I vote +1:
- Verified Archive
- Verified Tags
- Local Linux NPM test passes
- NPM audit 2 moderate vulnerabilities from `request`
(https://github.com/advisories/GHSA-p8p7-x288-28g6).
See DISCUSS thread for rationale on this issue.
On 2023-05-19 2:07 p.m., Bryan Ellis wrote:
Please review and vote on this cordova-cli release v12.0.0
by replying to this email (and keep discussion on the DISCUSS thread)
The archive has been published to dist/dev:
https://dist.apache.org/repos/dist/dev/cordova/cli-12.0.0
The package was published from its corresponding git tag:
cordova-cli: 12.0.0 (df419a1811)
Upon a successful vote I will upload the archive to dist/, publish it to npm,
and post the blog post.
Voting guidelines:
https://github.com/apache/cordova-coho/blob/master/docs/release-voting.md
Voting will go on for a minimum of 48 hours.
=====
I vote +1:
* Ran coho audit-license-headers over the relevant repos
* Ran coho check-license to ensure all dependencies and sub-dependencies have
Apache-compatible licenses
* Ensured the continuous build was green when repo was tagged
* Ran `npm test`
* Ran various platform add tests (git, dir, tarball, shortname & npm package
name)
* Ran various `cordova` test w/ sample app:
* `cordova`
* `cordova -v`
* `cordova create`
* `cordova info`
* `cordova help`
* `cordova config ls`
* `cordova requirements`
* `cordova telemetry`
* `cordova platform`
* `cordova platform add`
* `cordova platform rm`
* `cordova plugin`
* `cordova plugin add`
* `cordova plugin rm`
* `cordova build`
* `cordova prepare`
* `cordova compile`
* `cordova run`
* `cordova serve`
* Ran `npm audit`
2 moderate severity vulnerabilities
* Comes from our insight dependency which is currently not being updated.
* A future release may replace and refactor the telemetry functionality to
remove the insight package.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@cordova.apache.org
For additional commands, e-mail: dev-h...@cordova.apache.org
