Thanks a lot for the response Jesse and Raphinesse. Will try out the suggested steps and check out the merge as well. Will get back with further updates if I m stuck.
On Thursday, October 25, 2018, <raphine...@gmail.com> wrote: > I already updated cordova-js to use more modern tooling some time ago in > https://github.com/apache/cordova-js/pull/176. I just had not gotten > around to merging it yet. I did so just now. > > Jesse <purplecabb...@gmail.com> schrieb am Do., 25. Okt. 2018, 10:19: > > > Hi Gandhi, > > > > There is an issue with this repo in that cordova-js uses a jasmine-node > > version that depends on a non-secure version of growl. This is not a > > trivial fix as moving to the recommended jasmine-node@2.0.1 is a > breaking > > change. > > I am not completely of the mind that updating is the right approach here, > > as I think in many ways the cordova-js project is outdated, and the whole > > process of generating platform specific cordova.js files needs to be > > rethought. > > > > Personally, this does not block me ... I do the following: > > ⚡ npm i > > audited 684 packages in 2.085s > > found 1 critical severity vulnerability > > run `npm audit fix` to fix them, or `npm audit` for details > > > > ⚡ npx grunt > > ... succeeds > > > > ⚡ npx grunt compile:windows > > Running "compile:windows" (compile) task > > generated cordova.windows.js @ 243e7aac8cee0108927df0253118e36857ab9fc7 > in > > 5ms > > Done. > > > > The typical way a platform is released is to use cordova-coho. > > ex. `coho prepare-platform-release-branch -r cordova-android --version > > 9.9.9` > > This takes care of all the tagging, building/copying of cordova.js to the > > correct platform folder. > > > > About the mobile-spec workflow, I have not done this is a long time, this > > was more important when we were breaking things a lot. One expectation > of > > the tooling that may not be explicitly listed is that all repos are > > expected to be cloned as peers. cordova-coho has commands that can help > > manage the multitude of repos for you. > > > > Not sure if this helps you move forward, I am happy to dig into this more > > with you. > > > > Cheers, > > Jesse > > > > @purplecabbage > > risingj.com > > > > > > On Tue, Oct 23, 2018 at 10:22 PM gandhi rajan <gandhiraja...@gmail.com> > > wrote: > > > > > Hi All, > > > > > > I was trying to understand the release process for Cordova platforms as > > > mentioned in the following link - > > > > > > > > https://github.com/apache/cordova-coho/blob/master/docs/ > platforms-release-process.md > > > . > > > > > > While following the steps mentioned to test plugins with > > > cordova-mobile-spec project, I got an error stating cordova-js module > is > > > not installed. When I tried to install cordova-js, the installation > fails > > > stating one critical severity vulnerability.On running npm audit on > > > cordova-js, it states that the critical vulnerability is related to > growl > > > version. > > > > > > Can someone let me know whether I m missing some steps which is causing > > > this issue or it's a vulnerability that needs to be fixed as I m not > able > > > to proceed with cordova-js module installation? > > > > > > Any help is really appreciated. Thanks in advance. > > > > > > > > > -- > > > Regards, > > > Gandhi > > > > > > "The best way to find urself is to lose urself in the service of others > > > !!!" > > > > > > -- Regards, Gandhi "The best way to find urself is to lose urself in the service of others !!!"
