Third party periodic maintenance
BMurri opened this issue · comments
Problem:
Just like our code, the third party libraries that we use periodically update their code, fixing bugs and adding features, including improving security.
Solution:
Every so often, we should update our dependencies, including replacing those that have been deprecated, wherever possible.
Describe alternatives you've considered
It's not good to wait until security reports are made on the versions of libraries we are using, because we may need to do a lot of work to upgrade our usage of their library,
Code dependencies
Will this require code changes in:
- CoA, for new and/or existing deployments? yes
- TES, for new and/or existing deployments? yes
- Build pipeline? no/yes (changes in pipeline will be needed when moving from .NET7 to 8)
- Integration tests? no/yes (changes in integration testing infrastructure will be needed when moving from .NET7 to 8)
Additional context
Candidates for subtasks: consolidate library usage across single or both solutions, upgrade all libraries to latest (or at least latest minor), replace deprecated libraries.