Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Complete Dependabot dependency updates #3065

Open
2 tasks
abroddrick opened this issue Nov 12, 2024 · 0 comments
Open
2 tasks

Complete Dependabot dependency updates #3065

abroddrick opened this issue Nov 12, 2024 · 0 comments
Labels
dev

Comments

@abroddrick
Copy link
Contributor

Issue description

In our securities tab, we have several updates that have come in for packages we use. Given these are security updates it's important that we keep our application healthy by updating these in a timely manner.

Some of these updates are for the same package, only the most recent upgrade needs to be applied. For instance there are several django updates that call out updating to 4.2.14 and then later ones mention 4.2.15. There would be no point in upgrading to 4.2.14 and then updating to 4.2.15 and running the dependency updates twice; just update to the most recent one (4.2.15 in this case)

Acceptance criteria

  • all security updates are applied to our code base
  • if an update has already been applied to our system and is now non-applicable/ already resolved, just dismiss the alert as "inaccurate"

Additional context

No response

Links to other issues

No response
@abroddrick abroddrick added the dev label Nov 12, 2024
@abroddrick abroddrick changed the title Update Security dependencies Complete Dependabot dependency updates Nov 12, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
dev
Projects
.gov Product Board
Status: 👶 New
Milestone
No milestone
Development

No branches or pull requests
1 participant
@abroddrick