Skip to content

chore: simplify modernization follow-up #37

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
heznpc merged 1 commit into from
May 20, 2026
Merged

chore: simplify modernization follow-up #37

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 0 additions & 1 deletion .github/dependabot.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,6 @@ updates:
schedule:
interval: "monthly"
groups:
# Roll non-major action updates into a single PR each month.
actions-minor:
update-types: ["minor", "patch"]
open-pull-requests-limit: 5
Expand Down
11 changes: 7 additions & 4 deletions .github/workflows/ci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,16 +13,19 @@ permissions:
jobs:
test:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
# engines is ">=22 <25". Node 22 is Maintenance LTS (EOL 2027-04-30);
# Node 24 is Active LTS. Self-hosters on either should get CI signal.
node-version: ['22', '24']

steps:
- uses: actions/checkout@v6

- uses: actions/setup-node@v6
with:
# Node 20 EOL'd 2026-04-30. 22 is the current Maintenance LTS
# (EOL 2027-04-30); 24 is Active LTS. We pin to the LTS line we
# test against.
node-version: '22'
node-version: ${{ matrix.node-version }}

# tests/ uses the node:test runner with zero deps — no install needed.
- name: Syntax check
Expand Down
9 changes: 4 additions & 5 deletions SECURITY.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,13 +26,12 @@ Please do **not** open a public issue for security reports.

| Stage | Target |
|---|---|
| Acknowledgement | 7 days |
| Initial assessment | 14 days |
| Fix or mitigation plan | 30 days |
| Acknowledgement | within 7 days |
| Coordinated disclosure | up to 90 days from report |

If a fix lands before 90 days, disclosure happens at fix time. If a fix
needs more than 90 days (e.g., upstream dependency), we coordinate a longer
Single-maintainer project — only the two endpoints above are committed.
If a fix lands earlier, disclosure happens at fix time. If a fix needs
more than 90 days (e.g., upstream dependency), we coordinate a longer
window with the reporter.

## Supported versions
Expand Down
2 changes: 1 addition & 1 deletion package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
},
"scripts": {
"test": "node --test tests/*.test.js",
"check": "node --check api/[endpoint].js && find src -name '*.js' -exec node --check {} +"
"check": "find api src scripts -name '*.js' -exec node --check {} +"
},
"license": "MIT"
}