What do we need to do before removing composer.lock?
There is a risk that an update will introduce a bug or incompatibility.
Some packages will be more likely to introduce bugs than others. This will be based on the package's / author's
test coverage.
strictness of following semver.
how far off the 'happy path' is our use of the package?
are plugins dependant on each other.
there will be other factors to consider.
One example is how the plugins: amazon-s3-and-cloudfront & wp-document-revisions can have an effect on each other. There is a current bug where amazon-s3-and-cloudfront logs a warning because of wp-document-revisions.
This minor incompatibility highlights that a similar thing could also arise in the future.
How do we mitigate incompatibilities from causing an issue?
End to end test suite?
Devs are notified when a new version of a package is rolled out.
Regular QA with checkboxes for key functionality.
A good e2e test to start with would be uploading a document and ensuring that a revsion is created, and that the document is available for download.
What do we need to do before removing composer.lock?
There is a risk that an update will introduce a bug or incompatibility.
Some packages will be more likely to introduce bugs than others. This will be based on the package's / author's
One example is how the plugins: amazon-s3-and-cloudfront & wp-document-revisions can have an effect on each other. There is a current bug where amazon-s3-and-cloudfront logs a warning because of wp-document-revisions.
This minor incompatibility highlights that a similar thing could also arise in the future.
How do we mitigate incompatibilities from causing an issue?
A good e2e test to start with would be uploading a document and ensuring that a revsion is created, and that the document is available for download.