Release 0.3.17 (template updates) - ?? #1076
Conversation
|
@Feder1co5oave: Are we in the forcing merges despite failing tests phase?? |
|
Currently, we are. We haven't been in an "all tests passing" status for a long time. Once we fix that test case, we'll make sure that new PRs don't introduce new failing tests. |
|
Think this now covers all the feedback in #1075 except what's under the "input" header - maybe a different issue or conversation. Taking out the WIP part. |
|
Note: Leaving in the possibility that the release doesn't actually change the library because we may need to change the README or something without actually changing the code...not sure NPM updates that without publishing a version...could be totally wrong (NPM is definitely different than Packagist). If we can update the README displayed on NPM without publishing an update to NPM - let me know and will definitely take that part out. |
|
NPM requires publishing a new version to update the README. It should be a patch update like with |
|
I suppose I could always rollback on my branch but let's see if we can do it this way.
@Feder1co5oave, @UziTech, and @styfle: Broke and fixed some things. |
|
[edit]: Should not have that problem again... We also have bigger fish to fry, I think right now regarding the REDOS thing. The changes being made by this PR, beyond the actual package code, are minor and can be easily changed in future. |
|
I really thought it obvious that release PRs should only be about releasing and nothing else. Since it is not, I'm now proposing that they are, and to make this a hard rule to follow. Releasing to npm just to update template changes that are specific to github is nonsense, because they're used only by github. We shouldn't release unless we've got a real reason to. Is this supposed to be a draft? |
| @@ -41,7 +41,7 @@ | |||
| "bench": "node test --bench", | |||
| "lint": "eslint --fix lib/marked.js test/index.js", | |||
| "build": "uglifyjs lib/marked.js -cm --comments /Copyright/ -o marked.min.js", | |||
| "preversion": "npm run build" | |||
| "preversion": "npm run build && (git diff --quiet || git commit -am 'minify')" | |||
There was a problem hiding this comment.
This was a recommendation from @UziTech. Basically instead of build then commit min...let NPM + Git do it for us. As far as the details of what Git is actually doing I would have to read the docs.
I agree with @Feder1co5oave 💯 |
|
@styfle: I agree with @Feder1co5oave as well regarding releasing when we need to not because of some updates to documentation, which is not what caused this PR to become a release. And we have a reason. I really feel like I'm getting a little beat up over something that I was actually doing to try and help fix a problem. Not only that, but now we have a bunch of reasons to do a release. @Feder1co5oave: Yes, that's supposed to be a draft - I suppose in my zeal and excitement of getting testing updated, the DOS solution in place, having solid docs up on the board, improving the processes and templates for us, having our first contributor who wasn't the four of us report and fix something, and so on, I accidentally hit publish instead of save draft...again, accidents happen... Gotta step away for a minute, I think...been a busy day on here. |
|
Actually I still see it as a draft release...with all the updates as to why it's a release. And, once we merge in #1083 - we got one more reason to do a release.
|
|
@joshbruce
To quote @Feder1co5oave
|
|
@joshbruce I now see it as a draft too. I think the new v0.3.17 tag confused me(?) |
|
@styfle: Agreed. I accidentally pulled master in a way that brought the release-worthy PR submission from @Feder1co5oave into this branch because I was on it. [edit] I also accidentally merged something before we finished the 0.3.16 release on GitHub, which means we technically could not do one, because it would be out of sync with NPMJS; therefore, updated the process accordingly. Given the overall state of things - I don't think it's the end of the world. NPM and GitHub releases are two completely different things - and neither one has actually happened yet for 0.3.17. So, if we review the templates - without getting hung up on how we got here - approve them (which I've been using them all day today anyway).
Then our potential future contributors get updated docs (including the AUTHORS file to start working on governance and community things), we get updated checklists that are cleaner, and even a security vulnerability check to boot. @Feder1co5oave: Yeah. The tag thing confused me as well. Not sure what's going on there. ps. Even if we don't like these templates...we can update them in pretty short order. I'm more concerned with Marked ending up on the blacklist again and us sticking so much to process that we can't handle accidents committed by contributors easily...including within the ring of committers. |
|
We also get the improvements to the testing harness submitted by @UziTech and @davisjam. Yes, they should be two separate PRs. Yes, up to this point, they always have been. Yes, in the future, given the updated checklists, it should be harder to have something like this happen again. [edit] No, I don't think it needs to be a hard and fast rule...I don't do well with hard rules when it comes to processes; there's always an exception that will happen and the rule should not be (or, in this case, doesn't necessarily have to be) followed. |
Release 0.3.17 (template updates) - ??
Description
Submitter
$ npm versionhas been run.masterwith correct version number.$ npm publishhas been run.Note: If merges to
masteroccur after submitting this PR and before running$ npm pubishyou should be able toupstream/masterinto the branch holding this version,$ npm run buildto regenerate theminfile, andReviewer
package.jsonhas been updated (see RELEASE.md).marked.min.jshas been updated; or,