Updating versions of dependencies

[Petr Plavjaník]

Hello,

Eureka started about 9 years ago so it has a lot of dependencies from that time. If there is a known problem, the dependencies are being updated. Otherwise they are not being updated regularly even if newer versions are available. For example, there is 30 dependencies that are older than 7 years.

Some companies have policies to review all dependencies that are older.

What is your opinion about starting an effort to update them? It will not be easy since most of the old libraries have only new major versions that are being regularly maintained and most of the dependencies are transitive. Updating to latest patch or minor versions makes only a small difference. What do you think about the risk of introducing new problems by doing such updates?

Best regards,

Petr