Skip to content

Use npm to manage Markdown tool dependencies #783

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Oct 16, 2024
Merged

Use npm to manage Markdown tool dependencies #783

merged 1 commit into from
Oct 16, 2024

Conversation

per1234
Copy link
Contributor

@per1234 per1234 commented Oct 16, 2024

The project uses several tools for development and validation of Markdown files. Previously, the version of the tools used was not controlled. This was problematic because:

  • A different version of the tool may be used on the contributor's machine than on the CI runner, resulting in confusing failures.
  • The project is immediately subject to disruption or breakage resulting from a release of the tool.

The new approach is to specify the version of the tools via the standard npm metadata files (package.json + package-lock.json), providing the following benefits:

  • Enables automated updates via Dependabot PRs
  • Enables automated vulnerability alerts

@per1234 per1234 added type: enhancement Proposed improvement topic: infrastructure Related to project infrastructure labels Oct 16, 2024
@per1234 per1234 self-assigned this Oct 16, 2024
@codecov Codecov
Copy link

codecov bot commented Oct 16, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 90.05%. Comparing base (d43d267) to head (51b3eac).
Report is 10 commits behind head on main.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main     #783   +/-   ##
=======================================
  Coverage   90.05%   90.05%           
=======================================
  Files          44       44           
  Lines        6800     6800           
=======================================
  Hits         6124     6124           
  Misses        553      553           
  Partials      123      123
Flag Coverage Δ
unit 90.05% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@per1234
Use npm to manage Markdown tool dependencies
51b3eac 
The project uses several tools for development and validation of Markdown files. Previously, the version of the tools
used was not controlled. This was problematic because:

- A different version of the tool may be used on the contributor's machine than on the CI runner, resulting in confusing
  failures.
- The project is immediately subject to disruption or breakage resulting from a release of the tool.

The new approach is to specify the version of the tools via the standard npm metadata files (package.json +
package-lock.json), providing the following benefits:

- Enables automated updates via Dependabot PRs
- Enables automated vulnerability alerts
@per1234 per1234 force-pushed the check-markdown-npm branch from c699dab to 51b3eac Compare October 16, 2024 03:24
@per1234 per1234 merged commit 32fbff1 into arduino:main Oct 16, 2024
66 of 67 checks passed
@per1234 per1234 deleted the check-markdown-npm branch October 16, 2024 05:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@per1234 per1234

Labels
topic: infrastructure Related to project infrastructure type: enhancement Proposed improvement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@per1234