I have been assigned a ticket to update all node packages and dependencies in a react project to the latest possible version without breaking the application monolith as it is now; no further meaningful development of features is planned for this application.
Although I plan to finish the task without much questioning, I was wondering what would be, in general, the merit of having the latest versions of all dependencies in a project of this nature. I tend to understand that maintenance and possible further development would improve by doing this but I was wondering if there could be other justifications for reasonably keeping dependencies up to date in legacy codebases.
Best Answer
Updating a dependency generally grants you some benefits:
Even if you are not actively adding new features to your application, it may still be affected by bugs or security vulnerabilities caused by its dependencies, which may be fixed by updating to the latest version.
In addition, while there may be no planned further development now, there might be in the future. In that case, updating dependencies on a regular basis ensures there will not be a significant amount of technical debt if a new feature must be added, or a new bug is found and requires to update a dependency. This is a judgment call your organization may make depending on the situation.