Allow dependencies to upgrade with non-breaking changes #49
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Using the `^` notation to allow the deps of this package to move forward as long as non-breaking changes are introduced to the dependencies. This will remove 9 out 10 vulnerabilities currently introduced by this package's dependencies.
Allow a manual release with a newer version.
Author
|
Travis tests seem to only enforce linting on PRs, I wonder how can the functional correctness be validated. Could not run |
Author
|
👋 @srl295 how do you suggest to proceed? |
Author
|
👋 @srl295 :) |
Author
|
👋 @srl295 :)) |
Author
|
THANKS! |
Author
|
Can you please update once https://www.npmjs.com/package/cf-client is updated with this release? 🙏 |
Author
|
👋 @jsloyer :) |
Author
|
👋 @jsloyer will keep poking here regarding publishing a new release #sorrynotsorry :) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Following a chat on #46 (comment), applying
^to production dependencies' versions to remove vulnerabilities introduced by dependencies.Before: http://snyk.io/test/github/IBM-Cloud/cf-nodejs-client
After: http://snyk.io/test/github/adrukh/cf-nodejs-client