-
Notifications
You must be signed in to change notification settings - Fork 222
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
WSTEAMA-1398: Bump lru-cache from 7.7.1 to 11.0.1 #11935
base: latest
Are you sure you want to change the base?
Conversation
Could be something to look into again now that we have alternative analytics solution for Opera Mini. |
Bumps [lru-cache](https://github.com/isaacs/node-lru-cache) from 7.7.1 to 11.0.0. - [Changelog](https://github.com/isaacs/node-lru-cache/blob/main/CHANGELOG.md) - [Commits](isaacs/node-lru-cache@v7.7.1...v11.0.0) --- updated-dependencies: - dependency-name: lru-cache dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
baa7e5e
to
535cc20
Compare
@amoore108 I am going to try and fix up the PR, so that we can decide on the next steps i.e. do we put it on preview and try to test it with Opera Mini? |
Could try it and see. We have a fairly reliable why of testing the analytics events are coming through, so it should be testable on Preview. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Requires testing on preview environment
A newer version of lru-cache exists, but since this PR has been edited by someone other than Dependabot I haven't updated it. You'll get a PR for the updated version as normal once this PR is merged. |
@amoore108 I've just noticed from the change log that from v11 onwards, they have dropped support for node < 20 https://github.com/isaacs/node-lru-cache/blob/main/CHANGELOG.md#110 😬 Does this mean that we can't actually upgrade until we're on Node 20? |
I think if it builds and can be tested properly then its ok. Typically its just support that is dropped, rather than actual compatibility. But its worth noting to be cautious with further updates and perhaps prioritise the next Node update so that we don't keep encountering this. |
cc @eagerterrier RE Node 20 support - we're testing it in preview and it seems OK so not sure if we should take the risk & proceed? |
This has been tested in the preview environment - see comments on https://jira.dev.bbc.co.uk/browse/WSTEAMA-1398?focusedId=6513476&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-6513476 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Probably worth keeping an eye on the toggles service graphs for anything out of the ordinary
https://jira.dev.bbc.co.uk/browse/WSTEAMA-1398
Bumps lru-cache from 7.7.1 to 11.0.0.
Changelog
Sourced from lru-cache's changelog.
... (truncated)
Commits
e1981d1
11.0.07965d88
drop old node versionse01135c
10.4.13fcc387
expanded engines definitiond67b111
changelog: cosmetics, explain 10.4 typo52c9cb0
10.4.019e60d3
update tshy, remove 'source' export3edad21
10.3.11aa58f9
drop EOL node, use clock tap pluginb695221
ci: remove node 18 from test matrixDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditions
will show all of the ignore conditions of the specified dependency@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)