This release contains no changes to SDK functionality. It differs from 5.14.5 only in that the NPM lockfile package-lock.json has been removed from source control (a change that was already made in 6.x, but had not been backported to the 5.x maintenance branch util now).
The lockfile does not affect the dependencies that are loaded when an application uses the SDK, because NPM only pays attention to the lockfile of the root project (the application). Running a security scan on the node-server-sdk project produced false results, since the scanner would look at the dependency versions that were current at the time the lockfile was generated-- not the versions that would now be used if an application installed the SDK.
[5.14.6] - 2022-03-25
This release contains no changes to SDK functionality. It differs from 5.14.5 only in that the NPM lockfile
package-lock.json
has been removed from source control (a change that was already made in 6.x, but had not been backported to the 5.x maintenance branch util now).The lockfile does not affect the dependencies that are loaded when an application uses the SDK, because NPM only pays attention to the lockfile of the root project (the application). Running a security scan on the
node-server-sdk
project produced false results, since the scanner would look at the dependency versions that were current at the time the lockfile was generated-- not the versions that would now be used if an application installed the SDK.