New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
build: jump to node 18. #1104
base: 1.x
Are you sure you want to change the base?
build: jump to node 18. #1104
Conversation
PR summaryThe Pull Request proposes updating the Node.js version from 16.x to 18.x across various GitHub Actions workflows and Dockerfiles. This change is motivated by the end-of-life (EOL) status of Node 16, which means it will no longer receive security updates or patches. The PR author has tested the package with Node 18 and confirmed that the test suite passes, but it fails with Node 20. The PR suggests explicitly specifying Node 18 instead of using the SuggestionThe PR seems well-motivated and the changes are consistent across the files. However, it would be beneficial to ensure that all dependencies and integrations are fully compatible with Node 18 to prevent any unforeseen issues post-merge. Additionally, it might be worth considering setting up a testing strategy that includes Node 20 in a separate branch or as an allowed failure, to prepare for the future upgrade to the next LTS version when it becomes stable for the project's needs. Disclaimer: This comment was entirely generated using AI. Be aware that the information provided may be incorrect. Current plan usage: 69.56% Have feedback or need help? |
I expect the "local" chunks of the build to fail, because I see them failing on the last Dependabot PR - #1103 |
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## 1.x #1104 +/- ##
===========================================
+ Coverage 69.72% 81.83% +12.11%
===========================================
Files 45 45
Lines 2543 2543
Branches 459 459
===========================================
+ Hits 1773 2081 +308
+ Misses 710 439 -271
+ Partials 60 23 -37 ☔ View full report in Codecov by Sentry. |
We see Node 16 is now past EOL, which means the stacking vulns on the docker images is increasing with no known way to resolve.
I pulled this package down and ran the test suite against Node 18 and it passed. Ran it against Node 20 and it failed.
I imagine thats a bit more difficult to patch. So I thought I would go through the images and upgrade to 18. I debated keeping 16 in the matrix to do both, but since its EOL and no more patches - it seemed like a waste of space.
I'm sure this isn't the proper way to do this upgrade, especially since I changed
lts
to18
, but since LTS is now 20. It seems safer to call out the specific node version in play.Maybe this becomes a 2.0 branch?
fixes: #1028