Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: isaacs/node-tar
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v6.1.12
Choose a base ref
...
head repository: isaacs/node-tar
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: v6.1.13
Choose a head ref
  • 5 commits
  • 5 files changed
  • 3 contributors

Commits on Nov 12, 2022

  1. chore: bump @npmcli/template-oss from 4.8.0 to 4.10.0 

    Bumps [@npmcli/template-oss](https://github.com/npm/template-oss) from 4.8.0 to 4.10.0.
- [Release notes](https://github.com/npm/template-oss/releases)
- [Changelog](https://github.com/npm/template-oss/blob/main/CHANGELOG.md)
- [Commits](npm/template-oss@v4.8.0...v4.10.0)

---
updated-dependencies:
- dependency-name: @npmcli/template-oss
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
    @dependabot @lukekarrys
    dependabot[bot] authored and lukekarrys committed Nov 12, 2022
    Copy the full SHA
    72f6e39 View commit details

  2. chore: postinstall for dependabot template-oss PR

    @lukekarrys
    lukekarrys committed Nov 12, 2022
    Copy the full SHA
    329caed View commit details

  3. chore: bump events-to-array from 1.1.2 to 2.0.3 

    Bumps [events-to-array](https://github.com/isaacs/events-to-array) from 1.1.2 to 2.0.3.
- [Release notes](https://github.com/isaacs/events-to-array/releases)
- [Commits](isaacs/events-to-array@v1.1.2...v2.0.3)

---
updated-dependencies:
- dependency-name: events-to-array
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
    @dependabot @lukekarrys
    dependabot[bot] authored and lukekarrys committed Nov 12, 2022
    Copy the full SHA
    5dcfcb3 View commit details

Commits on Dec 7, 2022

  1. deps: bump minipass from 3.3.6 to 4.0.0 

    Bumps [minipass](https://github.com/isaacs/minipass) from 3.3.6 to 4.0.0.
- [Release notes](https://github.com/isaacs/minipass/releases)
- [Commits](isaacs/minipass@v3.3.6...v4.0.0)

---
updated-dependencies:
- dependency-name: minipass
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
    @dependabot @lukekarrys
    dependabot[bot] authored and lukekarrys committed Dec 7, 2022
    2
    Copy the full SHA
    cc4e0dd View commit details

  2. chore: release 6.1.13 (#344) 

    Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
    @github-actions
    github-actions[bot] authored Dec 7, 2022

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
    GPG key ID: 4AEE18F83AFDEB23
    Expired
    Verified
    Learn about vigilant mode
    Copy the full SHA
    a044a87 View commit details
Showing with 27 additions and 10 deletions.
  1. +3 −3 .github/workflows/release.yml
  2. +1 −1 .release-please-manifest.json
  3. +6 −0 CHANGELOG.md
  4. +12 −1 SECURITY.md
  5. +5 −5 package.json
6 changes: 3 additions & 3 deletions .github/workflows/release.yml
View file
Original file line number Diff line number Diff line change
@@ -77,9 +77,9 @@ jobs:
const comments = await github.paginate(github.rest.issues.listComments, issue)
let commentId = comments?.find(c => c.user.login === 'github-actions[bot]' && c.body.startsWith(body))?.id
body += `Release workflow run: ${workflow.html_url}\n\n#### Force CI to Rerun for This Release\n\n`
body += `Release workflow run: ${workflow.html_url}\n\n#### Force CI to Update This Release\n\n`
body += `This PR will be updated and CI will run for every non-\`chore:\` commit that is pushed to \`main\`. `
body += `To force CI to rerun, run this command:\n\n`
body += `To force CI to update this PR, run this command:\n\n`
body += `\`\`\`\ngh workflow run release.yml -r ${REF_NAME}\n\`\`\``
if (commentId) {
@@ -174,7 +174,7 @@ jobs:
RELEASE_COMMENT_ID: ${{ needs.release.outputs.comment-id }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
npm exec --offline -- template-oss-release-manager
npm exec --offline -- template-oss-release-manager --lockfile=false
npm run rp-pull-request --ignore-scripts --if-present
- name: Commit
id: commit
2 changes: 1 addition & 1 deletion .release-please-manifest.json
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
{
".": "6.1.12"
".": "6.1.13"
}
6 changes: 6 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,11 @@
# Changelog

## [6.1.13](https://github.com/npm/node-tar/compare/v6.1.12...v6.1.13) (2022-12-07)

### Dependencies

* [`cc4e0dd`](https://github.com/npm/node-tar/commit/cc4e0ddfe523a0bce383846a67442c637a65d486) [#343](https://github.com/npm/node-tar/pull/343) bump minipass from 3.3.6 to 4.0.0

## [6.1.12](https://github.com/npm/node-tar/compare/v6.1.11...v6.1.12) (2022-10-31)

### Bug Fixes
13 changes: 12 additions & 1 deletion SECURITY.md
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,14 @@
<!-- This file is automatically added by @npmcli/template-oss. Do not edit. -->

Please send vulnerability reports through [hackerone](https://hackerone.com/github).
GitHub takes the security of our software products and services seriously, including the open source code repositories managed through our GitHub organizations, such as [GitHub](https://github.com/GitHub).

If you believe you have found a security vulnerability in this GitHub-owned open source repository, you can report it to us in one of two ways.

If the vulnerability you have found is *not* [in scope for the GitHub Bug Bounty Program](https://bounty.github.com/#scope) or if you do not wish to be considered for a bounty reward, please report the issue to us directly using [private vulnerability reporting](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability).

If the vulnerability you have found is [in scope for the GitHub Bug Bounty Program](https://bounty.github.com/#scope) and you would like for your finding to be considered for a bounty reward, please submit the vulnerability to us through [HackerOne](https://hackerone.com/github) in order to be eligible to receive a bounty award.

**Please do not report security vulnerabilities through public GitHub issues, discussions, or pull requests.**

Thanks for helping make GitHub safe for everyone.

10 changes: 5 additions & 5 deletions package.json
View file
Original file line number Diff line number Diff line change
@@ -2,7 +2,7 @@
"author": "GitHub Inc.",
"name": "tar",
"description": "tar for node",
"version": "6.1.12",
"version": "6.1.13",
"repository": {
"type": "git",
"url": "https://github.com/npm/node-tar.git"
@@ -20,17 +20,17 @@
"dependencies": {
"chownr": "^2.0.0",
"fs-minipass": "^2.0.0",
"minipass": "^3.0.0",
"minipass": "^4.0.0",
"minizlib": "^2.1.1",
"mkdirp": "^1.0.3",
"yallist": "^4.0.0"
},
"devDependencies": {
"@npmcli/eslint-config": "^4.0.0",
"@npmcli/template-oss": "4.8.0",
"@npmcli/template-oss": "4.10.0",
"chmodr": "^1.2.0",
"end-of-stream": "^1.4.3",
"events-to-array": "^1.1.2",
"events-to-array": "^2.0.3",
"mutate-fs": "^2.1.1",
"nock": "^13.2.9",
"rimraf": "^3.0.2",
@@ -55,7 +55,7 @@
},
"templateOSS": {
"//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.",
"version": "4.8.0",
"version": "4.10.0",
"content": "scripts/template-oss",
"engines": ">=10",
"distPaths": [