Update old indirect dependencies

Open mtrmac opened this issue 11 months ago • 0 comments

Bots generally update direct dependencies, and dependencies with known vulnerabilities.

For indirect dependencies which are over a year old, and either have a newer tagged release or haven’t been using a tagged release anyway, update to the latest version.

(This does nothing about dependencies with no upstream activity, or officially deprecated or even archived.)

Mar 13 '25 22:03 mtrmac