You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@nifi.apache.org by scottyaslan <gi...@git.apache.org> on 2018/05/15 21:24:22 UTC
[GitHub] nifi-fds pull request #2: [NIFI-5198] update tooling versions
GitHub user scottyaslan opened a pull request:
https://github.com/apache/nifi-fds/pull/2
[NIFI-5198] update tooling versions
Thank you for submitting a contribution to Apache NiFi Fluid Design System.
In order to streamline the review of the contribution we ask you
to ensure the following steps have been taken:
### For all changes:
- [ ] Is there a JIRA ticket associated with this PR? Is it referenced
in the commit message?
- [ ] Does your PR title start with either NIFI-XXXX where XXXX is the JIRA number you are trying to resolve? Pay particular attention to the hyphen "-" character.
- [ ] Has your PR been rebased against the latest commit within the target branch (typically master)?
- [ ] Is your initial contribution a single, squashed commit?
### For code changes:
- [ ] Have you written or updated unit tests to verify your changes?
- [ ] Have you ensured that a full build and that the full suite of unit tests is executed via npm run clean:install at the root nifi-fds folder?
- [ ] Have you written or updated the Apache NiFi Fluid Design System demo application to demonstrate any new functionality, provide examples of usage, and to verify your changes via npm start at the nifi-fds/target folder?
- [ ] If adding new dependencies to the code, are these dependencies licensed in a way that is compatible for inclusion under [ASF 2.0](http://www.apache.org/legal/resolved.html#category-a)?
- [ ] If applicable, have you updated the LICENSE file, including the main LICENSE file under nifi-fds?
- [ ] If applicable, have you updated the NOTICE file, including the main NOTICE file found under nifi-fds?
### For documentation related changes:
- [ ] Have you ensured that format looks appropriate for the output in which it is rendered?
### Note:
Please ensure that once the PR is submitted, you check travis-ci for build issues and submit an update to your PR as soon as possible.
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/scottyaslan/nifi-fds NIFI-5198
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/nifi-fds/pull/2.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #2
----
commit d8ef37397477f722b7a2adabc19cd6154eb9193c
Author: Scott Aslan <sc...@...>
Date: 2018-05-15T21:20:38Z
[NIFI-5198] update tooling versions
----
---
[GitHub] nifi-fds issue #2: [NIFI-5198] update tooling versions
Posted by scottyaslan <gi...@git.apache.org>.
Github user scottyaslan commented on the issue:
https://github.com/apache/nifi-fds/pull/2
@joewitt I have clarified which items from the Angular Quickstart and add headers to each of the files including the package-lock.json file which is intended to be committed into source repositories, and serves various purposes including:
Describe a single representation of a dependency tree such that teammates, deployments, and continuous integration are guaranteed to install exactly the same dependencies.
Provide a facility for users to "time-travel" to previous states of node_modules without having to commit the directory itself.
To facilitate greater visibility of tree changes through readable source control diffs.
And optimize the installation process by allowing npm to skip repeated metadata resolutions for previously-installed packages.
---
[GitHub] nifi-fds issue #2: [NIFI-5198] update tooling versions
Posted by joewitt <gi...@git.apache.org>.
Github user joewitt commented on the issue:
https://github.com/apache/nifi-fds/pull/2
The karma-test-shim/karma-test javascript files... did we create these or are they templates from someplace else? We should cite that source from where it comes in our LICENSE file presuming it is from some stock template.
---
[GitHub] nifi-fds issue #2: [NIFI-5198] update tooling versions
Posted by joewitt <gi...@git.apache.org>.
Github user joewitt commented on the issue:
https://github.com/apache/nifi-fds/pull/2
was able to successfully build but did notice some warnings about library versions/known vulnerabilities.
> bash ./scripts/clean-install
npm WARN deprecated nodemailer@2.7.2: All versions below 4.0.1 of Nodemailer are deprecated. See https://nodemailer.com/status/
npm WARN deprecated mailcomposer@4.0.1: This project is unmaintained
npm WARN deprecated socks@1.1.9: If using 2.x branch, please upgrade to at least 2.1.6 to avoid a serious bug with socket data flow and an import issue introduced in 2.1.0
npm WARN deprecated uws@9.14.0: stop using this version
npm WARN deprecated node-uuid@1.4.8: Use uuid module instead
npm WARN deprecated buildmail@4.0.1: This project is unmaintained
npm WARN deprecated socks@1.1.10: If using 2.x branch, please upgrade to at least 2.1.6 to avoid a serious bug with socket data flow and an import issue introduced in 2.1.0
WARN registry Unexpected warning for https://registry.npmjs.org/: Miscellaneous Warning EINTEGRITY: sha1-ayEDoojpTvPeXPFdKd2F/Et41lw= integrity checksum failed when using sha1: wanted sha1-ayEDoojpTvPeXPFdKd2F/Et41lw= but got sha512-IBhBslgngMQN8DDSppmgDv7RNrlFotuuDsKcrCP3+HbFaVivIBU7u9oiiErw8sH4ynx3+gOGQ3q2otkgiSi6kg==. (19696 bytes)
WARN registry Using stale package data from https://registry.npmjs.org/ due to a request error during revalidation.
