chore: bump @conduction/nextcloud-vue to ^0.1.0-beta.17#1423
chore: bump @conduction/nextcloud-vue to ^0.1.0-beta.17#1423WilcoLouwerse merged 3 commits intodevelopmentfrom
Conversation
Aligns this app's @conduction/nextcloud-vue dependency with the fleet-leading version (mydash). Per the 2026-05-03 OR-abstraction audit, stream 3 (repo hygiene): apps drifted across 6 versions from beta.1 to beta.17. Audit reference: .claude/audit-2026-05-03/03-repo-hygiene.md
Quality Report — ConductionNL/openregister @
|
| Check | PHP | Vue | Security | License | Tests |
|---|---|---|---|---|---|
| lint | ✅ | ||||
| phpcs | ✅ | ||||
| phpmd | ✅ | ||||
| psalm | ✅ | ||||
| phpstan | ✅ | ||||
| phpmetrics | ✅ | ||||
| eslint | ❌ | ||||
| stylelint | ❌ | ||||
| composer | ✅ | ✅ 147/147 | |||
| npm | ❌ | ❌ | |||
| PHPUnit | ⏭️ | ||||
| Newman | ⏭️ | ||||
| Playwright | ⏭️ |
Quality workflow — 2026-05-03 17:49 UTC
Download the full PDF report from the workflow artifacts.
…eta.17 npm resolved the caret range to the latest available pre-release (beta.18), unblocking npm ci / audit / license / eslint quality checks.
WilcoLouwerse
left a comment
WilcoLouwerse
left a comment
There was a problem hiding this comment.
2 blockers: the lockfile actually installs beta.18 while package.json says beta.17 and the title advertises beta.17, and zero CI checks ran on this SHA for a production app. Two concerns: caret on a beta pre-release allows unbounded future drift and there's no changelog reference for what changed between beta.16 and beta.18. Pin to an exact version, get CI green, then revisit.
Drops the caret prefix and resyncs package-lock.json so npm ci installs exactly 0.1.0-beta.17. Previous state: package.json said `^0.1.0-beta.17` but the lockfile had resolved to 0.1.0-beta.18 — a mismatch with the PR title/description and a silent drift risk on every fresh `npm install`. Addresses review feedback on PR #1423: pin pre-release deps exactly so beta-to-beta jumps require an intentional human bump rather than caret drift. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
WilcoLouwerse
left a comment
WilcoLouwerse
left a comment
There was a problem hiding this comment.
Re-review on c7a70bafa — all findings from the prior CHANGES_REQUESTED review are addressed at the diff level: package.json and package-lock.json are both pinned to exact 0.1.0-beta.17, caret dropped, and the vue-frag whitespace normalisation is acknowledged in the PR description. No new findings.
Note: only Newman API Test Suite triggered on this head (passed ✅); the Quality workflow (eslint/stylelint/etc.) didn't run on c7a70bafa — that's a CI trigger gap, not a code issue, already noted in the inline thread.
4 participants
Summary
Aligns
@conduction/nextcloud-vuewith the fleet-leading version (^0.1.0-beta.17). OR was on0.1.0-beta.16(1 patch behind, no caret prefix).Single-line bump in
package.json.Audit reference
2026-05-03 OR-abstraction audit, stream 3 (repo hygiene).
Production-app review
OR is in production. Per
feedback_pr-merge-authority.md, this PR awaits explicit user review before merge — even though the diff is mechanical (one line). Note: the^prefix is a deliberate change too (was hardcoded0.1.0-beta.16); converting to caret matches the rest of the fleet's convention.