Skip to content
This repository has been archived by the owner on Mar 22, 2024. It is now read-only.

Releases: Financial-Times/n-gage

Don't run npm update in Heroku postbuild task

12 Apr 13:32
1ae4a94
Compare
Choose a tag to compare

What's Changed

Full Changelog: v9.0.0...v9.0.1

Upgrade to Node 14 + 16 and npm 7 + 8

21 Mar 14:18
8b8ce6b
Compare
Choose a tag to compare

What's Changed

Breaking Changes

  • Dropped support for Node 12
  • Dropped support for npm 6

n-gage is unsupported. FT.com projects should migrate to Tool Kit.

New Contributors

Full Changelog: v8.3.2...v9.0.0

Remove secret-squirrel commitmsg

23 Jul 09:14
4c0e306
Compare
Choose a tag to compare
v8.3.2

Merge pull request #257 from Financial-Times/CPP-544-remove-secret-sq…

Force globs to respect Git wildcard characters and eslint-config-next update

12 Jul 10:47
68a21cc
Compare
Choose a tag to compare

Force globs to respect Git wildcard characters, contains a potential breaking change, #256 :

Fixing this bug might mean other developers who are using git clients that set --literal-pathspecs will start getting githook errors where previously they were getting false negatives. Obviously, this is the correct behaviour but it might be disruptive. The GLOB function is only called from linter code so shouldn't have any other effects beyond githook failures.

Dependency update for @financial-times/eslint-config-next to v3 #241

Allow for use of any main branch name

19 Jan 12:21
0615037
Compare
Choose a tag to compare

Upgrade yargs ^10.0.3 -> ^16.0.0 to fix Prototype Pollution

27 Nov 14:17
cb524c4
Compare
Choose a tag to compare
v8.1.1

Merge pull request #249 from Financial-Times/upgrade-yargs-to-fix-pro…

Install task uses 'npm ci' command in CI env w/package-lock.json

25 Nov 08:54
160372f
Compare
Choose a tag to compare

If in a CI environment and a package-lock.json exists, the npm ci command will be called to freshly install node_modules from package-lock.json.

npm ci is the install command intended for use in CI environments and is faster and safer than npm install (safer because installs will fail if package-lock.json is inconsistent with package.json).

We're Going Back Into Lockdown So Let's Lock Down Our Dependencies Too

02 Nov 15:06
445fb0a
Compare
Choose a tag to compare

hey so previously we'd prevent npm from creating package-lock.json files and delete them on sight for a few reasons:

  • they made it more difficult to keep versions of n-ui in sync between npm and bower and between apps
  • they made it more difficult to roll out security updates
  • they were unstable

none of these reasons are valid anymore!

  • n-ui is dead, and Page Kit doesn't require version parity everywhere or keeping bower in sync
  • Renovate handles package-lock.json files just fine thx
  • 2017 was a long time ago

so we can now let npm create those files. this is opt-in: if you have package-lock.json in your repo's .gitignore, which you probably do, n-gage will keep its old behaviour. if not, it'll do a default npm install allowing package-lock.json to be created. since this automatically prunes superfluous dependencies, we don't need to do that ourselves any more.

we'd strongly encourage you to enable package-lock.json: this will potentially drastically speed up your CI builds and allow better caching of dependencies.

v7.0.0: Upgrade to Node v12

19 Oct 09:56
67e89e1
Compare
Choose a tag to compare
Merge pull request #239 from Financial-Times/upgrade-to-node-v12

Upgrade to Node v12

Improves make .env UX

12 Oct 16:45
94c40a0
Compare
Choose a tag to compare
Pre-release

make .env logs you in if you are not logged in and if the VAULT_AUTH_GITHUB_TOKEN is set