-
Notifications
You must be signed in to change notification settings - Fork 55
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bump semver to 7.5.4 #240
Bump semver to 7.5.4 #240
Conversation
After the first release of this feature the version will always be non-undefined
We should probably create a minor release, after this one, for the security update, and for the new feature. |
@@ -20,13 +20,6 @@ jobs: | |||
sed -i'.bak' \ | |||
-e "s/const setupBeamVersion = '.*'/const setupBeamVersion = '${SHA}'/g" \ | |||
dist/index.js | |||
# it always starts by being 'undefined' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is this intentional?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes. I mean it's not directly related to my initial intention, but it doesn't always start by being undefined
, since once we change it, it goes to the dist
and then it's not undefined
any more 👍
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I ended up tweaking it more after I tried to do another pull request and run into "issues". (basically we need to update the .js
that we usually do and then run npm run build-dist
instead of only doing the change in the dist
files)
68568e7
to
980f47e
Compare
We stop doing dist vs. src checks on non-main, since main will always run `npm run build-dist` We start changing `src/setup-beam.js` instead of `dist`, so local changes don't show changes to untouched elements We improve on the commit message to show this was not a pull request or human
Description
... as per Dependabot (CVE-2022-25883).