WARN registry Unexpected warning for https://registry.npmjs.org/: Miscellaneous Warning EINTEGRITY: sha1-2VUfnemPH82h5oPRfukaBgLuLrk= integrity checksum failed when using sha1: wanted sha1-2VUfnemPH82h5oPRfukaBgLuLrk= but got sha512-MKiLiV+I1AA596t9w1sQJ8jkiSr5+ZKi0WKrYGUn6d1Fx+Ij4tIj+m2WMQSGczs5jZVxV339chE8iwk6F64wjA==. (135183 bytes)
WARN registry Using stale package data from https://registry.npmjs.org/ due to a request error during revalidation.
WARN registry Unexpected warning for https://registry.npmjs.org/: Miscellaneous Warning EINTEGRITY: sha1-Ejma3W5M91Jtlzy8i1zi4pCLOQk= integrity checksum failed when using sha1: wanted sha1-Ejma3W5M91Jtlzy8i1zi4pCLOQk= but got sha512-ruPMNRkN3MHP1cWJc9OWr+T/xDP0jhXYCLfJcBuX54hhfIBnaQmAUMfDcG4DM5UMWByBbJY69QSphm3jtDKIkA==. (3136 bytes)
WARN registry Using stale package data from https://registry.npmjs.org/ due to a request error during revalidation.
WARN notice [SECURITY] timespan has 1 low vulnerability. Go here for more details: https://nodesecurity.io/advisories?search=timespan&version=2.3.0 - Run `npm i npm@latest -g` to upgrade your npm version, and then `npm audit` to get more info.
WARN registry Unexpected warning for https://registry.npmjs.org/: Miscellaneous Warning EINTEGRITY: sha1-7GDO44rGdQY//JelwYlwV47oNlU= integrity checksum failed when using sha1: wanted sha1-7GDO44rGdQY//JelwYlwV47oNlU= but got sha512-TZ6TTfI5NtZnuyy/Kecv+CnoROnyXn2DN97LontgQpCwsX2XyLYCC0ENhYkehSOwAp8rTQKc/NUIF7BkQ5rKLA==. (62614 bytes)
WARN registry Using stale package data from https://registry.npmjs.org/ due to a request error during revalidation.
WARN registry Unexpected warning for https://registry.npmjs.org/: Miscellaneous Warning EINTEGRITY: sha1-ezUbjo7dTTmV1NBmaA5mTZRpaCQ= integrity checksum failed when using sha1: wanted sha1-ezUbjo7dTTmV1NBmaA5mTZRpaCQ= but got sha512-gmh/eWXROncUzRnIa1Ubrt5b8ep/MGSnfAUI3aRp+sqTCs1tv1Isl8d8F6JmkN3dXKc3ehZMrtiPN9eL03NuaQ==. (4003 bytes)
WARN registry Using stale package data from https://registry.npmjs.org/ due to a request error during revalidation.
WARN notice [SECURITY] hoek has 1 moderate vulnerability. Go here for more details: https://nodesecurity.io/advisories?search=hoek&version=2.16.3 - Run `npm i npm@latest -g` to upgrade your npm version, and then `npm audit` to get more info.
---
[GitHub] nifi-fds issue #2: [NIFI-5198] update tooling versions
Posted by scottyaslan <gi...@git.apache.org>.
Github user scottyaslan commented on the issue:
https://github.com/apache/nifi-fds/pull/2
^ that was taken from the package-lock.json documentation on npm at: https://docs.npmjs.com/files/package-lock.json
---
[GitHub] nifi-fds issue #2: [NIFI-5198] update tooling versions
Posted by joewitt <gi...@git.apache.org>.
Github user joewitt commented on the issue:
https://github.com/apache/nifi-fds/pull/2
@scottyaslan ok great thanks for that clarification. Unless we're bundling the entirety of the source you should probably indicate the specific javascript files from Angular Quickstart so it will help others know that as well
---
[GitHub] nifi-fds issue #2: [NIFI-5198] update tooling versions
Posted by mcgilman <gi...@git.apache.org>.
Github user mcgilman commented on the issue:
https://github.com/apache/nifi-fds/pull/2
Thanks @scottyaslan! This has been merged to master.
---
[GitHub] nifi-fds issue #2: [NIFI-5198] update tooling versions
Posted by scottyaslan <gi...@git.apache.org>.
Github user scottyaslan commented on the issue:
https://github.com/apache/nifi-fds/pull/2
The karma files are from the Angular Quickstart MIT licensed project and is already listed in the LICENSE file.
---
[GitHub] nifi-fds issue #2: [NIFI-5198] update tooling versions
Posted by scottyaslan <gi...@git.apache.org>.
Github user scottyaslan commented on the issue:
https://github.com/apache/nifi-fds/pull/2
@joewitt I believe you need to run `npm cache verify` to get rid of those 'stale package data' warnings.
---
[GitHub] nifi-fds pull request #2: [NIFI-5198] update tooling versions
Posted by asfgit <gi...@git.apache.org>.
Github user asfgit closed the pull request at:
https://github.com/apache/nifi-fds/pull/2
---
[GitHub] nifi-fds issue #2: [NIFI-5198] update tooling versions
Posted by joewitt <gi...@git.apache.org>.
Github user joewitt commented on the issue:
https://github.com/apache/nifi-fds/pull/2
@scottyaslan package-lock.json looks like an auto generated file. We should avoid committing this if that is the case. Also, it lacks a license header but that should be moot of this is auto generated.
---