Closed axel7083 closed 1 month ago
I'm against this until we have tests. We've had issues in the past updating minor versions of packages that have introduced subtle bugs. Just updating a package for the sake of keeping it up-to-date has no utility.
Yeah I appreciate the thought, but this is the kind of thing that I think would be better as not PRs but some sort of notification list of outdated dependencies that can be manually checked
but some sort of notification list of outdated dependencies that can be manually checked
This is called yarn outdated
Some packages in the
frontend/packages.json
are a bit outdated, keeping them up to date manually can be often tedious.Github has the
dependabot
allowing to automate this process.See https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file