What is the best approach for keeping packages up to date in a way that is compatible with Expo/EAS?
If I use a tool like GitHub’s Dependabot I get a list of PRs that suggest versions I know (from the Expo documentation) are incompatible, and the story Dependabot tells is doesn’t seem to care about Expo, and I can’t really decipher what to do with the information from
yarn upgrade-interactive --latest
or
yarn upgrade-interactive
Maybe I’m missing something but is there no straightforward way to do one or more of the following:
- Upgrade package to the latest version compatible with Expo/EAS
- Apply critical package updates (e.g. those that address known security issues), in a way that is compatible with Expo/EAS
- Find out whether I can increase the range specified for a particular package in my
package.json
I’m particularly interested in 3 (since the other two can sort of be derived from it). The only information I seem to be able to get is what I already know; e.g., what the latest version is and what the latest version is that matches what I’ve specified in package.json
. But how do I know if I can change what’s specified in package.json
to get closer to the latest available version?