Open fluffynuts opened 4 years ago
Hi @fluffynuts I am a little busy, that's why the project did not have many updates. If you have time, I would love to have more maintainers join me and help you here. Would you like to collaborate?
I would like to! Perhaps what I need to do is create a PR with the smallest update: updating deps to solve npm audit
issues? Does that sound like a plan? I see that there are some automated dependabot PRs for deps -- perhaps accept them so I can fork & solve anything that's outstanding? Those dependabot PRs don't mention lodash, but that's what npm audit
mentioned for me when installing pre-git
@bahmutov I'd still like to help with this - there are a bunch of dependabot PRs outstanding and I don't want to conflict with them if doing a PR
OTOH, I have an idea for a useful feature (imo): the "allow-untracked-files" setting is really useful, but I'd like to be able to configure it for specific git actions, not blanket on/off. To explain: I recently did some work where I wanted to break the work up into 3 separate commits and pre-git blocked me. I want to gate pushes, since tests are run at push-time, so if there are outstanding commits, passing tests possibly don't mean anything, but I'd like to allow committing piece-meal. The suggestion is to make "allow-untracked-files" accept either a boolean or an array of git operations, eg ["commit", "push"]
or ["push"]
(what I'd want). Your thoughts? pre-git
is still a vital part of our workflows, so the project is very-much useful (:
Let me invite you to maintain this @fluffynuts
Thanks, I've accepted. Would you like me to make changes in pull requests to start with so you can vet them? Will you be available to publish once changes are approved? Off the bat, I'd like to just sort out npm audit issues, but I'd really also like fine-grained control over untracked files, as outlined above.
Hi
I (and others) use this project quite extensively. I've noticed that the lodash dep brought in is marked as vulnerable, so I was going to ask if that could be updated; however it looks like the issues that are currently logged here have been stagnant for a while, so I'm wondering if the project is still maintained? If not, I may be tempted to fork if for no other reason than to update vulnerable dependencies.