Some feature idea: One of the main problems I have when upgrading is reading the release notes, or more specifically finding them and then having the time to read them. So if you could establish a common release note format that is stored on github as well and automatically display that in aggregated form for all the dependencies of a project that would be awesome. E.g. if you go from 1.0.0 to 1.1.0 of a dependency, you would only show the release notes / change log for those parts. You might actually be able to extract this directly from github.
And while we are at it, please add support for private bitbucket repositories. I use them for some orgs as they are free. On Wed, Feb 13, 2013 at 12:33 PM, Luke Arduini <[email protected]>wrote: > Also, ++ if you call the node version nodempotence :) > > > On Wednesday, February 13, 2013, Luke Arduini wrote: > >> So it's not done programmatically? Red (dangerous) versions are >> determined manually? >> >> Anyway, this sounds like if actively maintained, a better approach than >> the similar david-dm service, which I believe only bases its output on >> version numbers indiscriminately. Perhaps you can keep your list of 'must >> not use' modules public. >> >> On Wednesday, February 13, 2013, Philippe Lafoucrière wrote: >> >> Hi Luke, >> >> Most of the time, it's a security issue (there are a LOT of updates >> lately on rails...), but it can also be an implementation of a deprecated >> API (github API V2 for instance). >> Red ("update needed") means a dependency declared in package.json must >> not be used. >> I will read this mailing list daily to check if some issues are raised on >> some packages, and we're also following other sources. So far, we don't >> have any version marked as red for npm packages, please ping me >> (@gemnasiumapp) if you think one package should be tagged. >> >> Thanks! >> >> >> -- >> Philippe Lafoucrière - CEO >> http://www.tech-angels.com >> main : +33 (0) 970 444 643 >> mobile : +33 (0) 6 72 63 75 40 >> fax : +33 (0) 9 72 12 78 75 >> >> >> >> On Wed, Feb 13, 2013 at 9:16 PM, Luke Arduini <[email protected]>wrote: >> >> What qualifies as update needed? >> >> >> On Wednesday, February 13, 2013, Philippe Lafoucrière wrote: >> >> Hi guys, >> >> We're pleased to announce the immediate availability of Gemnasium NPM: >> https://gemnasium.com >> Gemnasium is an online tool to monitor your project dependencies, it >> was originally designed to work with ruby gems, but now features node >> packages as well. >> Gemnasium will search for a package.json at the root of projects, and >> determine if an update is needed. 3 colors are used: green (all right!), >> yellow (just outdated), red (update needed). >> It's still 100% free for opensource projects, of course. >> >> The new version also features what we call the "watchmen", ie: a bunch of >> us manually looking at changelogs to check for security issues. >> If you think a version should be tagged as fixing something very >> important (like a security hole), please feel free to contact us >> (@gemnasiumapp / [email protected]). >> >> A travis-like badge is also available for your projects, like: >> [](https://gemnasium.com/visionmedia/express) >> for express project (more formats available on the page >> https://gemnasium.com/visionmedia/express). >> Of course, your feedback is welcome, and we really hope you will find >> this product useful. >> >> Ho, one more thing... To celebrate this release, we'd like to give new >> subscribers a special coupon : VALENTINESDEP >> This coupon will bring some <3<3<3, and also 50% for 3 months (1 month is >> 100% free!). >> >> Enjoy! >> Philippe >> >> >> -- >> -- >> Job Board: http://jobs.nodejs.org/ >> Posting guidelines: >> https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines >> You received this message because you are subscribed to the Google >> Groups "nodejs" group. >> To post to this group, send email to [email protected] >> To unsubscribe from this group, send email to >> [email protected] >> For more options, visit this group at >> http://groups.google.com/group/nodejs?hl=en?hl=en >> >> --- >> You received this message because you are subscribed to the Google Groups >> "nodejs" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> For more options, visit https://groups.google.com/groups/opt_out. >> >> >> >> -- >> -- >> Job Board: http://jobs.nodejs.org/ >> Posting guidelines: >> https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines >> >> -- > -- > Job Board: http://jobs.nodejs.org/ > Posting guidelines: > https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines > You received this message because you are subscribed to the Google > Groups "nodejs" group. > To post to this group, send email to [email protected] > To unsubscribe from this group, send email to > [email protected] > For more options, visit this group at > http://groups.google.com/group/nodejs?hl=en?hl=en > > --- > You received this message because you are subscribed to the Google Groups > "nodejs" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/groups/opt_out. > > > -- -- Job Board: http://jobs.nodejs.org/ Posting guidelines: https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines You received this message because you are subscribed to the Google Groups "nodejs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/nodejs?hl=en?hl=en --- You received this message because you are subscribed to the Google Groups "nodejs" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
