Comments (10)
My remarks:
- I don't know if anyone else has write/merge permissions for this repo.
- Most of the open PRs are either bots updating dependencies or minor typos. There costs of not merging those PRs aren't particularly high.
- I personally wouldn't be opposed to being a maintainer of a living fork of this project if there was a need for changes to go ahead.
from caporal.js.
I'm using Caporal in my own project (github.com/donmccurdy/glTF-Transform/) and have gotten complaints from downstream users about the npm audit
warnings from old dependencies. I have a pretty dim view of npm audit
in general, but it would still be nice to keep these dependencies up to date, even if new feature development isn't planned.
After replacing GitHub's dependabot with Renovate (https://github.com/renovatebot/renovate) (free for open source) I've found that quite helpful. It can batch dependency updates into a single PR on a fixed schedule (weekly, monthly, ...) and merge the PR automatically if tests pass. I'd be willing to help set up something like that here if maintainers are interested.
from caporal.js.
Watching with interest, as we use this in a few projects and the warnings are becoming annoying. Would love to move over to a fork if somebody is going to pick it up
from caporal.js.
Caporal.js is now the best solution I've seen. Would love to use a maintained fork.
from caporal.js.
We gave up and migrated everything to Commander with minimal pain today, and realized that it shaved about 3MB from our compressed .deb distributions as a bonus. I guess there are a LOT of deps in Caporal for things we didn't even use.
from caporal.js.
I've gone ahead with forking the project, updating dependencies, and publishing a new build on npm as @donmccurdy/caporal
. Feel free to use my fork if you'd like:
https://github.com/donmccurdy/Caporal.js
Unless the situation changes on the upstream project, I'll plan to strip down the build system to something I'm more comfortable maintaining, add Renovate for automatic dependency updates, and leave things alone beyond that. I don't have any personal plans to add features or change the API — Caporal has worked really well for me, and migrating to other CLI generators didn't make sense in my project. If others are interested in getting involved within or beyond that scope, feel free to comment over there.
from caporal.js.
Hey - mostly dead as you can see :(
The good news is I can work on it again more easily since I just lost my job, but the best advice I could give for now is to use the fork of @donmccurdy: https://github.com/donmccurdy/Caporal.js
My plans are:
- clean the repo of vulnerabilities
- work on a v3, but be aware that it will be full of breaking changes since I've a totally different interface in mind.
from caporal.js.
@gilles-crealp @cah4a @donmccurdy
I've spent the night re-looking at it. Not really sure it needs a V3 now.
I've a PR here that fixes a lot but I'd be happy if some folks could test on some real use cases:
from caporal.js.
@gilles-crealp @cah4a @donmccurdy
You should be able to test it using npm install @caporal/core@next
i've been able to successfully test it on my side
from caporal.js.
3.0 has been released (major update because it requires Node 16+)
Closing this issue
from caporal.js.
Related Issues (20)
- It is not possible to get the default logger object in Caporal 2 HOT 1
- Auto-sort commands HOT 1
- Option with default value and `global: true` doesn't work
- Support for multiple actions
- [Documentation] import err HOT 1
- Lodash security vulnerabilites in < 4.17.21 HOT 3
- Several vulnerabilities are introduced in the package HOT 1
- STRING is casting empty string to 'true'
- Documentation for Inquirer integration? HOT 1
- transitive lodash dep HOT 1
- program.exec throwing odd error and can't figure out right way to pass options
- (v1.4.0) Ineffecient Regular Expression complexity in chalk/ansi-regex
- Create a new stable version HOT 6
- Negative option (--no-option) didn't work
- Error in multiple validators return a gibberish error
- Dependabot cannot update lodash to a non-vulnerable version HOT 1
- Reporting a vulnerability HOT 1
- The automated release is failing 🚨
- Breaking changes in v2.0.3 HOT 7
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from caporal.js.