Bump @elastic/elasticsearch from 7.13.0 to 8.10.0 #1044
Conversation
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=60&v=4){kind=small}
Bumps [@elastic/elasticsearch](https://github.com/elastic/elasticsearch-js) from 7.13.0 to 8.10.0. - [Release notes](https://github.com/elastic/elasticsearch-js/releases) - [Changelog](https://github.com/elastic/elasticsearch-js/blob/main/docs/changelog.asciidoc) - [Commits](elastic/elasticsearch-js@v7.13.0...v8.10.0) --- updated-dependencies: - dependency-name: "@elastic/elasticsearch" dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
dependabot
bot
added
the
dependencies
|
The changeling from version 7 to version 8 does have some stated breaking changes.
There are more to list but after looking at the code I found that we never import and use it. It's a dependency inside of In conclusion I think it's safe to bump but I could have a lack of understanding on why it's here. @godber |
|
I don't think we can bump this one, though I don't have a good understanding of the details. My vague understanding here is that this connector enables teraslice to connect to a number of different versions/flavors of elasticsearch. At some point the clients started breaking compatibility with one another so our connector probes the search connector to see which version/flavor of elasticsearch something is, then creates a client object with the "best" client dependency. I think roughly the mappings are:
You might dig around and see if you can find the code that does this selection when you have a chance. Some day, not today, it could be worth discussing this with @jsnoble. For now, lets ask dependabot to "ignore this major version". I am not sure if a minor version change is acceptable or not, THAT is worth asking Jared if it comes up. |
|
@dependabot ignore this major version |
|
OK, I won't notify you about version 8.x.x again, unless you re-open this PR. |
dependabot
bot
deleted the
dependabot/npm_and_yarn/elastic/elasticsearch-8.10.0
branch
Bumps @elastic/elasticsearch from 7.13.0 to 8.10.0.
Release notes
Sourced from
@elastic/elasticsearch's releases.... (truncated)
Changelog
Sourced from
@elastic/elasticsearch's changelog.... (truncated)
Commits
696742c8.10 codegen updates (#2019)3f672c9[8.10] [DOCS] Fixwelcome-to-elasticlink (#2007) (#2008)2046337[Backport 8.10] Upgrade transport: skip adding new nodes that aren't ready ye...6472046[Backport 8.10] Pin untrusted Github Action to a commit hash (#1986) (#1992)8d5e75dFix branch name checker for automatic codegen script (#1980)ad86306Updated project metadata to use group name (#1979)c4c3be1Bump 8.9.1 on main (#1972)a9bed7eAuto-generated code for main (#1946)787b3b0Remove unnecessary code (#1971)9aaf758Upgrade transport (#1968)Maintainer changes
This version was pushed to npm by joshmock, a new releaser for
@elastic/elasticsearchsince your current version.Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)