search

StackStorm / st2chatops

Packaging environment for building StackStorm chatops native packages
Apache License 2.0
32 stars 41 forks source link

Update hubot-stackstorm to 0.10.3 #150

Closed blag closed 4 years ago

blag commented 4 years ago

Update hubot-stackstorm to version 0.10.3 to pull in StackStorm/hubot-stackstorm#203 which pulled in st2client.js version 1.2.2 from StackStorm/st2client.js#76.

I had to manually add the minimum amount of changes to npm-shrinkwrap.json - we will need to update it fully in StackStorm/st2chatops#133.

@armab As the release manager for version 3.2, I'll leave this to you to merge.

arm4b commented 4 years ago

Thanks!

Because adding package-lock.json in https://github.com/StackStorm/st2client.js/pull/77 uncovered a can of worms in dependencies https://github.com/StackStorm/st2client.js/network/alerts and so this PR is not enough to mitigate st2chatops issues, I will postpone this PR to v3.2.1 which will be dedicated to both st2web and st2chatops security dependencies fixes.

arm4b commented 4 years ago

@nmaludy I'm also + :100: if we add the Changelog. https://github.com/StackStorm/st2chatops/issues/149 can be done anytime, someone just need to get through the history of at least 1 full release and nicely compose them in a meaningful changelog list as a new PR.

blag commented 4 years ago

Related: StackStorm/st2client.js#79 - all of them are just devDependencies though, so it won't affect production.