chore(deps-dev): bump cassandra-driver from 4.7.2 to 4.8.0 #4473
Conversation
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=60&v=4){kind=small}
Bumps [cassandra-driver](https://github.com/datastax/nodejs-driver) from 4.7.2 to 4.8.0. - [Changelog](https://github.com/datastax/nodejs-driver/blob/master/CHANGELOG.md) - [Commits](datastax/nodejs-driver@v4.7.2...v4.8.0) --- updated-dependencies: - dependency-name: cassandra-driver dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
added
dependencies
| "adm-zip": "~0.5.10", | ||
| "long": "~5.2.3" | ||
| }, | ||
| "engines": { | ||
| "node": ">=16" | ||
| "node": ">=18" |
There was a problem hiding this comment.
Although tests are passing the commit for 4.8.0 drops Node.js v16. So any future version, even patches, may include incompatible changes with v16
This needs a change in tests and also in TAV.
There was a problem hiding this comment.
Opened a ticket in the project https://datastax-oss.atlassian.net/browse/NODEJS-688
There was a problem hiding this comment.
TL;DR from the cassandra ticket. Dropping support of Node.js versions is not tied to their version so this drop does not imply a major version bump. They limit support of active node versions at the time of the release. v4.7 was meant to drop it.
| - versions: '>=3 <3.1.0 || >3.1.0 <4.8.0' | ||
| commands: node test/instrumentation/modules/cassandra-driver/cassandra-driver.test.js | ||
| # v4.8.0 advertise a min-supported Node.js version of 18. | ||
| - versions: '>=4.8.0 <5' |
There was a problem hiding this comment.
nit: Given this on the jira issue:
For what it’s worth support for node.js 16.x was officially removed with the 4.7.0 release in accordance with this policy. This was discussed in a message sent to the mailing list although I think we did miss the “engines” update until this release.
should we get 4.7.0 as the change point rather than 4.8.0?
david-luna
deleted the
dependabot/npm_and_yarn/cassandra-driver-4.8.0
branch
Bumps cassandra-driver from 4.7.2 to 4.8.0.
Changelog
Sourced from cassandra-driver's changelog.
Commits
80ef7d74.8.07107c46Changelog 4.8.0 (#433)ae4784eNODEJS-666: Extend driver vector support to arbitrary subtypes and fix handli...804e0bbNODEJS-682 Replace deprecated usages ofutil.isDate&util.isString(#429)eb586f8NODEJS-671 Remove@types/longdependency (#417)25156dbNODEJS-674 and NODEJS-677: CI for C* 4.1, 5.0, DSE-6.9 and HCD (#426)f767bccUsing Jabba to explicitly select Java8 before running tests (for ccm support)...eac0fbfUpdate AppVeyor to new nodejs platforms (#422)Maintainer changes
This version was pushed to npm by janehesiyao, a new releaser for cassandra-driver since your current version.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)