feat: log Probot version at startup

[shaftoe]

I'm new to TypeScript so please forgive in advance any silly mistake here.

I believe it's valuable to know which version of Probot a Probot-application instance is based on, AFAIK the only way at the moment is to inspect node_modules/probot/package.json but I believe at least logging it at startup is a good thing.

Probably is also a good idea to expose that via GET /version, together with the actual application version, something like this maybe?

{
  "appVersion": "0.1.2",
  "probotVersion": "3.4.5"
}

[gr2m]

Thanks for looking into this!

Logging the version at startup is a good idea. I don't think we need to add a new GET /version endpoint though. Exposing the probot version publicly might be a security risk, if there is ever a known security vulnerability. We do display the app version on GET /probot, e.g. see https://probot-dco.herokuapp.com/probot

[shaftoe]

Logging the version at startup is a good idea. I don't think we need to add a new GET /version endpoint though. Exposing the probot version publicly might be a security risk, if there is ever a known security vulnerability. We do display the app version on GET /probot, e.g. see https://probot-dco.herokuapp.com/probot

Ok, understood. Out of curiosity, isn't exposing the app version at GET /probot' (actually also GET /` if I get it right) adding a security risk as well?

Other related question: what's the recommended way to test Probot beta/next? npx create-probot-app + npm install probot@next ?

[gr2m]

isn't exposing the app version [...] adding a security risk as well?

The app version is independent of the probot version the app is using, so I don't think so.

what's the recommended way to test Probot next

npx create-probot-app is already set up to use probot v10

[gr2m]

Looks good, thank you!

[github-actions]

🎉 This PR is included in version 10.1.0 🎉

The release is available on:

• GitHub release
• npm package (@next dist-tag)

Your semantic-release bot 📦🚀