Open anonym-HPI opened 1 year ago
One could install something like npm-check-updates globally and run e.g. ncu -u -deep
from the root.
Was seeing this, not sure if it could break things, as it seems to upgrade to latest major version, not minor version (see https://chektek.com/code/update-all-node-packages-to-latest/ the Warning part).
Was seeing this, not sure if it could break things, as it seems to upgrade to latest major version, not minor version (see https://chektek.com/code/update-all-node-packages-to-latest/ the Warning part).
You should always look at the changelogs of a package and what exactly was updated before upgrading it. Therefore you would catch any unwanted major versions. Also, not every package follows semver (e.g. typescript). ncu
also offers an --interactive
flag.
I agree with @Dassderdie on this. I don't think we should provide a way of updating packages when there already exist solutions like ncu
.
As long as someone regurarly updates packages, we shouldn't need it.
Using npm run setup
should be used to update local packages, when someone else updates the packages in the repo or what would be the way? Maybe we could document this or is this even needed for development (probably at some point, when packages are too out of date)?
As long as someone regurarly updates packages, we shouldn't need it. Using
npm run setup
should be used to update local packages, when someone else updates the packages in the repo or what would be the way? Maybe we could document this or is this even needed for development (probably at some point, when packages are too out of date)?
npm run setup
makes sure that the locally installed packages are in sync with the package.json
and sometimes updates the package-lock.json
if there are newer versions present (search for npm install
to get more detailed information).
I don't think general stuff about updating packages should be documented in this repository, as this is nothing specific to us, but instead applies to all current web development/the npm ecosystem.
A script to update packages to (at least) there newest minor version, could be useful. Keeping packages up to date, is probably something we should do regularly or is there something in place already?
I know that we have a watcher for CVEs in dependencies, but this wouldn't for example alert when a bug gets fixed in a minor version or so.
I would propose of something like: npm run update:packages:all (for updating them in root, frontend, shared and backend). Name came from this https://jh3y.medium.com/how-to-update-all-npm-packages-in-your-project-at-once-17a8981860ea
The script should also change the package-lock.json files, to commit them.
@Dassderdie @ClFeSc what do you think?