Releases: ominestre/rotten-deps
Releases · ominestre/rotten-deps
v2.1.2
v2.1.1
v2.1.0
v2.0.0
v2.0.0
Breaking
- Dropped support for Node 12 as it exited maintenance. Added testing support for Node 18 in it's place.
Dependencies
- Updates yargs to 17.5.1 which dropped support for Node 12
- Updates
cli-progressto 3.11.1 which doesn't have consequences for this project
v1.0.1
v1.0.1
Dependencies
- Updated several dev dependencies which finally clears up the
eslint-plugin-importvulnerabilities failing the audit pipeline - Updated
yargs17.4.0 -> 17.4.1- This addresses several bugs that I don't believe have an impact on this project
v1.0.0 The Big Reveal
v1.0.0
🎉 With the hem and haw of the CHANGELOG all of the previous betas weren't done in a way to nicely rollup for the v1.0.0 release notes. So instead here is a nice list of the features I'm launching this with:
API
- Everything is organized so that you can directly import
rotten-depsand use it for programmatic report generation. You can also import the individual libraries for processing config and interacting with NPM but this isn't officially supported at this moment.
CLI
- You can set a default expiration via the CLI flag
--default-expiration - You can output raw JSON instead of a table using the
--jsonflag - By default you get a nice table display
Exit codes for CI
As mentioned in the main README.md the project uses exit codes to differentiate between a success (no outdated), a warn (some outdated but within compliance windows), and a fail (something is outdated beyond compliance window).
Configuration
- You can flat out ignore a dependency from the check using the
ignoreproperty of a rule - You can give a dependency it's own compliance window separate from the default expiration
- You can provide a reason for the whitelist to help you remember why you whitelisted it in the first place (e.g. Depends on Bootstrap v1.2.3 upgrade)
v1.0.0-beta.26
v1.0.0-beta.26
Enhancement
- Enables using
--default-expirationCLI flag alongside a config file. In the case of it being specified in both locations the CLI flag value takes precedence. change - Adds
reasonproperty to the rules for making notes on why you whitelisted a dependency change
Documentation
- Replaces unmaintained typedoc pages plugin change
- Revises the release and config docs. The config docs were missing a property and the formatting was changed for better readability at a glance. change
Chores
- Replaces
cli-tablewithcli-table3since the former is no longer maintained
v1.0.0-beta.25 The Second Derustening
1.0.0-beta.25
Enhancements
- Adds "days allowed" to the report generator and CLI table which represents either the default config or one for the specific rule. This is to help visualize how a dependency was determined to be outdated. change
- Refactored the report generator so that the requests for package details are now done in parallel instead of sequentially change
- Upgraded to Yargs
v17.xwhich drops support for Nodev10.x. Nodev10.xwill no longer be tested
and supported by this project change
Fixes
- Fixed days outdated being calculated incorrectly change
Chores
- Patches Lodash to address command injection in Lodash templates change
- Patches developer dependencies change
- Patches many many more dependencies after a hiatus from the project (didn't keep track of all the PRs)
- Added testing support for Node 16.x
- Dropped support for Node 10.x
Documentation
v1.0.0-beta.24
- BUG: Issue #3 Fixes issue with generating report before installed
- OPS: Configures CI to fail on outdated
- TOOLS: Creates a script for handling releases
- DOCS: Revises the module header TSDoc
Beta 22
v1.0.0-beta.22
- Started drinking our own flavor-aide. Replaced
yarn outdatedwithrotten-deps - Updated dependencies