Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Current status of maintenance tasks, package audits, tracking tech debt, etc #7069

Open
mavenik opened this issue May 22, 2024 · 2 comments
Open

Current status of maintenance tasks, package audits, tracking tech debt, etc #7069

mavenik opened this issue May 22, 2024 · 2 comments
Assignees
@Qianqianye
Labels
Discussion p5.js 2.0

Comments

@mavenik
Copy link

mavenik commented May 22, 2024

Topic

Context:

Node 16 reached its end of life in September 2023 which may have prompted us to switch to Node 20. However, this wasn't done consistently for all jobs within Github Actions workflows (some jobs in release workflow still use Node 12 or Node 16).

I happened to notice deprecation warnings on Github Actions regarding the use of old refs in release, lint and test workflows. I attempted fixing some of these warnings on my fork.

Further, there are package vulnerabilities owing to old versions of dependencies.
While the fixes for the above are trivial, it seems like these warnings have started piling up and its a matter of time before they become unmanageable and/or introduce breaking changes if not maintained regularly.

There are other maintenance tasks that are quite relevant, such as an upgrade to p5's build and test systems (#7013), updating docs, etc.

I could not find a process or documentation to attend these tasks, hence reaching out for a discussion. It would greatly help if someone could point me to a process doc for maintenance issues with workflows, package audits, build, test systems and allied topics.

In case such a process does not exist yet, I would like to propose the following:

Proposal:

  1. Add an Issue category for maintenance and audit tasks so that we could track and attend to them separate from feature, enhancement, and bug fixes
  2. Formulate a plan to consciously audit, maintain, upgrade packages, update documentation on a regular basis by setting priorities to these tasks, calling for contributions, and so on
@welcome Welcome
Copy link

welcome bot commented May 22, 2024

Welcome! 👋 Thanks for opening your first issue here! And to ensure the community is able to respond to your issue, please make sure to fill out the inputs in the issue forms. Thank you!

@limzykenneth
Copy link
Member

There's no formal process for these as they are often managed separately and have different considerations. For Github Actions, those can most likely be updated to use newer versions of node.js without issue.

For dependencies, we have Dependabot to help with the most critical updates but many of the current dependencies are not able to be updated because some are not being maintained anymore. 2.0 seeks to address these with a combination of a few proposals that brings overall dependencies up to date.

A regular schedule/plan to keep things up to date going forwards sounds good to me.

@Qianqianye Qianqianye self-assigned this Jun 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Qianqianye Qianqianye

Labels
Discussion p5.js 2.0
Projects
p5.js 2.0
Status: Out of Scope
Milestone
No milestone
Development

No branches or pull requests
3 participants
@mavenik @limzykenneth @Qianqianye