Specify dependency updating policy #111
Description
Originally created by @boolean5 on 2022-06-13T11:24:47Z
Original issue: SpringACT/digital-safe-upload-on-blob#143
For now, because we don't have tests yet we agreed on the following:
- Run
npm updateornpm audit fixand test manually to make sure nothing breaks - To avoid conflicts: don't update dependencies on feature branches/PRs (adding dependencies is ok though). Instead open separate PRs to update dependencies.
When we have tests we should revisit this and perhaps re-enable Snyk to automatically open upgrade PRs.