jiridanek commented on a change in pull request #1517:
URL: https://github.com/apache/qpid-dispatch/pull/1517#discussion_r807959553
##########
File path: console/react/package.json
##########
@@ -1,25 +1,25 @@
{
"name": "dispatch-console",
- "version": "1.17.0",
+ "version": "1.19.0",
"private": true,
"dependencies": {
- "@patternfly/patternfly": "^4.125.3",
- "@patternfly/react-charts": "^6.15.14",
- "@patternfly/react-core": "^4.147.0",
- "@patternfly/react-icons": "^4.11.8",
- "@patternfly/react-styles": "^4.11.8",
- "@patternfly/react-table": "^4.29.37",
- "@patternfly/react-topology": "^4.9.42",
+ "@patternfly/patternfly": "^4.171.1",
+ "@patternfly/react-charts": "^6.45.15",
+ "@patternfly/react-core": "^4.192.15",
+ "@patternfly/react-icons": "^4.43.15",
+ "@patternfly/react-styles": "^4.42.15",
+ "@patternfly/react-table": "^4.61.15",
+ "@patternfly/react-topology": "^4.39.15",
"d3": "^3.5.17",
"d3-queue": "^3.0.7",
- "express": "^4.17.1",
+ "express": "^4.17.2",
"font-awesome": "^4.7.0",
- "prop-types": "^15.7.2",
+ "prop-types": "^15.8.1",
"react": "^17.0.2",
"react-dom": "^17.0.2",
"react-fontawesome": "^1.7.1",
- "react-router-dom": "^5.2.0",
- "rhea": "^2.0.4",
+ "react-router-dom": "^6.2.1",
Review comment:
I think so, but there is not a thoughtfully developed policy on this in
the dispatch-router project.
Normally, for the native code components (the qdrouterd itself), the
versions of dependencies are dictated by the minimum version present in Linux
distributions that needs to be supported; that is, centos/rhel/fedora and
ubuntu. This is how C projects usually work. There are some packaging systems
for C, similar to npm, but the traditional Linux practice is to rely on your
distro.
In Javascript, all dependencies come from npm, so there the only limitation
coming from distros is version of nodejs.
I believe that the most sensible policy is to keep up with the latest
upstream version and to upgrade often. Here are my reasons for that
- security: minimizes the amount of `npm audit` warnings
- ease of update: when required (due to npm audit warnings), it helps if we
are on still actively supported recent version
- small diffs on upgrade: when the upgrade is done soon, the amount of
changes will be smaller than when having to upgrade over multiple major versions
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org
