Skip to content

release 2.0.0#95

Merged
esarafianou merged 1 commit intomasterfrom
release_v2
Jan 19, 2022
Merged

release 2.0.0#95
esarafianou merged 1 commit intomasterfrom
release_v2

Conversation

@esarafianou
Copy link
Contributor

@esarafianou esarafianou commented Jan 13, 2022

Description

  1. Prepares for release 2.0.0, which drops support for Node 8.
  2. Also updates package lock file to version 2 which is backwards compatible to version 1

@esarafianou esarafianou requested a review from a team as a code owner January 13, 2022 14:55
radekk
radekk previously approved these changes Jan 13, 2022
View reviewed changes
Copy link
Contributor

@radekk radekk left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍🏻

gkwang
gkwang requested changes Jan 13, 2022
View reviewed changes
Copy link
Contributor

@gkwang gkwang left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we update this as well:

node-xml-encryption/package.json

Line 35 in 291f3f1

"node": ">=8"

@gkwang
Copy link
Contributor

gkwang commented Jan 13, 2022
edited
Loading

nit: Also do we still want to keep the package-lock file since this is a library and considering it was removed in the previous PR?

release 2.0.0
77ccf3b 
Also updates package lock file to version 2; backwards compatible to
version 1
@esarafianou
Copy link
Contributor Author

esarafianou commented Jan 14, 2022

@gkwang was the package-lock file ever removed? Based on it's history here: https://github.com/auth0/node-xml-encryption/commits/master/package-lock.json, it's been around since Jan 2020.

@forty
Copy link
Contributor

forty commented Jan 14, 2022

My 2 cents since I'm around ;) having or not a package lock is a recurring debate in npm modules.

It can still make sense to lock the dependencies of libraries, if only for the dev ones, as it makes CI build more reproducible (ie the build won't start failing when there is no change in the repository).

The lock will have no impact on the users of the library as it's not included in the package, and they should do their own locking

gkwang
gkwang approved these changes Jan 14, 2022
View reviewed changes
Copy link
Contributor

@gkwang gkwang left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sounds good. I think we can leave the package-lock around to make some of our tools happy.

@esarafianou esarafianou merged commit 28cc6f1 into master Jan 19, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gkwang gkwang gkwang approved these changes

+1 more reviewer

@radekk radekk radekk left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@esarafianou @gkwang @forty @radekk