Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Reoccurring: Update renovate dependencies [On-call] [Ops-lead] [Weekly tasks] #1090

Open
2 tasks
jimleroyer opened this issue Feb 8, 2023 · 6 comments
Open
2 tasks
Labels
Dev Task for implementation of a technical solution Routine Routine task

Comments

@jimleroyer
Copy link
Member

jimleroyer commented Feb 8, 2023

Description

As an ops lead,
I want Notify patched with its dependencies,
So that it is secure and running the latest.

As a GCNotify user,
I want Notify secure,
So that I can trust it.

Timebox and role

This task is meant for the weekly ops lead, to maintain our dependencies. We prefer to spend small time to do it iteratively rather than wait for months to do it, taking weeks in the process.

This is ideally done on the ops lead time, requiring the role to let aside regular tasks for support as this one task.

Acceptance Criteria** (Definition of done)

  • Update component in the task list with the latest date that the dependency bump was applied.
  • Write as a comment to this card which tasks on which component were done.

Tasks

  • notification-utils
    • major deps / March 15
    • minor deps / March 15
    • patches / April 17
    • chore branches / May 15
    • lockfile / April 17
  • notification-admin
    • major deps / January 16
    • minor deps / Aug 23
    • chore branches / May 16
    • lockfile / April 13
    • docker images / May 16
    • Many depricated javascript module!
npm WARN deprecated [email protected]: deprecated
npm WARN deprecated [email protected]: deprecated
npm WARN deprecated [email protected]: gulp-util is deprecated - replace it, following the guidelines at https://medium.com/gulpjs/gulp-util-ca3b1f9f9ac5
npm WARN deprecated [email protected]: Chokidar 2 does not receive security updates since 2019. Upgrade to chokidar 3 with 15x fewer dependencies
npm WARN deprecated [email protected]: Legacy versions of mkdirp are no longer supported. Please update to mkdirp 1.x. (Note that the API surface has changed to use Promises in 1.x.)
npm WARN deprecated [email protected]: core-js@<3.23.3 is no longer maintained and not recommended for usage due to the number of issues. Because of the V8 engine whims, feature detection in old core-js versions could cause a slowdown up to 100x even if nothing is polyfilled. Some versions have web compatibility issues. Please, upgrade your dependencies to the actual version of core-js.
npm WARN deprecated [email protected]: The v1 package contains DANGEROUS / INSECURE binaries. Upgrade to safe fsevents v2
npm WARN deprecated [email protected]: See https://github.com/lydell/source-map-resolve#deprecated
npm WARN deprecated [email protected]: Please see https://github.com/lydell/urix#deprecated
npm WARN deprecated [email protected]: Modern JS already guarantees Array#sort() is a stable sort, so this library is deprecated. See the compatibility table on MDN: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/sort#browser_compatibility
npm WARN deprecated [email protected]: https://github.com/lydell/resolve-url#deprecated
npm WARN deprecated [email protected]: See https://github.com/lydell/source-map-url#deprecated

QA Steps

  • Local environment run fine locally (when appropriate)
  • Review environment run fine
  • Staging environment run fine
  • Run smoke tests on staging
@yaelberger-commits yaelberger-commits added Dev Task for implementation of a technical solution Tech Debt An issue targeting an identified technical debt labels Feb 13, 2023
@andrewleith andrewleith self-assigned this Feb 16, 2023
@smcmurtry
Copy link
Collaborator

Andrew is on vacation today, may pick up again tomorrow.

@andrewleith
Copy link
Member

I started on this last week and got the minor bumps in api done, but now that poetry is merged in it may change things. Will touch base today with @whabanks to understand the impact.

@jzbahrai jzbahrai changed the title Reoccurring: Update renovate dependencies Reoccurring: Update renovate dependencies [0n-call] [Ops-lead] [Weekly tasks] Mar 15, 2023
@jimleroyer jimleroyer changed the title Reoccurring: Update renovate dependencies [0n-call] [Ops-lead] [Weekly tasks] Reoccurring: Update renovate dependencies [On-call] [Ops-lead] [Weekly tasks] Mar 15, 2023
@yaelberger-commits
Copy link
Collaborator

Jumana worked on this and handing off to Will

@yaelberger-commits
Copy link
Collaborator

Friday Will booked Node version, will push today when Github is back up.

@andrewleith
Copy link
Member

  • Not much progress on this one this week

@andrewleith andrewleith assigned sastels and unassigned andrewleith Apr 12, 2023
@YedidaZalik
Copy link

Steve A is Ops lead so he is working on this. Since no one in our team is on Ops lead can move to Sprint backlog.

@andrewleith andrewleith assigned jzbahrai and unassigned andrewleith May 24, 2023
@jzbahrai jzbahrai removed their assignment Jun 27, 2023
@yaelberger-commits yaelberger-commits added Routine Routine task and removed Tech Debt An issue targeting an identified technical debt labels Jul 25, 2023
@andrewleith andrewleith self-assigned this Aug 14, 2023
@andrewleith andrewleith removed their assignment Sep 11, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Dev Task for implementation of a technical solution Routine Routine task
Projects
None yet
Development

No branches or pull requests

7 participants