- Updates multiple dev dependency minor versions PR
- Updated Yargs and CLI progress minor versions. Changes should not be significant to this project. PR
- Vulnerability patching for
json5
PR - Vulnerability patching for
minimatch
PR - Updates TypeScript to v4.9 PR
- Updates minor/patch versions of all dependencies PR
- Adding CLI argument
--prod
and a configuration item for only analyzing production dependencies issue change
- Fixed a broken link in the generated docs for the How-To guide on doing a release
- Dropped support for Node 12 as it exited maintenance. Added testing support for Node 18 in it's place.
- Updates yargs to 17.5.1 which dropped support for Node 12
- Updates
cli-progress
to 3.11.1 which doesn't have consequences for this project
- Updated several dev dependencies which finally clears up the
eslint-plugin-import
vulnerabilities failing the audit pipeline - Updated
yargs
17.4.0 -> 17.4.1- This addresses several bugs that I don't believe have an impact on this project
🎉 With the hem and haw of the CHANGELOG all of the previous betas weren't done in a way to nicely rollup for the v1.0.0 release notes. So instead here is a nice list of the features I'm launching this with:
- Everything is organized so that you can directly import
rotten-deps
and use it for programmatic report generation. You can also import the individual libraries for processing config and interacting with NPM but this isn't officially supported at this moment.
- You can set a default expiration via the CLI flag
--default-expiration
- You can output raw JSON instead of a table using the
--json
flag - By default you get a nice table display
As mentioned in the main README.md
the project uses exit codes to differentiate between a success (no outdated), a warn (some outdated but within compliance windows), and a fail (something is outdated beyond compliance window).
- You can flat out ignore a dependency from the check using the
ignore
property of a rule - You can give a dependency it's own compliance window separate from the default expiration
- You can provide a reason for the whitelist to help you remember why you whitelisted it in the first place (e.g. Depends on Bootstrap v1.2.3 upgrade)
- Enables using
--default-expiration
CLI flag alongside a config file. In the case of it being specified in both locations the CLI flag value takes precedence. change - Adds
reason
property to the rules for making notes on why you whitelisted a dependency change
- Replaces unmaintained typedoc pages plugin change
- Revises the release and config docs. The config docs were missing a property and the formatting was changed for better readability at a glance. change
- Replaces
cli-table
withcli-table3
since the former is no longer maintained
- Adds "days allowed" to the report generator and CLI table which represents either the default config or one for the specific rule. This is to help visualize how a dependency was determined to be outdated. change
- Refactored the report generator so that the requests for package details are now done in parallel instead of sequentially change
- Upgraded to Yargs
v17.x
which drops support for Nodev10.x
. Nodev10.x
will no longer be tested and supported by this project change
- Fixed days outdated being calculated incorrectly change
- Patches Lodash to address command injection in Lodash templates change
- Patches developer dependencies change
- Patches many many more dependencies after a hiatus from the project (didn't keep track of all the PRs)
- Added testing support for Node 16.x
- Dropped support for Node 10.x
- Added docs on contributing to the project change
- Added docs on how the days outdated are determined change
- Changed the format of
CHANGELOG.md
again change - Fixed typos and linting issues in all of the projects documentation change
- BUG: Issue #3 Fixes issue with generating report before installed
- OPS: Configures CI to fail on outdated
- TOOLS: Creates a script for handling releases
- DOCS: Revises the module header TSDoc
- DOCS: rebuilds README.md
- DOCS: Adds documentation for creating a config file
- DOCS/TOOLS: Patches
typedoc-plugin-pages
to fix inconsistency with the latest version oftypescript
andtypedoc
- MINOR: Adds tast to preserve
.nojekyll
after running a docs clean task
- Started drinking our own flavor-aide. Replaced
yarn outdated
withrotten-deps
- Updated dependencies
- adds optional progress bar to report generation using CLI flag
--progress
- fixes 404 github pages by disabling jekyll
- makes
docs/
the equivalent todocs/generated/
since that's where GitHub pages looks - created
documentation/
for the actual user created markdown files
- adds tsdoc for generation of reference docs
- adds tsdoc-pages for inclusion of markdown files in generated reference docs
- fixes issue where
config
andnpm-interactions
libraries were not being included in the NPM publish
- @synth3tk added unit of measurement for clarity on grace period docs
- fixed incorrect package name in readme
- enables typescript strict mode and resolves any outstanding issues
- revises documentation
- updates dependencies
- allows CLI usage without a config file by specifying a default grace period for expiration
- converted remaining tests to typescript and dropped babel as a dev dependency since it was no longer needed
- updated dependencies
- adds exit codes for pass, fail, and warn to the CLI
- adds
isStale
check for dependencies
- upped timeouts for api tests again
- configures mocha for using
.ts
files - updates tsconfig type config to use mocha and chai types
- configures build to run prior to testing
- indicates in CLI report if a dependency was ignored
- updates dependencies
- installs
sample-app
as a pretest hook sincenpm outdated
relies on your installed version
- suppress config error table when running tests
- add unit tests for the api
- split up github actions for yarn audit, yarn outdated, and build/test
- allows yarn outdated to fail because it constantly fails