Linters can have subtle changes over time that can make CI fail in ways unrelated to the work done in a given PR. This causes additional unplanned work to conform code as part of unrelated tasks.
Keeping up to date with the latest linter versions is hugely beneficial, however. We benefit from bugfixes in the linters themselves and new checks for vulnerabilities and support for more/newer language features.
So we should have a process for regularly reviewing our linter versions, bumping immediately if trivial and planning future work to conform to the new versions if non-trivial.
What
Following on from https://github.com/OpenAssetIO/OpenAssetIO-TraitGen/pull/12#discussion_r1133597508. Pin versions of linters used in CI checks. Document a process for regularly updating linter versions.
Why
Linters can have subtle changes over time that can make CI fail in ways unrelated to the work done in a given PR. This causes additional unplanned work to conform code as part of unrelated tasks.
Keeping up to date with the latest linter versions is hugely beneficial, however. We benefit from bugfixes in the linters themselves and new checks for vulnerabilities and support for more/newer language features.
So we should have a process for regularly reviewing our linter versions, bumping immediately if trivial and planning future work to conform to the new versions if non-trivial.