josh-byster
commented
5 years ago Do you think its safe to put latest here rather than specifying a version number? I'd imagine we wouldn't run into backwards compatibility issues as the version increases (in which case its fine as is), but just wanted to check with you.
@angadgarg25 that's a good point. I suppose the better move would be to pin the version and then potentially add to the Dependabot configuration to also be checking the Dockerfiles and submit PRs when node is bumped. That's what I do, for example, here. I switched to a pinned version for this PR (12.9) but is still a meaningful change since we can't run tests on alpine.
Resolves #344