v0.2.6 is tagged `stable`, changelog stops at v0.2.7, but v0.3, v1.0 and v1.1 are 🤔

Question

v0.2.6 is tagged `stable`, changelog stops at v0.2.7, but v0.3, v1.0 and v1.1 are 🤔

vassudanagunta opened this issue 4 years ago · 5 comments

On npm, 0.2.6 is tagged as the stable release. 9 years ago.
CHANGELOG stops at 0.2.7. 9 years ago.
10 more releases since, including v0.3, v1.0 and v1.1, the latter tagged as latest on npm.

Some clarification might help potential new users like me. Should we stick with the 9yo release because y'all are still unsure about the last 9 years of work? 😉

Answer 1 · 2021-05-03T18:29:20.000Z

You're probably the first since years to pay attention to that :))

Just use the latest release, usually that's just what matters, sometimes packages use next tag for the experimental releases, but latest is always the mainstream from my experience

Answer 2 · 2021-05-25T15:33:25.000Z

Eh, ⛔ prompt@1.1.0 has 1 vulnerbility reported by snyk.

Is that a thing to be concerned about?

Answer 3 · 2021-05-25T17:06:57.000Z

@trasherdk see #213 , currently I don't have too much time, I'd be grateful if one of you can make a PR, I think it's simple enough

Answer 4 · 2021-11-23T07:33:57.000Z

Vulnerablities are fixed on 1.2.0 https://snyk.io/test/npm/prompt/1.2.0
I removed the stable tag in npm, there's only the latest one now
CHANGELOG is indeed old and not up to date, but I don't think it's an issue here because CHANGELOGs are useful to list breaking changes, prompt didn't have any. I think new users should focus on the README

Does this make sense @vassudanagunta ?

Answer 5 · 2021-11-24T19:38:48.000Z

My point was that it was confusing to new users, and it is no longer so. Thanks!