Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(contributing): generate a CONTRIBUTING.md document #10

Open
1 of 14 tasks
gregswindle opened this issue Sep 26, 2017 · 1 comment
Open
1 of 14 tasks

feat(contributing): generate a CONTRIBUTING.md document #10

gregswindle opened this issue Sep 26, 2017 · 1 comment
Assignees
@gregswindle
Labels
Priority: High Status: Available Type: Build Type: CI Type: Docs Type: Feature
Projects
generator-community
Milestone
MVP4: community:c...

Comments

@gregswindle
Copy link
Collaborator

gregswindle commented Sep 26, 2017
edited
Loading

1. Issue type

⌦ Type the letter "x" in the "checkbox" the best describe this issue.

  • Feature: I'm requesting a product enhancement.

2. User story summary

As a repository maintainer,
I need to have a CONTRIBUTING.md document
In order to assist those who want to contribute.

3. Acceptance criteria

  • 1. Maintainers are prompted for their Git branching workflow (feature-branch, Gitflow, or "other")
  • 2. Maintainers are prompted for a URL to their code standards and name (if applicable).
  • 3. Maintainers are prompted for the name and URL to their linter.
  • 4. Maintainers are prompted for their unit testing framework name and URL.
  • 5. Maintainers are prompted for their unit testing Statement, Branch, Method, and Line coverage thresholds.
  • 6. Maintainers are prompted for the name of their Logging library and its URL.
  • 7. Maintainers are prompted for their conventional commit message style (jQuery or Angular).
  • 8. Maintainers are prompted for their product's programing language.
  • 9. Maintainers are prompted for their product's dependency manager.
  • 10. Maintainers are prompted for the path to their product manifest.
  • 11. Maintainers are asked whether to include a section for RESTful APIs.
  • 12. A CONTRIBUTING.md document is generated based on the answers provided.
  • 13. The README.md document has been updated to reflect new features.
@gregswindle gregswindle added this to Backlog in generator-community Sep 26, 2017
@gregswindle gregswindle self-assigned this Sep 30, 2017
gregswindle added a commit that referenced this issue Sep 30, 2017
@gregswindle
build(packages): update dependencies
33060fd 
1. generator-node@2.3.0
2. markdown-magic@0.1.19
3. yeoman-generator@2.0.1
4. babel-jest@21.2.0
5. coveralls@2.13.3
6. eslint@4.8.0
7. eslint-plugin-jest@21.2.0
8. eslint-plugin-node@5.2.0
9. jest@21.2.1
10. jest-cli@21.2.1.
11. nsp@2.8.1

#10
gregswindle added a commit that referenced this issue Sep 30, 2017
@gregswindle
build(contribute): add initial resources
ad9b4c8 
#10
@gregswindle gregswindle mentioned this issue Sep 30, 2017
Open
4 tasks
@gregswindle
Copy link
Collaborator Author

This sucks, since the whole point of including generator-node was to composeWith its existing features and avoid duplication:

