0.8.0
Changelog for the collection of template repositories for new projects.
Improvements
Reduce Dependabot PR noise for NPM package ecosystem — #65 ⇄ #66 (⊶ 32925a1)
↠ To reduce the noise of too many PRs from NPM dependencies, where most of them are only scoped for (local) development, two optimizations have been made:
- The schedule changed to the
monthlyinterval. This is still enough to keep up with the fast updates in the NPM ecosystem. - Only watch production packages (
dependencies) and ignore development packages (devDependencies). The packages used for local or CI/CD development purposes are not required to be the latest version just for the sake of being up-to-date without a specific need or benefit.
Since GitHub takes security really serious, important Dependabot security updates are triggered manually by a security advisor so there is no risk of missing important versions bumps when reducing the schedule interval.
Use the
allowoption to customize which dependencies are updated. This has no impact on security updates for vulnerable dependencies.
Tasks
Prepared project/repository publication — #59 ⇄ #60 (⊶ 5023833)
↠ Before switching the GitHub repository visibility to “public“ a few adjustments had to be made.
Basically #22 was reverted, taking the changes from #23 into account, so that SVG images like the repository hero are using the URLs for public repositories again instead of the ones that allow to resolve the files in private repositories.
Node.js package dependency version updates — #63
↠ Bumped outdated Node.js package dependencies to their latest versions:
- #63 (⊶ 3528754)
prettierfrom 2.1.2 to 2.2.1 — The the official Prettier 2.2 introduction blog post for more details.
The full changelog is available in the repository
Copyright © 2020-present Sven Greb
