- Updates multiple dev dependency minor versions PR
- Updated Yargs and CLI progress minor versions. Changes should not be significant to this project. PR
- Vulnerability patching for
json5PR - Vulnerability patching for
minimatchPR - Updates TypeScript to v4.9 PR
- Updates minor/patch versions of all dependencies PR
- Adding CLI argument
--prodand a configuration item for only analyzing production dependencies issue change
- Fixed a broken link in the generated docs for the How-To guide on doing a release
- Dropped support for Node 12 as it exited maintenance. Added testing support for Node 18 in it's place.
- Updates yargs to 17.5.1 which dropped support for Node 12
- Updates
cli-progressto 3.11.1 which doesn't have consequences for this project
- Updated several dev dependencies which finally clears up the
eslint-plugin-importvulnerabilities failing the audit pipeline - Updated
yargs17.4.0 -> 17.4.1- This addresses several bugs that I don't believe have an impact on this project
🎉 With the hem and haw of the CHANGELOG all of the previous betas weren't done in a way to nicely rollup for the v1.0.0 release notes. So instead here is a nice list of the features I'm launching this with:
- Everything is organized so that you can directly import
rotten-depsand use it for programmatic report generation. You can also import the individual libraries for processing config and interacting with NPM but this isn't officially supported at this moment.
- You can set a default expiration via the CLI flag
--default-expiration - You can output raw JSON instead of a table using the
--jsonflag - By default you get a nice table display
As mentioned in the main README.md the project uses exit codes to differentiate between a success (no outdated), a warn (some outdated but within compliance windows), and a fail (something is outdated beyond compliance window).
- You can flat out ignore a dependency from the check using the
ignoreproperty of a rule - You can give a dependency it's own compliance window separate from the default expiration
- You can provide a reason for the whitelist to help you remember why you whitelisted it in the first place (e.g. Depends on Bootstrap v1.2.3 upgrade)
- Enables using
--default-expirationCLI flag alongside a config file. In the case of it being specified in both locations the CLI flag value takes precedence. change - Adds
reasonproperty to the rules for making notes on why you whitelisted a dependency change
- Replaces unmaintained typedoc pages plugin change
- Revises the release and config docs. The config docs were missing a property and the formatting was changed for better readability at a glance. change
- Replaces
cli-tablewithcli-table3since the former is no longer maintained
- Adds "days allowed" to the report generator and CLI table which represents either the default config or one for the specific rule. This is to help visualize how a dependency was determined to be outdated. change
- Refactored the report generator so that the requests for package details are now done in parallel instead of sequentially change
- Upgraded to Yargs
v17.xwhich drops support for Nodev10.x. Nodev10.xwill no longer be tested and supported by this project change
- Fixed days outdated being calculated incorrectly change
- Patches Lodash to address command injection in Lodash templates change
- Patches developer dependencies change
- Patches many many more dependencies after a hiatus from the project (didn't keep track of all the PRs)
- Added testing support for Node 16.x
- Dropped support for Node 10.x
- Added docs on contributing to the project change
- Added docs on how the days outdated are determined change
- Changed the format of
CHANGELOG.mdagain change - Fixed typos and linting issues in all of the projects documentation change
- BUG: Issue #3 Fixes issue with generating report before installed
- OPS: Configures CI to fail on outdated
- TOOLS: Creates a script for handling releases
- DOCS: Revises the module header TSDoc
- DOCS: rebuilds README.md
- DOCS: Adds documentation for creating a config file
- DOCS/TOOLS: Patches
typedoc-plugin-pagesto fix inconsistency with the latest version oftypescriptandtypedoc - MINOR: Adds tast to preserve
.nojekyllafter running a docs clean task
- Started drinking our own flavor-aide. Replaced
yarn outdatedwithrotten-deps - Updated dependencies
- adds optional progress bar to report generation using CLI flag
--progress
- fixes 404 github pages by disabling jekyll
- makes
docs/the equivalent todocs/generated/since that's where GitHub pages looks - created
documentation/for the actual user created markdown files
- adds tsdoc for generation of reference docs
- adds tsdoc-pages for inclusion of markdown files in generated reference docs
- fixes issue where
configandnpm-interactionslibraries were not being included in the NPM publish
- @synth3tk added unit of measurement for clarity on grace period docs
- fixed incorrect package name in readme
- enables typescript strict mode and resolves any outstanding issues
- revises documentation
- updates dependencies
- allows CLI usage without a config file by specifying a default grace period for expiration
- converted remaining tests to typescript and dropped babel as a dev dependency since it was no longer needed
- updated dependencies
- adds exit codes for pass, fail, and warn to the CLI
- adds
isStalecheck for dependencies
- upped timeouts for api tests again
- configures mocha for using
.tsfiles - updates tsconfig type config to use mocha and chai types
- configures build to run prior to testing
- indicates in CLI report if a dependency was ignored
- updates dependencies
- installs
sample-appas a pretest hook sincenpm outdatedrelies on your installed version
- suppress config error table when running tests
- add unit tests for the api
- split up github actions for yarn audit, yarn outdated, and build/test
- allows yarn outdated to fail because it constantly fails