nsp check

(+) 5 vulnerabilities found
┌───────────────┬───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┐
│               │ Regular Expression Denial of Service                                                                                                              │
├───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┤
│ Name          │ debug                                                                                                                                             │
├───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┤
│ CVSS          │ 3.7 (Low)                                                                                                                                         │
├───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┤
│ Installed     │ 2.6.8                                                                                                                                             │
├───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┤
│ Vulnerable    │ <= 2.6.8 || >= 3.0.0 <= 3.0.1                                                                                                                     │
├───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┤
│ Patched       │ >= 2.6.9 < 3.0.0 || >= 3.1.0                                                                                                                      │
├───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┤
│ Path          │ generator-community@0.0.0 > generator-license@5.1.0 > yeoman-generator@1.1.1 > debug@2.6.8                                                        │
├───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┤
│ More Info     │ https://nodesecurity.io/advisories/534                                                                                                            │
└───────────────┴───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┘
┌───────────────┬───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┐
│               │ Regular Expression Denial of Service                                                                                                              │
├───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┤
│ Name          │ debug                                                                                                                                             │
├───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┤
│ CVSS          │ 3.7 (Low)                                                                                                                                         │
├───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┤
│ Installed     │ 2.6.8                                                                                                                                             │
├───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┤
│ Vulnerable    │ <= 2.6.8 || >= 3.0.0 <= 3.0.1                                                                                                                     │
├───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┤
│ Patched       │ >= 2.6.9 < 3.0.0 || >= 3.1.0                                                                                                                      │
├───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┤
│ Path          │ generator-community@0.0.0 > generator-license@5.1.0 > yeoman-generator@1.1.1 > yeoman-environment@2.0.3 > debug@2.6.8                             │
├───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┤
│ More Info     │ https://nodesecurity.io/advisories/534                                                                                                            │
└───────────────┴───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┘
┌───────────────┬───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┐
│               │ Regular Expression Denial of Service                                                                                                              │
├───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┤
│ Name          │ debug                                                                                                                                             │
├───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┤
│ CVSS          │ 3.7 (Low)                                                                                                                                         │
├───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┤
│ Installed     │ 2.6.8                                                                                                                                             │
├───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┤
│ Vulnerable    │ <= 2.6.8 || >= 3.0.0 <= 3.0.1                                                                                                                     │
├───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┤
│ Patched       │ >= 2.6.9 < 3.0.0 || >= 3.1.0                                                                                                                      │
├───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┤
│ Path          │ generator-community@0.0.0 > generator-node@2.3.0 > generator-jest@1.4.1 > yeoman-generator@2.0.1 > yeoman-environment@2.0.3 > debug@2.6.8         │
├───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┤
│ More Info     │ https://nodesecurity.io/advisories/534                                                                                                            │
└───────────────┴───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┘
┌───────────────┬───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┐
│               │ Regular Expression Denial of Service                                                                                                              │
├───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┤
│ Name          │ debug                                                                                                                                             │
├───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┤
│ CVSS          │ 3.7 (Low)                                                                                                                                         │
├───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┤
│ Installed     │ 2.6.8                                                                                                                                             │
├───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┤
│ Vulnerable    │ <= 2.6.8 || >= 3.0.0 <= 3.0.1                                                                                                                     │
├───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┤
│ Patched       │ >= 2.6.9 < 3.0.0 || >= 3.1.0                                                                                                                      │
├───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┤
│ Path          │ generator-community@0.0.0 > generator-node@2.3.0 > yeoman-generator@1.1.1 > debug@2.6.8                                                           │
├───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┤
│ More Info     │ https://nodesecurity.io/advisories/534                                                                                                            │
└───────────────┴───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┘
┌───────────────┬───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┐
│               │ Regular Expression Denial of Service                                                                                                              │
├───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┤
│ Name          │ debug                                                                                                                                             │
├───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┤
│ CVSS          │ 3.7 (Low)                                                                                                                                         │
├───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┤
│ Installed     │ 2.6.8                                                                                                                                             │
├───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┤
│ Vulnerable    │ <= 2.6.8 || >= 3.0.0 <= 3.0.1                                                                                                                     │
├───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┤
│ Patched       │ >= 2.6.9 < 3.0.0 || >= 3.1.0                                                                                                                      │
├───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┤
│ Path          │ generator-community@0.0.0 > yeoman-generator@2.0.1 > yeoman-environment@2.0.3 > debug@2.6.8                                                       │
├───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┤
│ More Info     │ https://nodesecurity.io/advisories/534                                                                                                            │
└───────────────┴───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┘

I'll either have to

  • Create my own generators, or
  • Submit PRs to the offending generators.

Although I'd like to do the latter, yeoman-generator's latest version introduced breaking changes, so it's not as easy as it looks. 😧

@gregswindle gregswindle moved this from Backlog to In Progress in generator-community Sep 30, 2017
gregswindle added a commit that referenced this issue Nov 16, 2017
@gregswindle
build(security): update nested packages when possible
2fb2209 
1. 💡 Run npm --depth 20 update
2. Set snyk to ignore shelljs@0.7.8 for 30 days, as there's no fix in site

#10,#14
gregswindle added a commit that referenced this issue Nov 16, 2017
@gregswindle
fix(sonar rule S2424): fix overriden class
e2def09 
See https://sonarcloud.io/organizations/default/rules#rule_key=javascript%3AS2424

#10,#14
gregswindle added a commit that referenced this issue Nov 16, 2017
@gregswindle
docs(license): update license NOTICE
2448758 
#10,#14
gregswindle added a commit that referenced this issue Nov 16, 2017
@gregswindle
docs(changelog): add copy and goal
9c8218b 
#10,#14
gregswindle added a commit that referenced this issue Nov 16, 2017
@gregswindle
style(semicolon): remove code smell
3161a79 
#10,#14
gregswindle added a commit that referenced this issue Nov 16, 2017
@gregswindle
docs(readme): update contributing section
c2c3e5e 
#10,#14
gregswindle added a commit that referenced this issue Nov 16, 2017
@gregswindle
ci(snyk): only invoke snyk during travis builds
531842c 
Running snyk locally is exhausting my "private" licenses 😟

#10,#14
gregswindle added a commit that referenced this issue Nov 16, 2017
@gregswindle
test(license): achieve 100% coverage
f8bf58d 
#10,#14
gregswindle added a commit that referenced this issue Nov 16, 2017
@gregswindle
test(snyk): disable snyk
6a84f26 
Need to execute only in .travis.yml file, since it breaks
Appveyor builds.

#10,#14
@gregswindle gregswindle mentioned this issue Oct 19, 2022
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@gregswindle gregswindle

Labels
Priority: High Status: Available Type: Build Type: CI Type: Docs Type: Feature
Projects
generator-community
  
In Progress
Milestone
MVP4: community:contribute
Development

No branches or pull requests
1 participant
@gregswindle