bcgov / digital_marketplace

The intent of this development is to build a product that will support digital procurement needs for the BC Government including services such as, but not limited to, Sprint With Us, Code With Us, The Procurement Concierge.
Apache License 2.0
13 stars 17 forks source link

Upgrade packages (other than node) #239

Open mikevespi opened 2 years ago

mikevespi commented 2 years ago

Once Node has been upgraded to LTS, handle the other package upgrades necessary.

The first iteration of this was in Sprint 1 here: https://github.com/button-inc/digital_marketplace/issues/129.

Tasks

These packages require a major bump (there are no patch or minor updates in between the version we have and the next major): @keycloak/keycloak-admin-client 15.1.0 15.1.0 16.1.0 dependencies https://www.keycloak.org/ autoprefixer 9.8.8 9.8.8 10.4.2 devDependencies https://github.com/postcss/autoprefixer#readme chalk 2.4.2 2.4.2 5.0.0 dependencies https://github.com/chalk/chalk#readme cssnano 4.1.11 4.1.11 5.0.15 devDependencies https://github.com/cssnano/cssnano dotenv 6.2.0 6.2.0 11.0.0 dependencies https://github.com/motdotla/dotenv#readme find-up 5.0.0 5.0.0 6.2.0 dependencies https://github.com/sindresorhus/find-up#readme grunt-browserify 5.3.0 5.3.0 6.0.0 devDependencies https://github.com/jmreidy/grunt-browserify grunt-contrib-compress 1.6.0 1.6.0 2.0.0 devDependencies https://github.com/gruntjs/grunt-contrib-compress#readme grunt-terser 0.1.1 0.1.1 2.0.0 devDependencies https://github.com/adascal/grunt-terser html-to-text 5.1.1 5.1.1 8.1.0 dependencies https://github.com/html-to-text/node-html-to-text jest-diff 25.5.0 25.5.0 27.4.6 dependencies https://github.com/facebook/jest#readme keycloak-connect 8.0.2 8.0.2 16.1.0 dependencies http://keycloak.org load-grunt-tasks 4.0.0 4.0.0 5.1.0 devDependencies https://github.com/sindresorhus/load-grunt-tasks#readme openid-client 3.15.10 3.15.10 5.1.1 dependencies https://github.com/panva/node-openid-client react 16.14.0 16.14.0 17.0.2 dependencies https://reactjs.org/ react-dom 16.14.0 16.14.0 17.0.2 dependencies https://reactjs.org/ react-markdown 4.3.1 4.3.1 7.1.2 devDependencies https://github.com/remarkjs/react-markdown#readme react-select 3.2.0 3.2.0 5.2.1 devDependencies https://github.com/JedWatson/react-select/tree/master/packages/react-select reactstrap 8.10.1 8.10.1 9.0.1 devDependencies https://github.com/reactstrap/reactstrap#readme serve 11.3.2 11.3.2 13.0.2 devDependencies https://github.com/vercel/serve#readme swagger-jsdoc 4.3.2 4.3.2 6.1.0 dependencies https://github.com/Surnet/swagger-jsdoc ts-node 8.10.2 8.10.2 10.4.0 dependencies https://typestrong.org/ts-node typescript 3.8.2 3.9.10 4.5.4 dependencies https://www.typescriptlang.org/ uuid 3.4.0 3.4.0 8.3.2 dependencies https://github.com/uuidjs/uuid#readme yargs 16.2.0 16.2.0 17.3.1 dependencies https://yargs.js.org/ @wordpress/wordcount 2.15.2 2.15.2 3.2.3 dependencies https://github.com/WordPress/gutenberg/tree/HEAD/packages/wordcount/README.md

This one can go to a higher minor first: knex 0.19.5 0.19.5 0.95.15 dependencies https://knexjs.org (but TS needs to be updated first)

wenzowski commented 2 years ago

Recommend splitting out the upgrades to multiple commits in the same PR as there is a risk this will break things, so our future selves will appreciate structuring our history so we can make short work of identifying any future regression via git bisect.

kriscooke commented 2 years ago

@wenzowski how granular were you suggesting to go with dependency updates as part of this commit-by-commit update strategy?

ie: Just major versions? Major and minor but not patch? etc.

wenzowski commented 2 years ago

If we're adopting Conventional Commits then I'd follow SemVer and bump node, then bump all patch level together, then bump all minor together, then bump each major individually as these are the ones most likely to cause issues for our codebase.

