious Nov 8, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shouldn't this be yarn release instead of yarn version?

Also, I think this would be clearer / more explicit:

❯ yarn release ["major" | "minor" | "patch" | <custom version number>] # default: patch

Copy link

@rplopes rplopes Nov 8, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You're right, it's release, not version, didn't even notice that.

About the rest of the text, I don't have a strong opinion, I was just recommending the generic text we're using on other projects.

Copy link

@waldyrious waldyrious Nov 8, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I know. 🙂 I just wanted to take the opportunity to start migrating towards a clearer phrasing (the usual one was confusing to me the first time I saw it).

Copy link
Contributor Author

@cristianooliveira cristianooliveira Nov 11, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So, are we aiming for this one as standard?

❯ yarn release ["major" | "minor" | "patch" | <custom version number>] # default: patch

Copy link

@rplopes rplopes Nov 11, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd at least remove the quotes there, since they might suggest the command is to be run with them.

Copy link

@waldyrious waldyrious Nov 11, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Using quotes has no disadvantage IIUC (the command works as expected), and explicitly indicates that these are specific values to be inputted as-is. So I see no downsides and a slight upside to keeping the quotes.

That said, it's not a strong preference, so if it bothers you a lot, we can remove them.

@cristianooliveira cristianooliveira force-pushed the support/add-uphold-scripts-to-remove-some-vulnerabilities branch from 397d1a0 to 051d3b7 Compare November 8, 2019 15:29
@cristianooliveira
Copy link
Contributor Author

cristianooliveira commented Nov 8, 2019
edited
Loading

Travis build failing because the latest eslint requires node version >= 8. We need to change the versions under test in CI to match this. Maybe the LTS ones (8, 10, 12)?

Makes sense, will update to those ones @rplopes.

@cristianooliveira cristianooliveira force-pushed the support/add-uphold-scripts-to-remove-some-vulnerabilities branch from 051d3b7 to 92d8df3 Compare November 11, 2019 10:18
rplopes
rplopes approved these changes Nov 11, 2019
View reviewed changes
Copy link

@rplopes rplopes left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@rplopes rplopes merged commit 038f75d into master Nov 11, 2019
@rplopes rplopes deleted the support/add-uphold-scripts-to-remove-some-vulnerabilities branch November 11, 2019 17:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

2 more reviewers

@waldyrious waldyrious waldyrious left review comments

@rplopes rplopes rplopes approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@cristianooliveira cristianooliveira

Labels

enhancement New feature or request

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@cristianooliveira @rplopes @waldyrious