Update dependencies to enable Greenkeeper 🌴

[greenkeeper]

Let’s get started with automated dependency management for yarn 💪

This pull request updates all your dependencies to their latest version. Having them all up to date really is the best starting point. I will look out for further dependency updates and make sure to handle them in isolation and in real-time, as soon as you merge this pull request.

I won’t start sending you further updates, unless you have merged this very pull request.

false

---

💥 This branch failed. How to proceed

I suggest you find out what dependency update is causing the problem. Adapt your code so things are working nicely together again. next-update is a really handy tool to help you with this.

Push the changes to this branch and merge it.

🏷 How to check the status of this repository

There is a badge added to your README, indicating the status of this repository.

This is how your badge looks like 👉

🏗 How to configure Travis CI

There is a rule added to your .travis.yml file as well. It whitelists Greenkeeper branches, which are created when your dependencies are updated. Travis CI will run your tests to see if they still pass.

No additional setup required 😊

🙈 How to ignore certain dependencies

In case you can not, or do not want to update a certain dependency right now, you can of course just change the package.json file back to your liking.

Add a greenkeeper.ignore field to your package.json, containing a list of dependencies you don’t want to update right now.

// package.json
{
  …
  "greenkeeper": {
    "ignore": [
      "package-names",
      "you-want-me-to-ignore"
    ]
  }
}

👩‍💻 How to update this pull request

  # change into your repository’s directory
  git fetch
  git checkout greenkeeper/initial
  npm install-test
  # adapt your code, so it’s working again
  git commit -m 'chore: adapt code to updated dependencies'
  git push origin greenkeeper/initial

✨ How the updates will look like

As soon as you merge this pull request I’ll create a branch for every dependency update, with the new version applied. The branch creation should trigger your testing services to check the new version. Using the results of these tests I’ll try to open meaningful and helpful pull requests and issues, so your dependencies remain working and up-to-date.

-  "underscore": "^1.6.0"
+  "underscore": "^1.7.0"

In the above example you can see an in-range update. 1.7.0 is included in the old ^1.6.0 range, because of the caret ^ character .
When the test services report success I’ll delete the branch again, because no action needs to be taken – everything is fine.
When there is a failure however, I’ll create an issue so you know about the problem immediately.

This way every single version update of your dependencies will either continue to work with your project, or you’ll get to know of potential problems immediately.

-  "lodash": "^3.0.0"
+  "lodash": "^4.0.0"

In this example the new version 4.0.0 is not included in the old ^3.0.0 range.
For version updates like these – let’s call them “out of range” updates – you’ll receive a pull request.

Now you no longer need to check for exciting new versions by hand – I’ll just let you know automatically.
And the pull request will not only serve as a reminder to update. In case it passes your decent test suite that’s a strong reason to merge right away

💁‍♂️ Not sure how things are going to work exactly?

There is a collection of frequently asked questions and of course you may always ask my humans.

---

Good luck with your project and see you soon ✨

Your Greenkeeper Bot 🌴

[bestander]

Not so fast, cowboy.
A yarn.lock needs to be updated.
And I wonder what is the impact of bumping major version of lodash

[Daniel15]

A yarn.lock needs to be updated.

Hahaha, that's a good catch! Looks like the Greenkeeper team have an issue for it: greenkeeperio/greenkeeper#314

[bestander]

Ok, I'll close this PR until greenkeeper supports lockfiles.
This seems to be not on the immediate list to fix

[voxsim]

Surprisingly they make it: now greenkeeper has yarn lockfile support (greenkeeperio/greenkeeper#314).

This is the project: https://github.com/greenkeeperio/greenkeeper-lockfile. Do you think we should open an issue on this?

[bestander]

If people think that greenkeeper provides value to Yarn then yeah, let's pursue this.