Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrades dependencies #3346

Closed
wants to merge 3 commits into from
Closed

Upgrades dependencies #3346

wants to merge 3 commits into from

Conversation

MadVikingGod
Copy link
Contributor

@MadVikingGod MadVikingGod commented Oct 17, 2022
edited
Loading

This was done by using go get -u -t ./... for all directories with a go mod. This will upgrade transitive dependencies, and if any were pinned.

This would supersede #3294 - #3338 resolved elsewhere.

@MadVikingGod MadVikingGod added the Skip Changelog PRs that do not require a CHANGELOG.md entry label Oct 17, 2022
@Aneurysm9
Copy link
Member

All of the dependabot PRs were handled via #3348. Would be interested to see the result of this approach after that. I think it's just the transitive dependencies and those using pseudoversions.

@MadVikingGod
Copy link
Contributor Author

I will redo this on the new main and see.

@pellared
Copy link
Member

@MadVikingGod Can you run go mod tidy? 😉 I like this PR 👍

@Aneurysm9
Copy link
Member

I think I see two categories of change here:

  1. Updating a direct dependency on google.golang.org/genproto that dependabot doesn't upgrade, if I'm not mistaken because it does not deal with pseudoversions.
  2. Updating transitive dependencies.

Definitely good with 1) but I'm not sure we need to/should do 2). What are the risks and rewards of updating our transitive dependencies before they're updated where they are direct dependencies?

@MrAlias
Copy link
Contributor

MrAlias commented Oct 28, 2022

Should this be closed?

@MadVikingGod MadVikingGod deleted the mvg/dependabot-2022-10-17 branch February 21, 2023 19:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pellared pellared pellared approved these changes

@jmacd jmacd Awaiting requested review from jmacd

@MrAlias MrAlias Awaiting requested review from MrAlias MrAlias is a code owner

@Aneurysm9 Aneurysm9 Awaiting requested review from Aneurysm9

@evantorrie evantorrie Awaiting requested review from evantorrie

@XSAM XSAM Awaiting requested review from XSAM XSAM is a code owner

@dashpole dashpole Awaiting requested review from dashpole dashpole is a code owner

@hanyuancheung hanyuancheung Awaiting requested review from hanyuancheung

@dmathieu dmathieu Awaiting requested review from dmathieu dmathieu is a code owner

Assignees
No one assigned
Labels
Skip Changelog PRs that do not require a CHANGELOG.md entry
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@MadVikingGod @Aneurysm9 @pellared @MrAlias