-
-
Notifications
You must be signed in to change notification settings - Fork 670
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[new product] pnpm #5062
base: master
Are you sure you want to change the base?
[new product] pnpm #5062
Conversation
chenrui333
commented
Apr 28, 2024
- https://github.com/pnpm/pnpm/security/policy
- pnpm@8 8.15.7 (new formula) Homebrew/homebrew-core#170007
Signed-off-by: Rui Chen <rui@chenrui.dev> [pnpm] add security policy support link Signed-off-by: Rui Chen <rui@chenrui.dev>
Dates for older releases seem easily available, lets them as well: |
nice finding. adding them |
Signed-off-by: Rui Chen <rui@chenrui.dev>
--- | ||
|
||
> [Pnpm](https://pnpm.io/) is a fast, disk space efficient package manager for JavaScript. | ||
> It is a drop-in replacement for npm, but faster and more efficient. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Could you add a little paragraph explaining the support policy ? From what I could see with the comment of @captn3m0 they support the last two releases ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
upstream did not explicitly see that, but I guess we can assume it.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
My comment was a question, not an affirmation. It's also OK to just write that dates are only documented on https://github.com/pnpm/pnpm/security/policy (but in this case it is redundant with the sentence added with the releasePolicyLink
, so I suggest to remove the releasePolicyLink
in favor of a more explicit sentence).
Co-authored-by: Marc Wrobel <marc.wrobel@gmail.com>
Co-authored-by: Marc Wrobel <marc.wrobel@gmail.com>
Co-authored-by: Marc Wrobel <marc.wrobel@gmail.com>
Co-authored-by: Marc Wrobel <marc.wrobel@gmail.com>
Co-authored-by: Marc Wrobel <marc.wrobel@gmail.com>