-
-
Notifications
You must be signed in to change notification settings - Fork 62
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add NPM autodiscovery #1065
Add NPM autodiscovery #1065
Conversation
Signed-off-by: Olblak <me@olblak.com>
Well in fact it should ignore any non semver version https://docs.npmjs.com/cli/v6/configuring-npm/package-json#dependencies |
npm package allows dots in name such as "highlight.js" which is not compatible with the current json key. |
After a night thinking on this, I realize that I took a different path than Dependabot. On the other side, Dependabot proposes a version bump following the same version pattern so it would propose I do prefer to assume that a version constraint specified in a package.json has a meaning that Updatecli shouldn't override |
Signed-off-by: Olblak <me@olblak.com>
Signed-off-by: Olblak <me@olblak.com>
Signed-off-by: Olblak <me@olblak.com>
…ailable Signed-off-by: Olblak <me@olblak.com>
I improved the crawler to add an additional target to cleanup the lock file generated by yarn or npm.
I am now facing two additional issues
Working on #942 could solve the current issues |
Signed-off-by: Olblak <me@olblak.com>
Signed-off-by: Olblak <me@olblak.com>
Signed-off-by: Olblak <me@olblak.com>
Signed-off-by: Olblak <me@olblak.com>
Signed-off-by: Olblak <me@olblak.com>
Update on my testing of this pullrequest. The "file/checksum" shell success criteria doesn't fully solve my problem. As it checks if a file changed or not, in dry-run mode, Updatecli do not detect if a file should be changed even though the console output correctly display a change such as
|
Signed-off-by: Olblak <me@olblak.com>
Signed-off-by: Olblak <me@olblak.com>
Signed-off-by: Olblak <me@olblak.com>
Signed-off-by: Olblak <me@olblak.com>
Signed-off-by: Olblak <me@olblak.com>
Signed-off-by: Olblak <me@olblak.com>
Signed-off-by: Olblak <me@olblak.com>
Signed-off-by: Olblak <me@olblak.com>
Signed-off-by: Olblak <me@olblak.com>
…autodiscovery/npm
Signed-off-by: Olblak me@olblak.com
Dependson:
Add npm autodiscovery to bump any version specified as
dependencies
ordevDependencies
specified in apackage.json
Updatecli ignores version bump for the following scenarios
package.json
innode_modules
directoriesExample
Manifest
Click to expand
Pipeline Run
Click to expand
Test
To test this pull request, you can run the following commands:
Additional Information
Tradeoff
Potential improvement