Skip to content

feat: update nodejs #644

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
elaine-mattos wants to merge 22 commits into
base: master
Choose a base branch
from
Draft

feat: update nodejs #644

elaine-mattos wants to merge 22 commits into from

Conversation

@elaine-mattos
Copy link

@elaine-mattos elaine-mattos commented Jul 17, 2025
edited
Loading

Overview

This PR introduces several significant updates and improvements to the project, including:

Node.js version upgrades (Dockerfiles, CI, engines)
Dependency updates (major and minor, including security and compatibility)

Changes

Node.js Version Upgrades

  • DevDockerfile and Dockerfile: Upgraded from node:18-bullseye to node:24-bullseye
  • test.yml: Node.js version set to 24

Dependency Updates

  • Major dependency upgrades in Azure SDKs, Babel, ESLint, Express, Chai, Winston, and more;
  • Security and compatibility improvements;
  • Removal of deprecated/unsupported versions.
  • ScanCode: updated from 32.1.0 to 32.3.3
  • Reuse: updated from 3.0.1 to 5.0.2
  • cdConfig.js: Introduced baseFileLocation for consistent file path handling; cd_file now has separate location and attachmentLocation properties
  • file.js: Attachments are now stored in a dedicated attachment directory if attachmentLocation is set; File naming for attachments improved (attachment:KEY → attachmentLocation/KEY.json)
  • Removed deprecated winston-azure-application-insights integration.
  • Upgraded winston and refined local logging.

Miscellaneous

  • Added env.json to .gitignore to prevent local config leakage.

@elaine-mattos
refactor(logging): remove winston-azure-application-insights, update …
f78096c 
…winston, and improve local logging
@elaine-mattos
chore: add env.json to gitignore
d9a1c4d 
Signed-off-by: ElaineDeMattosSilvaB <elaine.de-mattos-silva-bezerra@deutschebahn.com>
@elaine-mattos
feat: upgrade to node 20
efaf0b2 
Signed-off-by: ElaineDeMattosSilvaB <elaine.de-mattos-silva-bezerra@deutschebahn.com>
@elaine-mattos
feat: improve reuse version detection
c2a815a
@elaine-mattos
fix(scancode): improve ScanCode version detection and error logging
3b062e2 
- Refactor _detectVersion to robustly parse version using regex and handle missing versions
- Catch and log version detection errors
- Log detected SCANCODE and aggregated handler versions on initialization

Signed-off-by: ElaineDeMattosSilvaB <elaine.de-mattos-silva-bezerra@deutschebahn.com>
@elaine-mattos
fix: update scancode vr on test fixtures
707e478 
Signed-off-by: ElaineDeMattosSilvaB <elaine.de-mattos-silva-bezerra@deutschebahn.com>
@elaine-mattos
refactor(processors): improve logging and file path handling
498d025 
- Enhance error and version logging in fsfeReuse and licensee processors
- Improve error reporting for LICENSES directory access and REUSE execution
- Add attachment path support in file store for  keys
- Minor formatting cleanup

Signed-off-by: ElaineDeMattosSilvaB <elaine.de-mattos-silva-bezerra@deutschebahn.com>
@elaine-mattos
build(docker): update Scancode to 32.3.3 and REUSE to 5.0.2
f9e67b2 
Signed-off-by: ElaineDeMattosSilvaB <elaine.de-mattos-silva-bezerra@deutschebahn.com>
@elaine-mattos
refactor(config): split file store location into definition and attac…
e1d1f60 
…hment paths

Signed-off-by: ElaineDeMattosSilvaB <elaine.de-mattos-silva-bezerra@deutschebahn.com>
@elaine-mattos
fix: adjust release date assertion to handle UTC timestamps
f8c3321 
Signed-off-by: ElaineDeMattosSilvaB <elaine.de-mattos-silva-bezerra@deutschebahn.com>
@elaine-mattos
fix: update to node 24
28ee3fa 
Signed-off-by: ElaineDeMattosSilvaB <elaine.de-mattos-silva-bezerra@deutschebahn.com>
@elaine-mattos
fix: add Dockerfile and package.json
7e02f85 
Signed-off-by: ElaineDeMattosSilvaB <elaine.de-mattos-silva-bezerra@deutschebahn.com>
@elaine-mattos elaine-mattos marked this pull request as ready for review July 23, 2025 15:34
@elaine-mattos elaine-mattos marked this pull request as draft August 15, 2025 12:35
mxmehl
mxmehl reviewed Nov 10, 2025
View reviewed changes
Dockerfile

# REUSE
RUN pip3 install setuptools
RUN pip3 install reuse==3.0.1
Copy link

@mxmehl mxmehl Nov 10, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Whenever you update the PR, consider bumping this version as well. REUSE 6.x has quite interesting performance gains and also fixes potential license/copyright detection issues.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@mxmehl mxmehl mxmehl left review comments

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@elaine-mattos @mxmehl