Dependency Upgrade Gauntlet: Patch a Critical Library Without Breaking Users

Practice upgrading under risk using changelogs, tests, canaries, and rollback plans.

Mixed · 2 hours · December 30, 2026 · June 3, 2026

#dependencies#security#testing

Description

section.description

A security advisory lands for a library that sits deep in the stack. The lazy response is panic; the professional response is evidence. Participants inspect the advisory, read the changelog, identify affected paths, run targeted tests, create a canary plan, and decide what rollback looks like.

The session turns dependency updates from background chores into an engineering discipline. It is especially useful for teams with old packages, fragile tests, or fear around touching foundation code.

support.yml

member support

1 supporter

Community members who want this event to happen.

Support

Propose

proposal.yml

Proposal Details

Status

Proposed

Difficulty

Mixed

Duration

2 hours

Target date

December 30, 2026

Created

June 3, 2026

Ubuntu TechHive

Dependency Upgrade Gauntlet: Patch a Critical Library Without Breaking Users

Description

member support

Proposal Details

Back to Event Proposals

Dependency Yank Drill: Recover When Yesterday's Build Cannot Be Recreated