webpack-defaults icon indicating copy to clipboard operation
webpack-defaults copied to clipboard

Published 20 hours ago verified publisher icon webpack-contrib

RFC: Dependency Updates

Open joshwiens opened this issue 7 years ago • 5 comments

The topic of using greenkeeper.io was raised by @boopathi in Slack.

At an organization level, the amount of spam in the feed would be less than optimal to say the least but it does highlight a valid need...

  • Making the maintenance of dependencies more consistent across the organization and less tedious for maintainers.

The two viable options ...

1.) As opposed to using that particular tool, what about using https://github.com/yeoman/update-notifier as a part of defaults?

2.) Use updtr as a part of the post-install(prepare in 8.x) hook or another viable execution method to notify about dependency updates. The Updtr feature set is a nice middle ground between completely manual & something like greenkeeper.io. The caveat being that we will probably have to PR in an update for npm@5 though I haven't tested that theory yet.

Accomplishes the same thing ( less the automatic pull requests ) with none of the spam that comes along with greenkeeper.io that would be detrimental at a higher level.

//cc @bebraw @sapegin

joshwiens avatar Mar 03 '17 23:03 joshwiens

👍 for update-notifier.

Greenkeeper is too noisy for me. That said, we need a good way to propagate changes like the one that was made to loader-utils across repositories. Tackling internal deprecations would be valuable itself.

I guess in ideal world, we would have codemods and automation to apply them on breaking changes (only review effort), but that's far off at the moment.

bebraw avatar Mar 04 '17 05:03 bebraw

How it should work with update-notifier? Not sure I understand how you want to use it.

sapegin avatar Mar 04 '17 07:03 sapegin

Not something you need to add immediately and the implementation details still need to be fleshed out. Issue opened based on a conversation about dependency maintenance and our general desire to not use greenkeeper.io to do it.

Usage: Run notifier as a part of ( end of realistically ) the cli execution of webpack-defaults

Not suggesting that we automatically upgrade pacakges, only that we notify that the maintainer has possible upgrades. Automatic dependency upgrade is always going to be tedious at the consumer level, a simple reminder on the defaults execution should be sufficient.

joshwiens avatar Mar 04 '17 07:03 joshwiens

https://github.com/peerigon/updtr

michael-ciniawsky avatar Mar 21 '17 01:03 michael-ciniawsky

@michael-ciniawsky better use renovate to automatize this process, let's open issue we should setup this in future

alexander-akait avatar Aug 17 '18 13:08 alexander-akait