-
Task
-
Resolution: Fixed
-
Critical
-
3.1.14, 3.3.8, 3.4.5, 3.5.2, 3.6
-
MOODLE_31_STABLE, MOODLE_33_STABLE, MOODLE_34_STABLE, MOODLE_35_STABLE, MOODLE_36_STABLE
-
MOODLE_31_STABLE, MOODLE_33_STABLE, MOODLE_34_STABLE, MOODLE_35_STABLE
-
Since September 2018 (MDL-63346):
- This policy will be applied to ALL supported branches, normal and security-only.
- This policy won't update any tool per se, unless strictly needed by nodejs/npm own dependencies/changes. It won't include npm audit changes either. Those are handled apart.
- TODO (MDLSITE-5536): A job @ CI servers will be, daily, using latest lts/current version to detect if there are npm-shrinkwrap.json changes. It will fail when that happens and inform integrators. Jumps to lts/next will be detected manually,.
- When that happens, a new issue, similar to this, will be created and these steps performed in order to get a renewed npm-shrinkwrap.json file:
- remove node_modules & npm-shrinkwrap.json
- npm cache clear --force
- npm install
- npm shrinkwrap
- The resulting branches will be sent to github (or similar), making a peer-review request here so both travis and cibot will verify that all them pass ok.
- Changes will be normally integrated and the NodeJSVersion template will be updated with latest information in the Docs.
It seems that pointing to lts/carbon is, once again, leading to changes to the npm-shrinkwrap.json that later is detected as modified by various checks and leading to local modifications in everyone's local repos.
To discuss:
A- Or we stay sticky with old one (nodejs v8.11.1 and npm 5.6.0). And populate that everywhere (jobs, docs...).
B- Or we continue using the generic lts/carbon (now nodejs v8.12.0 and npm 5.6.1) and roll new npm-shrinkwrap.json versions.
C- And, independently of the 2 above, we also exclude npm-shrinkwrap.json differences from automated tests, so they aren't affected by this in the future (cibot, travis, postchecks...).
Note: This needs to be applied to all supported (any type) branches. Right now 31, 33, 34, 35 and master.
Ciao
- has a non-specific relationship to
-
MDL-61893 Time to bump Node.js "Carbon" version again
- Closed
- has been marked as being related by
-
MDL-66109 Bump nodejs from lts/carbon to stable (>=v14.0.0)
- Closed
- will be (partly) resolved by
-
MDLSITE-5536 New CI job to look for changes in lock files
- Open