Populate signatureDocumentation #87
Conversation
Security InsightsNo security relevant content was detected by automated scans. Action Items
Questions or Comments? Reach out on Slack: #support-infosec. |
lib/src/gen/scip.pb.dart
Outdated
There was a problem hiding this comment.
generated file change
lib/src/gen/scip.pbenum.dart
Outdated
There was a problem hiding this comment.
generated file change
lib/src/gen/scip.pbjson.dart
Outdated
There was a problem hiding this comment.
generated file change
lib/src/gen/scip.proto
Outdated
There was a problem hiding this comment.
Copy and paste update from scip's official protobuf file: https://github.com/sourcegraph/scip/blob/main/scip.proto
pubspec.lock
Outdated
| version: "5.13.0" | ||
| version: "5.6.0" |
There was a problem hiding this comment.
It looks like dependabot dart is doing some strange things
analyzer v5.13.0 requires dart 2.19.0, and dependabot happily bumped to that version: #75
But, as can be seen from the pubspec.yaml, the min dart version is still set to ">=2.18.0 <3.0.0", implying dependabot is ignoring this specification
This means that when dependabot directly changes just the pubspec.lock file, its bumping the lockfile, but anytime you re-run pub get from the codebase, pub will correctly adjust the version used
.github/dependabot.yml
Outdated
| @@ -1,6 +1,7 @@ | |||
| version: 2 | |||
| updates: | |||
| - package-ecosystem: "pub" | |||
| - package-ecosystem: pub | |||
| versioning-strategy: increase | |||
There was a problem hiding this comment.
A bit of an unrelated change, but dependabot's default setting is widen for pub
This basically means: "probably dont change the pubspec.yaml file"
We dont want this, always change the pubspec.yaml file to enforce that latest versions of pubspec files
closes #85