Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Confirm dependabot version update to vrms-data.yml #5497

Closed
4 tasks
t-will-gillis opened this issue Sep 12, 2023 · 1 comment · Fixed by #5637
Closed
4 tasks

Confirm dependabot version update to vrms-data.yml #5497

t-will-gillis opened this issue Sep 12, 2023 · 1 comment · Fixed by #5637
Assignees
Labels
Complexity: Medium Feature: Refactor GHA Refactoring GitHub actions to fit latest architectural norms role: back end/devOps Tasks for back-end developers size: 1pt Can be done in 4-6 hours
Milestone

Comments

@t-will-gillis
Copy link
Member

Prerequisites

  1. You must be a member of Hack for LA to work on an issue. If you have not joined yet, please follow the steps on our Getting Started page.
  2. Please make sure you have read our Hack for LA Contributing Guide before you claim/start working on an issue.

Details

NOTE TO REVIEWERS: In order to review this PR, you must create a testing environment on your local repo.

Overview

Our repo's dependabot periodically checks the packages/dependencies used in our codebase to see whether a more recent version is available. When it finds an updated version, the dependabot creates a PR specifying which files will be affected if the package/dependency is updated. We need to check each of these files individually to determine whether we should or should not switch to the latest version.

Action Items

Refer to the vrms-data.yml file and review the version update(s) recommended by the dependabot.

  • Make sure that you have configured your private repo for testing GHAs. See "Details" above.
  • Review the expected activity of the GHA, then create a test branch in your local repo to trigger and record the results of the current action.
  • Create another test branch to trigger and record the results of the action using the updated package version(s). Change all instances of:
- uses: actions/checkout@v3

to:

- uses: actions/checkout@v4
  • Compare results to determine whether the update causes breaking changes, or whether the update causes no apparent change in the expected functioning of the action, and "Approve" or "Request changes" as appropriate.

Resources/Instructions

@t-will-gillis t-will-gillis added Complexity: Medium Draft Issue is still in the process of being created Feature: Refactor GHA Refactoring GitHub actions to fit latest architectural norms role: back end/devOps Tasks for back-end developers size: 1 pt labels Sep 12, 2023
@wanyuguan wanyuguan added size: 1pt Can be done in 4-6 hours and removed size: 1 pt labels Sep 17, 2023
@Josiah-O Josiah-O added this to the 02. Security milestone Sep 24, 2023
@t-will-gillis t-will-gillis self-assigned this Sep 30, 2023
@t-will-gillis t-will-gillis removed the Draft Issue is still in the process of being created label Sep 30, 2023
@github-actions
Copy link

Hi @t-will-gillis, thank you for taking up this issue! Hfla appreciates you :)

Do let fellow developers know about your:-
i. Availability: (When are you available to work on the issue/answer questions other programmers might have about your issue?)
ii. ETA: (When do you expect this issue to be completed?)

You're awesome!

P.S. - You may not take up another issue until this issue gets merged (or closed). Thanks again :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Complexity: Medium Feature: Refactor GHA Refactoring GitHub actions to fit latest architectural norms role: back end/devOps Tasks for back-end developers size: 1pt Can be done in 4-6 hours
Projects
Development

Successfully merging a pull request may close this issue.

3 participants