Closed dbashford closed 4 years ago
Merging #92 into master will not change coverage. The diff coverage is
100%
.
@@ Coverage Diff @@
## master #92 +/- ##
=====================================
Coverage 100% 100%
=====================================
Files 10 10
Lines 617 622 +5
Branches 94 94
=====================================
+ Hits 617 622 +5
Impacted Files | Coverage Δ | |
---|---|---|
lib/ipv6.js | 100% <100%> (ø) |
:arrow_up: |
lib/ipv4.js | 100% <100%> (ø) |
:arrow_up: |
Continue to review full report at Codecov.
Legend - Click here to learn more
Δ = absolute <relative> (impact)
,ø = not affected
,? = missing data
Powered by Codecov. Last update 40a9832...19b63d3. Read the comment docs.
as noted in that issue we can’t use the individual libraries because they suffer from security vulnerabilities and have not been updated in some time—i’ll see what may be possible for the few lodash methods we use
On Sat, Aug 31 2019 at 19:25, notifications@github.com wrote:
Codecov https://codecov.io/gh/beaugunderson/ip-address/pull/92?src=pr&el=h1 Report
Merging #92 https://codecov.io/gh/beaugunderson/ip-address/pull/92?src=pr&el=desc into master https://codecov.io/gh/beaugunderson/ip-address/commit/40a98327cbc8fec024bae7d6667249fb4238d461?src=pr&el=desc will not change coverage. The diff coverage is 100%.
[image: Impacted file tree graph] https://codecov.io/gh/beaugunderson/ip-address/pull/92?src=pr&el=tree
@@ Coverage Diff @@
master #92 +/-
=====================================
Coverage 100% 100%
=====================================
Files 10 10
Lines 617 622 +5
Branches 94 94
=====================================
- Hits 617 622 +5
Impacted Files https://codecov.io/gh/beaugunderson/ip-address/pull/92?src=pr&el=tree Coverage Δ lib/ipv6.js https://codecov.io/gh/beaugunderson/ip-address/pull/92/diff?src=pr&el=tree#diff-bGliL2lwdjYuanM= 100% <100%> (ø) [image: ⬆]️ lib/ipv4.js https://codecov.io/gh/beaugunderson/ip-address/pull/92/diff?src=pr&el=tree#diff-bGliL2lwdjQuanM= 100% <100%> (ø) [image: ⬆]️
Continue to review full report at Codecov https://codecov.io/gh/beaugunderson/ip-address/pull/92?src=pr&el=continue .
Legend - Click here to learn more https://docs.codecov.io/docs/codecov-delta Δ = absolute
(impact), ø = not affected, ? = missing data Powered by Codecov https://codecov.io/gh/beaugunderson/ip-address/pull/92?src=pr&el=footer. Last update 40a9832...19b63d3 https://codecov.io/gh/beaugunderson/ip-address/pull/92?src=pr&el=lastupdated. Read the comment docs https://docs.codecov.io/docs/pull-request-comments . — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/beaugunderson/ip-address/pull/92?email_source=notifications&email_token=AAAPCX3CEYMA32IUDCMBKALQHMRYHA5CNFSM4ISVLB2KYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD5TY3LY#issuecomment-526880175, or mute the thread https://github.com/notifications/unsubscribe-auth/AAAPCX4CTNGDGBX7REYBRA3QHMRYHANCNFSM4ISVLB2A .
npm audit
doesn't turn up any security issues for any of these new packages
lodash.merge
was updated 2 months ago. I don't believe the packages are updated unless something in them changes. Lodash updates frequently, but they don't publish new versions of these smaller libraries unless it is warranted. Functions like padstart
/max
/repeat
are probably pretty rock solid and don't require much upkeep.
fine to go back to using them then [image: 👍]
On Sat, Aug 31 2019 at 20:41, notifications@github.com wrote:
npm audit doesn't turn up any security issues for any of these new packages
lodash.merge was updated 2 months ago. I don't believe the packages are updated unless something in them changes. Lodash updates frequently, but they don't publish new versions of these smaller libraries unless it is warranted. Functions like padstart/max/repeat are probably pretty rock solid and don't require much upkeep.
— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/beaugunderson/ip-address/pull/92?email_source=notifications&email_token=AAAPCX26347GBZ6YGBOI76LQHM2VTA5CNFSM4ISVLB2KYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD5TZTTA#issuecomment-526883276, or mute the thread https://github.com/notifications/unsubscribe-auth/AAAPCX5N7XM63C2PR4MAVDLQHM2VTANCNFSM4ISVLB2A .
Can this be merged and released please?
thanks for the bump @alanshaw; I'll release a new version momentarily
released in 6.2.0.
and thanks for the fix @dbashford!
👋
Also having the problem reported here. Quick fix here replaces the monolith with a few smaller libraries pulled out of the original.
The lodash versions are often still decent in size as they have to accommodate a somewhat expansive API. May be good in some cases to replace those with smaller libraries with smaller APIs or potentially yank some code in from somewhere. I'm reluctant to do any replacing as I am unsure what sorts of cases other than the obvious that calls like
max
andpadStart
require.