Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

release 2.0.0 #95

Merged
merged 1 commit into from
Jan 19, 2022
Merged

release 2.0.0 #95

merged 1 commit into from
Jan 19, 2022

Conversation

esarafianou
Copy link
Contributor

Description

  1. Prepares for release 2.0.0, which drops support for Node 8.
  2. Also updates package lock file to version 2 which is backwards compatible to version 1

@esarafianou esarafianou requested a review from a team as a code owner January 13, 2022 14:55
radekk
radekk previously approved these changes Jan 13, 2022
View reviewed changes
Copy link
Contributor

@radekk radekk left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍🏻

gkwang
gkwang requested changes Jan 13, 2022
View reviewed changes
Copy link
Contributor

@gkwang gkwang left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we update this as well:

node-xml-encryption/package.json

Line 35 in 291f3f1

"node": ">=8"

@gkwang
Copy link
Contributor

gkwang commented Jan 13, 2022
edited

nit: Also do we still want to keep the package-lock file since this is a library and considering it was removed in the previous PR?

release 2.0.0
77ccf3b 
Also updates package lock file to version 2; backwards compatible to
version 1
@esarafianou
Copy link
Contributor Author

@gkwang was the package-lock file ever removed? Based on it's history here: https://github.com/auth0/node-xml-encryption/commits/master/package-lock.json, it's been around since Jan 2020.

@forty
Copy link
Contributor

forty commented Jan 14, 2022

My 2 cents since I'm around ;) having or not a package lock is a recurring debate in npm modules.

It can still make sense to lock the dependencies of libraries, if only for the dev ones, as it makes CI build more reproducible (ie the build won't start failing when there is no change in the repository).

The lock will have no impact on the users of the library as it's not included in the package, and they should do their own locking

gkwang
gkwang approved these changes Jan 14, 2022
View reviewed changes
Copy link
Contributor

@gkwang gkwang left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sounds good. I think we can leave the package-lock around to make some of our tools happy.

@esarafianou esarafianou merged commit 28cc6f1 into master Jan 19, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gkwang gkwang gkwang approved these changes

@radekk radekk radekk left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@esarafianou @gkwang @forty @radekk