Open schoettl opened 1 month ago
Hi @schoettl π
On my system, the node version is 20.15.1 whereas organice uses 12.13.1. There are many open dependabot PRs and
yarn audit
tells about 637 vulnerabilities.
I'm definitively in favor of upgrading nodeπ
Apart from
yarn test
, CI and basic manual integration test β what do we need to safely upgrade? I've never done this before.How would staging or production cope with such changes?
Since organice is a SPA, hosting is not affected. As long as the regular dev, testing and build tools work. These tasks should run:
rm -rf node_modules; yarn install
yarn test
yarn install
yarn eslint
yarn prettier-eslint --write
yarn run build
CI should run. We will have to update the Docker image which includes the node version.
Lastly, a manual integration test should be done. As long as the sample and logins still work, I think we should be in the clear.
Should we give it a try, starting with node itself?
Sure, let's do it! I endeavoured into a first start: https://github.com/200ok-ch/organice/pull/993
@schoettl I made a spike (https://github.com/200ok-ch/organice/pull/993) to get us started on this task. Are you interested in picking it up from here?
Nice! I'll pick it up.
On my system, the node version is 20.15.1 whereas organice uses 12.13.1. There are many open dependabot PRs and
yarn audit
tells about 637 vulnerabilities.How about trying an upgrade @munen?
Apart from
yarn test
, CI and basic manual integration test β what do we need to safely upgrade? I've never done this before.How would staging or production cope with such changes? Should we give it a try, starting with node itself?