Commit 381a648
authored
Ignored knex updates in Renovate (defer to PLA-78) (TryGhost#28443)
Adds `knex` to `ignoreDeps` in `.github/renovate.json5` so Renovate
stops re-proposing knex bumps.
### Why
- The Renovate knex 2.5.1 PR
([TryGhost#28180](TryGhost#28180)) **breaks
migrations**: knex 2.5.0's password-masking mutates the shared
`config.get('database')` object, which Ghost hands to **both** `knex()`
and `knex-migrator`. With core ahead of `knex-migrator@5.3.2`'s pinned
knex (2.4.2), the password is stripped before knex-migrator connects →
`Access denied (using password: NO)`.
- The 2.x line is **EOL**; the real move is **knex 3.x**, which is
coupled to a knex-3 `knex-migrator` release
([knex-migrator#86](https://github.com/TryGhost/knex-migrator/pull/86/files),
unreleased) and must be bumped in lockstep with core.
- No feature driver for our stack (MySQL2 + `sqlite3` + knex-migrator).
This is maintenance/EOL hygiene.
Ignoring `knex` stops the recurring dashboard/PR noise until we do the
coordinated upgrade, tracked in
**[PLA-78](https://linear.app/ghost/issue/PLA-78)**. The note (with full
rationale) lives inline next to the entry, matching the existing
`ignoreDeps` convention. Remove the entry once we're on 3.x.
ref PLA-781 parent efcad61 commit 381a648
1 file changed
Lines changed: 13 additions & 1 deletion
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
142 | 142 | | |
143 | 143 | | |
144 | 144 | | |
145 | | - | |
| 145 | + | |
| 146 | + | |
| 147 | + | |
| 148 | + | |
| 149 | + | |
| 150 | + | |
| 151 | + | |
| 152 | + | |
| 153 | + | |
| 154 | + | |
| 155 | + | |
| 156 | + | |
| 157 | + | |
146 | 158 | | |
147 | 159 | | |
148 | 160 | | |
| |||
0 commit comments