Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: bump pnpm lockfile #15501

Merged
merged 9 commits into from
May 7, 2024
Merged

chore: bump pnpm lockfile #15501

merged 9 commits into from
May 7, 2024

Conversation

HenryQW
Copy link
Collaborator

@HenryQW HenryQW commented May 7, 2024

Involved Issue / 该 PR 相关 Issue

Close #

Example for the Proposed Route(s) / 路由地址示例

NOROUTE

New RSS Route Checklist / 新 RSS 路由检查表

  • New Route / 新的路由
  • Anti-bot or rate limit / 反爬/频率限制
    • If yes, do your code reflect this sign? / 如果有, 是否有对应的措施?
  • Date and time / 日期和时间
    • Parsed / 可以解析
    • Correct time zone / 时区正确
  • New package added / 添加了新的包
  • Puppeteer

Note / 说明

lockfile v6 is deprecated by pnpm v9, and is now readonly.

pnpm/pnpm#7934

@github-actions github-actions bot added the dependencies This PR involves changes to dependencies label May 7, 2024
@HenryQW HenryQW requested a review from DIYgod May 7, 2024 12:49
@TonyRL
Copy link
Collaborator

TonyRL commented May 7, 2024
edited
Loading

Dependabot is still having minor issue with pnpm v9 dependabot/dependabot-core#9522 though.

@TonyRL
Copy link
Collaborator

TonyRL commented May 7, 2024

RSSHub/.github/workflows/build-assets.yml

Lines 25 to 27 in 936e703

uses: pnpm/action-setup@v3
with:
version: 8

GitHub actions also need to be bumped.

@HenryQW
Copy link
Collaborator Author

HenryQW commented May 7, 2024

RSSHub/.github/workflows/build-assets.yml

Lines 25 to 27 in 936e703

uses: pnpm/action-setup@v3
with:
version: 8

GitHub actions also need to be bumped.

Done. I think current CIs are way too complicated, we might want to simplify them.

@github-actions github-actions bot added the Auto: Route Test Skipped PR involves no routes label May 7, 2024
@HenryQW
Copy link
Collaborator Author

HenryQW commented May 7, 2024

Dependabot is still having minor issue with pnpm v9 dependabot/dependabot-core#9522 though.

dependabot is really slow in adopting these major changes, which is very annoying, but I think it is solved? dependabot/dependabot-core#9668

@TonyRL
Copy link
Collaborator

TonyRL commented May 7, 2024
edited
Loading

@DIYgod Can you enable Dependabot on Actions runners in https://github.com/DIYgod/RSSHub/settings/security_analysis too? No sure if changing environment helps pnpm/pnpm#6530

@DIYgod
Copy link
Owner

DIYgod commented May 7, 2024

@TonyRL Now it is opened

@TonyRL TonyRL merged commit 2ccd644 into DIYgod:master May 7, 2024
25 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@DIYgod DIYgod Awaiting requested review from DIYgod

Assignees
No one assigned
Labels
Auto: Route Test Skipped PR involves no routes dependencies This PR involves changes to dependencies
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@HenryQW @TonyRL @DIYgod