upgrade minimed-connect-to-nightscout to fix GuardianConnect for US s…

…ervers (and update npm dependencies) (#4915) * upgrade minimed-connect-to-nightscout to 1.30to fix GuardianConnect for US servers, see mddub/minimed-connect-to-nightscout#13 * npm update to fix security issue fixes https://nodesecurity.io/advisories/1118 (Arbitrary Code Execution in eslint-utils * update to minimed-connect-to-nightscout 1.3.1 * fix typo and make more clear we don't release with insecure dependencies
nightscout · Aug 24, 2019 · 20823d3 · 20823d3
1 parent 3b5430d
commit 20823d3
Show file tree

Hide file tree

Showing 3 changed files with 1,435 additions and 3,420 deletions.
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -57,7 +57,7 @@ Nightscout is a Node.js application. The basic installation of the software for
 
 We develop on the `dev` branch. All new pull requests should be targeted to `dev`. The `master` branch is only used for distributing the latest version of the tested sources.
 
-You can get the dev branch checked out using `git checkout dev`.
+You can get the `dev` branch checked out using `git checkout dev`.
 
 Once checked out, install the dependencies using `npm install`, then copy the included `my.env.template`file to `my.env` and edit the file to include your settings (like the Mongo URL). Leave the `NODE_ENV=development` line intact. Once set, run the site using `npm run dev`. This will start Nigthscout in the development mode, with different code packaging rules and automatic restarting of the server using nodemon, when you save changed files on disk. The client also hot-reloads new code in, but it's recommended to reload the the website after changes due to the way the plugin sandbox works.
 
@@ -119,8 +119,9 @@ We assume all new Pull Requests are at least smoke tested by the author and all
 Please include a description of what the features do and rationalize why the changes are needed.
 
 If you add any new NPM module dependencies, you have to rationalize why there are needed - we prefer pull requests that reduce dependencies, not add them.
+Before releasing a a new version, we check with `npm audit` if our dependencies don't have known security issues. 
 
-When adding new features that add confugration options, please ensure the `README` document is amended with information on the new configuration.
+When adding new features that add configuration options, please ensure the `README` document is amended with information on the new configuration.
 
 ## Bug fixing