git-utils 5.7.0 was published to the npm package registry without the necessary submodule files included

[DeeDeeG]

Prerequisites

• Put an X between the brackets on this line if you have done all of the following:
  • Reproduced the problem in Safe Mode: https://flight-manual.atom.io/hacking-atom/sections/debugging/#using-safe-mode
  • Followed all applicable steps in the debugging guide: https://flight-manual.atom.io/hacking-atom/sections/debugging/
  • Checked the FAQs on the message board for common solutions: https://discuss.atom.io/c/faq
  • Checked that your issue isn't already filed: https://github.com/issues?utf8=✓&q=is%3Aissue+user%3Aatom
  • Checked that there is not already an Atom package that provides the described functionality: https://atom.io/packages

Description

git-utils@v5.7.0 was published to the npm package registry without the submodule files included.

Details

This occurs when running npm publish, after cloning this repository non-recursively (should be git clone --recurse-submodules (or git clone --recurse as a shorthand syntax)... or after cloning non-recursively, one should run git submodule update --init.

This brings in the submodule at deps/libgit2. Without these files included in the published tarball, the package lacks the library it is based around, and the package does not build or function -- the package is effectively broken if uploaded without the submodule included.

Steps to Reproduce

1. mkdir inspect_gitutils_tarball && cd inspect_gitutils_tarball
2. npm pack git-utils@5.7.0 (This downloads git-utils@v5.7.0 from the npm package registry)
3. tar xf git-utils-5.7.0.tgz (Unpack the tarball, wait for it to finish unpacking)
4. ls ./package (inspect the contents of the tarball, looking for the deps/libgit2 submodule files to be present)

Expected behavior:

% ls ./package-5.6.2
LICENSE.md	appveyor.yml	deps		src
README.md	binding.gyp	package.json

Submodule should be included in the tarball; there should be files in deps/libgit2

Actual behavior:

% ls ./package-5.7.0
LICENSE.md	appveyor.yml	package.json
README.md	binding.gyp	src

Submodule is not included; there is no deps folder in the tarball.

Reproduces how often:

100% with v5.7.0

Versions

git-utils@v5.7.0

Additional Information

Please consider uploading a v5.7.1 with the submodule initialized. Also, consider #104 to make sure the submodule is automatically initialized before publishing this package. #104 or a similar approach would effectively prevent this issue from happening in the process of uploading future releases.

[sadick254]

Fixed and published 5.7.1