8000 Revert dependencies to pre-Dependabot by code-asher · Pull Request #100 · coder/backstage-plugins · GitHub
[go: up one dir, main page]
Skip to content

Revert dependencies to pre-Dependabot #100

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Mar 28, 2024
Merged

Revert dependencies to pre-Dependabot #100

merged 4 commits into from
Mar 28, 2024

Conversation

code-asher
Copy link
Member
@code-asher code-asher commented Mar 27, 2024
edited
Loading

This reverts each package.json and the main yarn.lock file to how they were scaffolded, before Dependabot started making updates.

Edit: I bumped the @testing-library/* dependencies (since without that we get an error about renderHook) then ran yarn install again. This should also cover lockfile changes we made manually in between Dependabot updates that could not be cleanly reverted (there was only one that I saw).

So, this is not strictly pre-Dependabot anymore, but should be the same result as if we had never used it.

Edit 2: I modified CI to test all plugins whenever the lockfile changes. So we can probably add Dependabot back if we want, although I would prefer we use something that batches updates into a single PR every week or so because it was pretty noisy and tedious. I wonder also if we want to exclude Backstage dependencies so we can handle those manually.

@code-asher
Revert dependencies to pre-Dependabot
943c043 
This reverts all dependencies to how they were scaffolded, before
Dependabot started making updates.
@code-asher code-asher force-pushed the asher/revert-dependencies branch 2 times, most recently from 21c392b to 91e6f27 Compare March 27, 2024 22:24
@code-asher code-asher marked this pull request as ready for review March 27, 2024 22:27
@code-asher code-asher requested a review from Parkreiner March 27, 2024 22:27
@code-asher code-asher force-pushed the asher/revert-dependencies branch from 91e6f27 to a23e90d Compare March 27, 2024 22:32
@code-asher
Test all plugins when yarn.lock file changes
bf8028f 
Since the plugins, app, and backend share a lockfile, it seems we can
get some odd issues when we update dependencies that are not caught
until the next time a plugin is tested.

In particular, this happened with Dependabot, and although we were
updating the package.json as well to make sure affected plugins were
tested I think the issue comes with updating dependencies of
dependencies not directly listed in the package.json.
Parkreiner
Parkreiner approved these changes Mar 28, 2024
View reviewed changes
Copy link
Member
@Parkreiner Parkreiner left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good – thanks for doing all this!

@code-asher code-asher merged commit 8f195c5 into main Mar 28, 2024
@code-asher code-asher deleted the asher/revert-dependencies branch March 28, 2024 18:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Parkreiner Parkreiner Parkreiner approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
32BC @code-asher @Parkreiner
0