DPL-936 - As developers we need to update the dependencies as some of our libraries are out of date which is adding to our technical debt and increases risk of libraries becoming unusable

[stevieing]

User story
As developers we need to update the dependencies as some of our libraries are out of date which is adding to our technical debt and increases risk of libraries becoming unusable

Who are the primary contacts for this story
Steve

Who is the nominated tester for UAT
PSD

Acceptance criteria
To be considered successful the solution must allow:

• The dependencies to be more up to date so that we are only 2 months out of date rather than the current 1 year
• All high security risks to be fixed
• Modify the depfu settings so we are using individual updates to reduce cognitive load

Dependencies
This story is blocked by the following dependencies:

• #<issue_no.>
• sanger/#<issue_no.>

References
This story has a non-blocking relationship with:

• #<issue_no.>
• sanger/#<issue_no.>

Additional context
Add any other context or screenshots about the feature request here.

[stevieing]

Task list:

• fix and merge[security] Update rails 6.0.6.1 → 6.1.7.6 (minor)
• Update all Bundler dependencies (2023-10-12)
• Modify depfu to move to single dependency updates
• Research the work involved to upgrade to Rails 7

[stevieing]

We need to decide how to tackle this without it being a resource sink.

[yoldas]

Sequencescape housekeeping stories:

• DPL-936-1 [Sequencescape] As developers we need to upgrade JSON API resources to the latest stable version as the current version is broken and it is preventing us upgrading to the long term supported version of Rails 6.1 #3950
• DPL-936-2 [Sequencescape] Update Rails version to 6.1 #4006
• DPL-936-3 [Sequencescape] Update Rails config defaults to version 6.1 #4005
• DPL-936-4 [Sequencescape] Update Ruby version to 3.2 #4007

[TWJW-SANGER]

Is this EPIC still needed, now we have the tech debt board ?

[stevieing]

Closed as being dealt with in other stories.