Upgrades for NodeJS from 8.11.3 to 8.17.0 and for NPM from 5.6.0 to 6.13.4 have
merged to mozilla-central.
Everyone is encouraged to run `mach bootstrap` to upgrade the toolchain on
their machine.
The main security fix that we’re concerned with is in npm, so I’ve also set
6.13.4 as the minimum
Now that we have NodeJS in the tree, we want to unlock the rich set of tooling
in the NodeJS/npm ecosystem so that we can start depending on things available
there in a coherent, managed, more secure way.
We've drafted policy docs to govern use and management of those
packages, and we'd love you
For better and for worse, I believe that's no longer true: devtools is
now using it to transpile JSX files to JS files as part of the normal
build.
Dan
Am Do., 8. Nov. 2018 um 13:55 Uhr schrieb Mike Hommey :
>
> On Wed, Nov 07, 2018 at 05:32:40AM -0800, Martin Husemann wrote:
> > I understand the
u saw this question, email me directly, or ask in
#go-node in slack.
* For bigger issues (eg “I don’t think this should land yet”, “there’s
a big problem that’s likely to affect one or more groups of people”),
feel free to reach out to one of: Dan Mosedale (me)
<https://mozillians.org/en-US/u/dmose/
ist where you saw this question, email me directly, or ask in #go-node in
slack.
-
For bigger issues (eg “I don’t think this should land yet”, “there’s a
big problem that’s likely to affect one or more groups of people”), feel
free to reach out to one of: Dan Mosedale (me) <
free to respond to the mailing
list where you saw this question, email me directly, or ask in #go-node in
slack.
-
For bigger issues (eg “I don’t think this should land yet”, “there’s a
big problem that’s likely to affect one or more groups of people”), feel
free to reach out to o
6 matches
Mail list logo