BCerki commented 2 years ago

These packages require a major bump (there are no patch or minor updates in between the version we have and the next major): @keycloak/keycloak-admin-client 15.1.0 15.1.0 16.1.0 dependencies https://www.keycloak.org/
autoprefixer 9.8.8 9.8.8 10.4.2 devDependencies https://github.com/postcss/autoprefixer#readme
chalk 2.4.2 2.4.2 5.0.0 dependencies https://github.com/chalk/chalk#readme
cssnano 4.1.11 4.1.11 5.0.15 devDependencies https://github.com/cssnano/cssnano
dotenv 6.2.0 6.2.0 11.0.0 dependencies https://github.com/motdotla/dotenv#readme
find-up 5.0.0 5.0.0 6.2.0 dependencies https://github.com/sindresorhus/find-up#readme
grunt-browserify 5.3.0 5.3.0 6.0.0 devDependencies https://github.com/jmreidy/grunt-browserify
grunt-contrib-compress 1.6.0 1.6.0 2.0.0 devDependencies https://github.com/gruntjs/grunt-contrib-compress#readme
grunt-terser 0.1.1 0.1.1 2.0.0 devDependencies https://github.com/adascal/grunt-terser
html-to-text 5.1.1 5.1.1 8.1.0 dependencies https://github.com/html-to-text/node-html-to-text
jest-diff 25.5.0 25.5.0 27.4.6 dependencies https://github.com/facebook/jest#readme
keycloak-connect 8.0.2 8.0.2 16.1.0 dependencies http://keycloak.org
load-grunt-tasks 4.0.0 4.0.0 5.1.0 devDependencies https://github.com/sindresorhus/load-grunt-tasks#readme
openid-client 3.15.10 3.15.10 5.1.1 dependencies https://github.com/panva/node-openid-client
react 16.14.0 16.14.0 17.0.2 dependencies https://reactjs.org/
react-dom 16.14.0 16.14.0 17.0.2 dependencies https://reactjs.org/
react-markdown 4.3.1 4.3.1 7.1.2 devDependencies https://github.com/remarkjs/react-markdown#readme
react-select 3.2.0 3.2.0 5.2.1 devDependencies https://github.com/JedWatson/react-select/tree/master/packages/react-select
reactstrap 8.10.1 8.10.1 9.0.1 devDependencies https://github.com/reactstrap/reactstrap#readme
serve 11.3.2 11.3.2 13.0.2 devDependencies https://github.com/vercel/serve#readme
swagger-jsdoc 4.3.2 4.3.2 6.1.0 dependencies https://github.com/Surnet/swagger-jsdoc
ts-node 8.10.2 8.10.2 10.4.0 dependencies https://typestrong.org/ts-node
typescript 3.8.2 3.9.10 4.5.4 dependencies https://www.typescriptlang.org/
uuid 3.4.0 3.4.0 8.3.2 dependencies https://github.com/uuidjs/uuid#readme
yargs 16.2.0 16.2.0 17.3.1 dependencies https://yargs.js.org/ @wordpress/wordcount 2.15.2 2.15.2 3.2.3 dependencies https://github.com/WordPress/gutenberg/tree/HEAD/packages/wordcount/README.md

This one can go to a higher minor first: knex 0.19.5 0.19.5 0.95.15 dependencies https://knexjs.org (but TS needs to be updated first)