Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade Node.js to active LTS version (18.x) #7348

Merged
merged 2 commits into from
Jul 19, 2023
Merged

Upgrade Node.js to active LTS version (18.x) #7348

merged 2 commits into from
Jul 19, 2023

Conversation

christianvuerings
Copy link
Contributor

Changes

Upgrades the Node.js version that dependabot uses to the latest active LTS (Long Term Support) version which is 18.x. https://nodejs.org/en
image

Why

  • Dependabot currently uses a Maintenance LTS version of Node.js instead of a Active LTS version. https://nodejs.dev/en/about/releases/
    image
  • We run into the following issue since we have engine-strict enabled and want to avoid
Dependabot uses Node.js v16.20.0
 and NPM 8.19.4
. Due to the engine-strict setting, the update will not succeed.

Related issues / threads

@christianvuerings christianvuerings requested a review from a team as a code owner May 19, 2023 21:17
christianvuerings
christianvuerings commented May 19, 2023
View reviewed changes
npm_and_yarn/Dockerfile

# Check for updates at https://github.com/npm/cli/releases
# This version should be compatible with the Node.js version declared above. See https://nodejs.org/en/download/releases as well
ARG NPM_VERSION=8.19.4
ARG NPM_VERSION=9.5.1
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

See https://nodejs.org/en/download/releases
image

@jurre
Copy link
Member

jurre commented Jun 5, 2023

Thanks, it probably makes sense to use that latest stable version 👍 It looks like you remove the package lock (by accident?), would you mind taking a look at that?

@matteosacchetto matteosacchetto mentioned this pull request Jun 14, 2023
Closed
1 task
@jurre
Copy link
Member

jurre commented Jun 20, 2023

It looks like this is breaking one of our tests, would you mind taking a look at that? 🙇

@andrejleitner
Copy link

npm_and_yarn/spec/dependabot/npm_and_yarn/file_updater_spec.rb:2525

- to eq("is-number@jonschlinkert/is-number#semver:^4.0.0")
+ to eq("is-number@github:jonschlinkert/is-number#semver:^4.0.0")

@christianvuerings
Copy link
Contributor Author

@jurre @andrejleitner I updated the PR - all tests are passing now

@lizthegrey
Copy link

This is required to support the latest Yarn versions, which have dropped 16.x support.

@lizthegrey
Copy link

Ping @jurre?

@jurre
Copy link
Member

jurre commented Jul 19, 2023

Thanks for the headsup, let me roll this out 👍

@jurre jurre merged commit 8ba26ec into dependabot:main Jul 19, 2023
102 checks passed
brettfo pushed a commit to brettfo/dependabot-core that referenced this pull request Oct 11, 2023
@jurre
Merge pull request dependabot#7348 from christianvuerings/upgrade-nod…
c84eab2 
…e-18

Upgrade Node.js to active LTS version (18.x)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jurre jurre jurre approved these changes

Assignees
No one assigned
Labels
L: javascript
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@christianvuerings @jurre @andrejleitner @lizthegrey