Skip to content

Commit

Permalink
Update the issue template for a routine dependency upgrade. (#1651)
Browse files Browse the repository at this point in the history
  • Loading branch information
kalbfled authored Feb 15, 2024
1 parent 4703aad commit 00a1798
Showing 1 changed file with 15 additions and 11 deletions.
26 changes: 15 additions & 11 deletions .github/ISSUE_TEMPLATE/notify-dependency-update-template.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,37 +4,41 @@ about: Regular dependency updates
title: Regular Update for Dependencies
labels: Notify, QA, Tech Debt
assignees: ''

---

## User Story - Business Need

We wish to keep dependencies up to date so we do not need such massive overhauls of our system. This will be a recurring ticket that will be done every sprint. We will update all dependencies we are able to. Any conflicts will get a ticket. This is intended to be a day of work at most because this is intended to update with only non-breaking changes.
We wish to keep dependencies up to date so we do not need such massive overhauls of our system. This is a recurring task to update all dependencies we are able to update. Any conflicts shall get a dedicated ticket. This task should be a day of work at most because it only updates non-breaking changes.

- [ ] Ticket is understood and QA has been contacted

### User Story
**As** VA Notify

**As** VA Notify,
**I want** to keep our service up to date
**So that** we are secure and as free of bugs as possible
**So that** we are secure and as free of bugs as possible.

### Additional Info and Resources

- Relevant section of [README.md](https://github.com/department-of-veterans-affairs/notification-api#update-requirementstxt)

## Engineering Checklist

- [ ] Open "Tech Debt" issues reviewed to identify packages already known to have breaking changes (don't try to upgrade these)
- [ ] Review [open Dependabot PRs](https://github.com/department-of-veterans-affairs/notification-api/pulls/app%2Fdependabot) to determine where the changes will take place. You may need to rebase older PRs. The PRs explain how to do this.
- [ ] Update performed
- [ ] Dependabot issues updated
- [ ] Any conflicts removed and tickets created
- [ ] Dependabot PRs updated. (They should automatically close if a given dependency was upgrade at least to the version given by the PR.)
- [ ] Any conflicts removed and tickets created with the "tech debt" label
- [ ] Passes all tests locally
- [ ] Passes userflows and QA Suite testing against Dev
- [ ] Any major changes are investigated (compare existing to new version changes)
- [ ] Any questionable version changes are removed and a ticket is created
- [ ] Tickets created are added to the Epic for tracking purposes
- [ ] Passes QA Suite regression testing against Dev
- [ ] Any major version changes are investigated (compare existing to new version change logs)
- [ ] Any questionable version changes are removed and a ticket with the "tech debt" label is created

## Acceptance Criteria
Repo dependencies are updated and we have no broken functionality. Issues opened by Dependabot are resolved. Tickets created for any updates we could, or should, not do.

Repo dependencies are updated and we have no broken functionality. Issues opened by Dependabot are resolved. Tickets with the "tech debt" label created for any updates we could, or should, not do.

## QA Considerations

- [ ] Check to see if these updates cancel out any Twistlock issues
- [ ] QA Regression tests pass after deploying this code.

0 comments on commit 00a1798

Please sign in to comment.