Managing dependencies


#1

Hi,

Wanted to ask around to see how folks are managing plugin dependency breaks on production apps.

Our team often runs into unforeseen issues where a dependency upgrade will break our build, and from there it is a manual process of trial and error / experimentation to find out what versions play nicely with each other. However, given the number of dependencies in our app, it can be a very tedious process.

On many of our plugins, we have caret’s ("^") which automatically updates us to the most recent major version. A simple solution we are exploring is to simply remove the caret, and to have monthly upgrade cycles where we upgrade to latest versions and see which ones break.

But wanted to poll the community and see how others are managing this.

Thank you


#2

After the very annoying update I just went through I was considering the same thing (using exact-versions)


#3

Yeah, at the same time unless we do the periodic upgrade reviews, keeping exact versions leaves us open to risk from 1) OS system upgrades that don’t support the older plugin or 2) Deprecated plugins, or 3) Not having latest security patches / bug fixes

It just seems like there has to be a better solution than trial and error or going to each individual github to see what changed