Closed k-macmillan closed 1 year ago
Hey team! Please add your planning poker estimate with Zenhub @cris-oddball @EvanParish @ianperera @jakehova @k-macmillan @kalbfled @trevor2718
I just completed this ticket, and updated the documentation here.
I may not have understood the Specific Version Tag Test and Security Vulnerable check tests. My first impression was to check if poetry was capable of something specific in each case, which I did. But you seem to want me to reproduce these errors using poetry, is that right?
I can do that, but these seem outside the scope of tools and are more general to dependency management in itself. @k-macmillan
updated the relevant documentation; though it may not be exactly what the tests desired, we have sufficient knowledge to know poetry is an excellent choice as a dependency manager, with the axiom being optimizing developer autonomy.
Goal
The goal of this task is to test Poetry as a dependency manager and identify how it addresses the tests below. Gather notes about ease of setup and how well the package is documented, in addition to testing the items listed below.
Update the doc with your findings.
Tech Stack-Specific
The following are related to our specific tech stack.
Flask Import Error Test
Celery Dependencies
Security Vulnerability Check
How does each handle security vulnerabilities?
Updating Pinned Versions
What, if anything does it do with pinned versions? If a pin is removed how does it handle it?
Specific Version Commit Test
Specific commit test. How does it handle it?
Specific Version Tag Test
Timebox
3 days