#49154: build: use @electron-ci/dev-root for package.json default
Merged
Important
Please note that code reviews and merges will be delayed during our quiet period in December and might not happen until January.
Description of Change
This PR changes the name field in package.json from electron to @electron-ci/dev-root and adds logic to our npm publish script to continue to publish as electron. The reason for this change is that some security scans on systems building Electron improperly flag that there is a vulnerable version of Electron because 0.0.0-development < any published version of Electron that might have vulnerabilities (eg even https://nvd.nist.gov/vuln/detail/CVE-2016-1202 gets reported against electron 0.0.0-development).
Checklist
- PR description included and stakeholders cc'd
- PR release notes describe the change in a way relevant to app developers, and are capitalized, punctuated, and past tense.
Release Notes
Notes: none
Backports
37-x-y
PendingWaiting for a manual backport
38-x-y
PendingWaiting for a manual backport
39-x-y
PendingWaiting for a manual backport
40-x-y
PendingWaiting for a manual backport
Semver Impact
Major
Breaking changes
Minor
New features
Patch
Bug fixes
None
Docs, tests, etc.
Semantic Versioning helps users understand the impact of updates:
- Major (X.y.z): Breaking changes that may require code modifications
- Minor (x.Y.z): New features that maintain backward compatibility
- Patch (x.y.Z): Bug fixes that don't change the API
- None: Changes that don't affect using facing parts of Electron