You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We wish to keep dependencies up to date so we do not need such massive overhauls of our system. This is a recurring task to update all dependencies we are able to update. Any conflicts shall get a dedicated ticket. This task should be a day of work at most because it only updates non-breaking changes.
Ticket is understood and QA has been contacted
User Story
As VA Notify, I want to keep our service up to date So that we are secure and as free of bugs as possible.
If there are any failures, compare the poetry.lock in master against your local poetry.lock.
Identify the discrepancies and lock those versions in pyproject.toml, create a ticket, and label it "tech debt"
Any non-top level dependencies that have to be locked should have a comment added to pyproject.toml and have a checkbox to remove that dependency from pyproject.toml in the acceptance criteria
Created ticket has the package name in the title
Acceptance Criteria
Repo dependencies are updated and we have no broken functionality. Issues opened by Dependabot are resolved. Tickets with the "tech debt" label created for any updates we could, or should, not do.
QA Considerations
Affected Dependabot PRs are closed after merge (may need to rebase them using dependabot command)
Check to see if these updates cancel out any Twistlock issues
QA Regression tests pass after deploying this code.
The text was updated successfully, but these errors were encountered:
User Story - Business Need
We wish to keep dependencies up to date so we do not need such massive overhauls of our system. This is a recurring task to update all dependencies we are able to update. Any conflicts shall get a dedicated ticket. This task should be a day of work at most because it only updates non-breaking changes.
User Story
As VA Notify,
I want to keep our service up to date
So that we are secure and as free of bugs as possible.
Additional Info and Resources
poetry.lock
, revert major changes, then minor, then patch/security: never edit this file manually!Engineering Checklist
poetry.lock
.pyproject.toml
, create a ticket, and label it "tech debt"pyproject.toml
and have a checkbox to remove that dependency frompyproject.toml
in the acceptance criteriaAcceptance Criteria
Repo dependencies are updated and we have no broken functionality. Issues opened by Dependabot are resolved. Tickets with the "tech debt" label created for any updates we could, or should, not do.
QA Considerations
The text was updated successfully, but these errors were encountered: