Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: update snyk netlify plugin for newer version #487

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore: update snyk netlify plugin for newer version #487

wants to merge 1 commit into from

Conversation

lirantal
Copy link
Contributor

@lirantal lirantal commented Oct 28, 2021
edited
Loading

Thanks for contributing the Netlify plugins directory!

Are you adding a plugin or updating one?

  • Adding a plugin
  • Updating a plugin

Have you completed the following?

Test plan

Yes, this plugin has been bumped as it has received a few updates and this PR is to keep it up to date.

@lirantal
Copy link
Contributor Author

What is the proper way to use the updated version of a module in a Netlify build so I can indeed test in there?

@ehmicky
Copy link
Contributor

ehmicky commented Oct 29, 2021
edited
Loading

Hey @lirantal 👋

You can test a specific version of your plugin by installing it in package.json (as opposed to installing it via the UI). This works both for CLI builds and UI builds. Please let me know if I understood your question correctly.

This update is removing the severity plugin input. This would be a breaking change since builds fail when users specify unknown plugin inputs. There are two possible solutions:

  • Add the severity plugin input back to manifest.yml, but only for backward compatibility, i.e. the plugin's code would not use that input anymore. This could be completely removed from manifest.yml on the next major release.
  • Make a major release.

I would personally recommend the first option since it might be simpler, what do you think?

@ehmicky ehmicky self-requested a review October 29, 2021 13:13
@ehmicky ehmicky added the type: feature code contributing to the implementation of a feature and/or user facing functionality label Oct 29, 2021
@lirantal
Copy link
Contributor Author

Thanks @ehmicky
Where do you see that it makes a change to the severity plugin input? Mostly this update is due to fixing a typo in the plugin and requiring a newer snyk CLI version underlying this plugin that wraps it. Makes sense?

@ehmicky
Copy link
Contributor

ehmicky commented Nov 16, 2021
edited
Loading

The change is here coming from this commit.

One situation which could happen for some of your users is: if they use the severity input, their builds will now start failing with an error message indicating that severity is an unknown input.

Fortunately, it is possible to make a major release to ensure this breaking change does not break those users' sites. Alternatively, it is also possible to add the severity input back, if this change was accidental.

What do you think?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ehmicky ehmicky Awaiting requested review from ehmicky

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
type: feature code contributing to the implementation of a feature and/or user facing functionality
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@lirantal @ehmicky