Open
Description
We should pin (via some kind of lockfile) all dependencies that run in each of our test environments, so that test runs are fully reproducible, and our CI does not break unexpectedly. This will prevent new releases of tools from breaking our CI, which often require urgent fixes (e.g. this one) to fix and unblock our development process.
Then, we can automate creation of PRs on a regular basis, which would update all of these lockfiles with the latest dependency versions.