You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Similar to dependabot with security updates, we could create a github action that upgrades python and javascript dependencies for the django cookiecutter. This would obsolete the manual, tedious process where we upgrade those dependencies whenever we notice they're old (which isn't the best method).
Here's one downside to this approach: what if the bot upgrades the dependencies and the changes break something in the cookiecutter? For example, IIRC, in the past a React upgrade broke how we render the react components and we had to upgrade React + change something in the cookiecutter. To address this problem, we can review the changes with a review app deployed to heroku (fully automated by gh actions!), and add some automated tests to ensure all parts of the cookiecutter app still works.
Are there any other downsides to this?
The text was updated successfully, but these errors were encountered:
The concern about dependencies breaking each other makes sense. And I do like the idea of tests to make sure things still run well with the upgrades, but what would that look like?
Similar to dependabot with security updates, we could create a github action that upgrades python and javascript dependencies for the django cookiecutter. This would obsolete the manual, tedious process where we upgrade those dependencies whenever we notice they're old (which isn't the best method).
Here's one downside to this approach: what if the bot upgrades the dependencies and the changes break something in the cookiecutter? For example, IIRC, in the past a React upgrade broke how we render the react components and we had to upgrade React + change something in the cookiecutter. To address this problem, we can review the changes with a review app deployed to heroku (fully automated by gh actions!), and add some automated tests to ensure all parts of the cookiecutter app still works.
Are there any other downsides to this?
The text was updated successfully, but these errors were encountered: