-
Notifications
You must be signed in to change notification settings - Fork 1
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Updates dependencies and ups version to 0.0.10 #85
base: main
Are you sure you want to change the base?
Conversation
* `babel-plugin-istanbul` `6.0.0 -> 6.1.1` * `webpack-cli` `4.9.0 -> 4.9.1`
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I followed the Setup instructions in the README.
When I run npm install
, I get the message
npm WARN read-shrinkwrap This version of npm is compatible with lockfileVersion@1, but package-lock.json was generated for lockfileVersion@2. I'll try to do my best with it!
After it has installed, the lockfileVersion gets set to 1
, so perhaps something isn't documented correctly?
npm --version
gives me 6.14.11
, which is the one installed when I ran nvm install 14.16.0
. Perhaps you also need to add how to update NPM? I think it's npm install -g npm
Thanks @danielthepope I think I've built it with a more recent version of npm ( |
I would suggest using whatever is being offered in the latest LTS release, but I'm not up to date with "how things are developed in Node", so I think you should ask someone who is more in the know. e.g. are there security implications with using the older version of NPM? |
* `babel-loader` `8.2.2 -> 8.2.3` * `webpack` `5.58.2 -> 5.59.1`
Most recent LTS version of node. Hopefully addresses @danielthepope 's review comment.
I've switched to the latest LTS version of nvm, which is currently 14.8.1, and the latest version of npm, which is 8.1.1 and updated the README to reflect those, so hopefully that will address your comments @danielthepope The suggestion in the README is now to use |
OK, that's much better. The only thing I would point out now is the version mismatch between package.json and package-lock.json. When I ran |
Tracking pull request, addresses vulnerabilities