Composer package upgrades #767
Labels
actually quite difficult
This task has technical intricacies which mean it needs analysis by someone familiar with the system
Comments
stwalkerster
added
the
actually quite difficult
|
font-awesome should be easy enough, the fonts haven't really changed |
|
Would creating a PR for this help so we can at least run through the existing tests in the system plus set it up on a dev server and start seeing what's broken? |
|
I don't think we should put all of these in one pull request, but having a series of PRs we can test is fine by me. The four groups I listed above would make a good starting point so we're not creating thousands of PRs |
|
So I'm basically working through this list with the assistance of dependabot. I'll update the main description with the current status. |
|
I'm gonna close this as Dependabot has worked it's way through everything, except the ones that have different tasks opened. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
We should consider upgrading the following packages:
Semi-relevant but old information
Some of these (
wikimedia/common-passwords,league/commonmark) should be fairly straight-forward since they're used in very specific and easily-testable ways.Others (
spomky-labs/otphp) have security considerations, and need to be very well tested as well as ensuring existing TOTP codes work.More still (
smarty/smarty,fortawesome/font-awesome) are so ingrained into the UI of the tool that a change will require retesting pretty much every page in the tool.Finally,
twbs/bootstrapwill have some major breaking changes, and will likely require substantial fiddling around with SCSS to do the upgrade.Most of the minor upgrades will be dealt with by @dependabot. Some of the more major updates will require more work.
General list of additional work
The text was updated successfully, but these errors were encountered: