[
https://issues.apache.org/jira/browse/SENTRY-973?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15047388#comment-15047388
]
Lenni Kuff commented on SENTRY-973:
-----------------------------------
bq. Yep, that's fair enough if that's the policy of the project.
We have no specific policy for the project, but just want to be safe about
making changes (and adding possible risk) that is unnecessary.
bq. Also, not picking up minor dependency updates, means you are missing out
on potential security fixes.
Do you know of those minor version updates contain security fixes (or other
critical bug fixes)?
bq. How would you like to proceed with this issue? If you want I could attach a
second patch, which only contains dependency updates relating to testing, which
wouldn't have an effect on deployment.
How about taking a quick look over the dependencies that have changed and
updating them iff there are important issues fixed?
> Update dependencies
> -------------------
>
> Key: SENTRY-973
> URL: https://issues.apache.org/jira/browse/SENTRY-973
> Project: Sentry
> Issue Type: Improvement
> Reporter: Colm O hEigeartaigh
> Assignee: Colm O hEigeartaigh
> Priority: Trivial
> Fix For: 1.7.0
>
> Attachments: SENTRY-973.patch
>
>
> Some of the dependencies used in the project are quite old and could be
> updated.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
