Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

#39 contributing guidelines #48

Merged
merged 10 commits into from
Dec 26, 2021
Merged

#39 contributing guidelines #48

merged 10 commits into from
Dec 26, 2021

Conversation

mpetuska
Copy link
Owner

@mpetuska mpetuska commented Dec 24, 2021
edited
Loading

Closes #39

  • Code of Conduct
  • Contributing Guidelines
    • Styleguide
    • Issue guide
    • PR guide
    • Development env setup
    • Using Sandbox
  • Tips and Tricks documentation for wrapping MDC modules

@mpetuska mpetuska marked this pull request as ready for review December 25, 2021 15:23
@mpetuska
Copy link
Owner Author

@OliverO2 I'd appreciate your feedback on the docs once you're back from holidays.

@mpetuska mpetuska merged commit 8663bed into master Dec 26, 2021
@mpetuska mpetuska deleted the feature/39-contributing-guidelines branch December 26, 2021 15:19
@mpetuska
Copy link
Owner Author

@OliverO2 I've merged this PR to unblock some further work, but I'd very much be interested to hear your thoughts for a potential separate PR with improvements.

@OliverO2
Copy link
Contributor

@mpetuska I've just completed reviewing the new documentation. Excellent work! I've placed a PR with slight corrections as #56.

Need some more time to check the new Gradle setup and familiarize myself with docs/CONTRIBUTING.md.

@OliverO2
Copy link
Contributor

Still investigating the new Gradle setup with Kotlin 1.6.10 plugin changes:

It seems that my sandbox/kotlin-js-store/yarn.lock changed automatically during a Gradle build. This implies that new/updated packages were downloaded from NPM, installed and run, re-opening the door for immediate execution of hijacked code via Node. Could we return to a setup that

  • requires explicit manual invocation to update kotlin-js-store/yarn.lock and
  • validates yarn.lock before proceeding to execute anything?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Make contributing easy
2 participants
@mpetuska @OliverO2