jfrog/setup-jfrog-cli@v2 breaking change in move from node12 to node16
justfalter opened this issue · 7 comments
Describe the bug
Attempting to use jfrog/setup-jfrog-cli@v2 with Github Enterprise Server 3.3.x results in an error Parameter ''using: node16' is not supported, use 'docker' or 'node12' instead.'
Support for node16 wasn't added until GitHub Enterprise 3.4 was released, which happened just a week or two ago. Many environments are still on GHE 3.3.x, only has support for node12 actions.
Thus, the change from node12 to node16 here is a breaking change. If you could please roll back the change for v2, that would be greatly appreciated.
Changing the version of nodejs used by the action is a breaking change for GitHub Enterprise Users. GHE 3.4 with node16
Note: this is the very reason why we saw actions/checkout](https://github.com/actions/checkout) move from rev from v2` to v3!
To Reproduce
Try to use jfrog/setup-jfrog-cli@v2 on GitHub Enterprise Server 3.3.x.
Expected behavior
I expect that I should be able to continue to use jfrog/setup-jfrog-cli@v2 with GitHub Enterprise Server 3.3.x, which supports node12 (not node16)
Screenshots
Versions
-
Setup JFrog CLI version:
jfrog/setup-jfrog-cli@v2 -
Workflow operating system: linux
-
JFrog CLI version: latest
-
Artifactory Version: n/a
Additional context
Add any other context about the problem here.
@yahavi If you can please take a look, I'd appreciate it a great deal.
Thanks for reporting this issue @justfalter!
Till we roll back to node 12, will you be able to use jfrog/setup-jfrog-cli@v2.1.0 instead of jfrog/setup-jfrog-cli@v2?
@justfalter,
Node 12 is under end-of-life since April 30th, 2022. It will not receive any security updates from now and therefore it is a security risk to keep using it. Please accept my apologies for not adding node16 to the release notes, I added it now.
You can keep using 2.1.0 with the latest JFrog CLI:
- uses: jfrog/setup-jfrog-cli@v2.1.0
with:
version: latest
Or with a specific version:
- uses: jfrog/setup-jfrog-cli@v2.1.0
with:
version: 2.14.0
Please let us know what do you think.
What’s the versioning policy for this repository?
I am aware that node12 is EOL, but that’s not a good reason to include a breaking change in a minor revision. If it is to adhere to semantic versioning, then the breaking change necessitates a major rev. That’s why pretty much all of the “actions*” repositories rev’d their major version numbers within the last month.
@justfalter,
@yahavi and I discussed this, and both of us think that you're right. Minor versions shouldn't include breaking changes. It looks like we under estimated the impact of the node version upgrade.
We'll do as you suggested - release another minor for v2 with a rollback of the node upgrade, and release v3 with node 16. We'll share an update here once done.
Thanks again for sharing your feedback and for using this Action. We truly appreciate it.
No worries! The feature timeline for GitHub Enterprise is delayed when compared to GitHub.com, and really only GHE customers are aware of the difference.
GitHub could do a better job of informing the Actions authors about these things. I’ve run into a couple other actions that did the same node12 to node16 without the major rev, so it’s an honest mistake.
Thanks!
@justfalter
Setup JFrog CLI 2.2.1 is released. This version includes the node16->node12 change.
We'd appreciate your feedback on that.