v2.5.2

[kaue]

Status

READY

Description

This will be a major version bump since #68 introduces a breaking change.

• npm audit fix
• readme improvements
• bugfixes

Related PRs

Waiting for #68 #67 #70

Todos

• version bump
• build new dist/ files
• update changelog

npm audit for this branch

                       === npm audit security report ===                        
                                                                                
┌──────────────────────────────────────────────────────────────────────────────┐
│                                Manual Review                                 │
│            Some vulnerabilities require your attention to resolve            │
│                                                                              │
│         Visit https://go.npm.me/audit-guide for additional guidance          │
└──────────────────────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low           │ Regular Expression Denial of Service                         │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ braces                                                       │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=2.3.1                                                      │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ babel-cli [dev]                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ babel-cli > chokidar > anymatch > micromatch > braces        │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://npmjs.com/advisories/786                             │
└───────────────┴──────────────────────────────────────────────────────────────┘
found 1 low severity vulnerability in 387 scanned packages
  1 vulnerability requires manual review. See the full report for details.

[AckerApple]

Y’all I’ll check what’s going on here within 5 days. I’ll set a reminder now. With next couple days off, I might get to this a lot sooner. I just now remember we had a true issue reported and maybe these recent changes fix that PLUS I’ll rebuild and touch up the web demo

[kaue]

@AckerApple nice! thanks :)
I added #53 to the 3.0.0 milestone
(I might also include #60 and #59 later)

About the true issue, that's probably about #65 #57 #22, all of those should be fixed by #68 (i added a new test to check for this problem)

Acker try to setup an IM so we can chat a bit :) maybe gitter? https://gitter.im/jsonexport/Lobby

[kaue]

@AckerApple I dont get it why you went ahead and merged this 40987ac into master? i had a different thing in mind, i was going to release a minor version with security patches, then those fixes into a major version bump since we introduced a braking change in the csv output.

The PR your merged is also related with #68 i would prob release both together

Also, looks like your merge stripped the commit original author and squashed my commits https://github.com/kauegimenes/jsonexport/commits/master

[AckerApple]

My thought and intention was to release just your fix by itself as a minor fix. And then allow everything to come after.

I do apologize

[AckerApple]

Hey soooo going forward any requests? I won’t touch anything going forward at this time without your input. Please do communicate your thoughts for moving forward. Again I do apologize.

[kaue]

@AckerApple i will prob cherry pick the npm vulnerabilities patches and release a minor version.

Lets keep working on a few issues and prepare the 3.0.0 release in the develop branch. I will prob be able to work again this weekend on this.

Are you planning to work on #53 this week? I think it would be a great addition to update the demo page for 3.0.0.

[AckerApple]

Acknowledged.

I figured you would do the security stuff as a patch.

Great call out on the web options I forgot about that and actually just updated and added features to the demo so this will be super easier. I’ll have it done in under 6 days max but maybe in two I predict

[AckerApple]

I have updated the web demo to support most all options. Basically just the simple easy ones to implement.

You will instantly see the results of options using this link here

[kaue]

@AckerApple nice! :D