Closed
Description
Here a list of improvements to the dependency update workflow
- add a step to the
.github/workflows/tools.ymlin order to open an issue when a job fails (tagging the security-wg). tools: open issue when update workflow fails node#48018 (WIP) - change
deps_updater/update-zlib.shcheck latest commit on main instead of release version (like its done here tools: add update script for googletest node#47482), here for more reference: tools: automate zlib update node#47417 (comment). (WIP) - add version to
doc/contributing/maintaining/maintaining-dependencies.mddependencies list and automate the update (when doc: create maintaining folder for deps node#47589 lands). - automate v8 major update (research if it's doable)
- log shasum of archive file when downloading from repository
- investigate and fix gh rate limit issue Tools updater throws 402 rate limit exceeded error node#48119
- investigate nghttp3 and ngtpc2 double commit issue deps: update nghttp3 to 1.0.0 node#47576 (comment)
- order alphabetically jobs for https://github.com/nodejs/node/blob/main/.github/workflows/tools.yml
- automate security patch backporting to openssl in v16.x