search

zowe / zowe-cli-cics-plugin

Migrated to zowe/cics-for-zowe-client.
https://github.com/zowe/cics-for-zowe-client
Eclipse Public License 2.0
7 stars 11 forks source link

Shrinkwrap + Node:16.13.1 on Jenkinsfile + NPM:8 on GHA #115

Closed zFernand0 closed 2 years ago

codecov[bot] commented 2 years ago

Codecov Report

Merging #115 (b1f101f) into next (6a64659) will decrease coverage by 0.23%. The diff coverage is n/a.

Impacted file tree graph

@@            Coverage Diff             @@
##             next     #115      +/-   ##
==========================================
- Coverage   93.52%   93.28%   -0.24%     
==========================================
  Files          74       74              
  Lines         757      760       +3     
  Branches       90       93       +3     
==========================================
+ Hits          708      709       +1     
- Misses         49       51       +2
Impacted Files Coverage Δ
src/api/rest/CicsCmciRestClient.ts 54.79% <0.00%> (-1.55%) :arrow_down:
src/api/methods/define/Define.ts 96.70% <0.00%> (+0.03%) :arrow_up:

Continue to review full report at Codecov.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update e177753...b1f101f. Read the comment docs.

sonarcloud[bot] commented 2 years ago

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

zFernand0 commented 2 years ago

No more changes planned

gejohnston commented 2 years ago

Have we determined what best practices should be when a developer updates direct dependencies?

If we have recommendations, maybe we should place such text into the README files of each repository under the "Building from source" section, or maybe a new section?

zFernand0 commented 2 years ago

Have we determined what best practices should be when a developer updates direct dependencies?

  • Use npm outdated ?
  • Manually edit package.json
  • Use npm update ?
  • Rerun npm install ?
  • What options might be best for npm shrinkwrap ?

If we have recommendations, maybe we should place such text into the README files of each repository under the "Building from source" section, or maybe a new section?

I don't think we've made a decision on how to update dependencies within npm-shrinkwrap.

Personally, I do like the top-level summary provided by npm outdated even though it may not always work great with prerelease strings (i.e. unexpected latest suggestion) and kind of mixes regular dependencies with dev Dependencies. However, npm outdated seems to only provide the information and we have to make the decision.

The case of npm update should work for transitive dependencies based on their restrictions (~, ^, ...).

I do believe that between npm audit fix and npm update we should be covered in terms of regularly updating the dependencies. These two scripts could be executed right before every Zowe code freeze.

Either way, I think we should update the README files once we decide on cadence and process 😋