[
https://issues.apache.org/jira/browse/HDDS-9171?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17806489#comment-17806489
]
Abhishek Pal commented on HDDS-9171:
------------------------------------
Hello [~adoroszlai], yes I had this going on in my mind actually, we can reduce
the number of PRs raised by dependabot for JS dependencies, maybe one at a time
would be better.
I haven't been able to give much time to the project, but I was actually
planning to add tests as a part ofÂ
[HDDS-3182|https://issues.apache.org/jira/browse/HDDS-3182], which we can
enable as a part of gate checks, so we can atleast be assured no behaviour is
affected by these updates.
The thing is that the repo is actually quite old in terms of versions, and we
might need to migrate down the line to React V18, and update the other
dependencies as well - but for now I feel like if we are to merge the upgrades
without verification it will surely break things, as the way things are
implemented in v18 (hooks) vs v16 is different.
Do let me know if you feel having one PR at a time will be the better option to
go for now.
Thanks
> Resolve dependabot build issues when updating npm packages
> ----------------------------------------------------------
>
> Key: HDDS-9171
> URL: https://issues.apache.org/jira/browse/HDDS-9171
> Project: Apache Ozone
> Issue Type: Improvement
> Reporter: Ethan Rose
> Assignee: Abhishek Pal
> Priority: Major
> Labels: pull-request-available
> Fix For: 1.4.0
>
>
> Dependabot has been enabled for the Ozone repository, but its builds are
> failing since it is only updating the lock file. This jira is to update
> .github/dependabot.yml so that the PRs are filed correctly. Example:
> https://github.com/apache/ozone/pull/5143
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
