Conversation
legendecas
force-pushed
the
npm_workspace
branch
2 times, most recently
from
60d9ce8 to
edf046f
Compare
|
Going to merge this addressing a security advisary. |
| "node-addon-api": "^8.1.0" | ||
| }, | ||
| "scripts": { | ||
| "install": "node-gyp rebuild && node test" |
There was a problem hiding this comment.
is this intentional to remove node test as well?
There was a problem hiding this comment.
Yes, the test should not run on install script.
| on: | ||
| push: | ||
| pull_request: | ||
| schedule: |
There was a problem hiding this comment.
this cron exists for a reason, means to test nodejs nightly build. should be keep this if there is a strong reason.
There was a problem hiding this comment.
The CI does not test Node.js nightly builds, as it uses the actions/setup-node GitHub Action:
node-addon-examples/.github/workflows/nodejs.yml
Lines 26 to 29 in 1f9a247
with:
Now that we use a package-lock.json with npm ci, there should be no changes across runs when there are no source and/or dependency changes.
There was a problem hiding this comment.
nope
There was a problem hiding this comment.
Ah I didn't see the other job. Thanks for pointing that out!
Well that's weird. I don't see why we would need to test with Node.js nightly, e.g. node-addon-api doesn't do it. The only thing that tests Node-API with nightly is the Node.js core repo itself...
There was a problem hiding this comment.
I don't have strong opinon on this cron job as long as we pin dependencies.
Reverted this removal.
legendecas
force-pushed
the
npm_workspace
branch
from
9787fe9 to
076d5fc
Compare
|
Hmm, strange. The CI failed for |
legendecas
force-pushed
the
npm_workspace
branch
from
076d5fc to
17b1da4
Compare
|
Ah, #620 merged. |
github-project-automation
bot
moved this from Need Triage
to Done
in Node-API Team Project
4 participants
This pins all dependencies with a workspace
package-lock.json(excluding thewebsite/folder)