search

ai / autoprefixer-rails

Autoprefixer for Ruby and Ruby on Rails
https://twitter.com/autoprefixer
MIT License
1.22k stars 109 forks source link

Do not use open dependency version for `execjs` #206

Closed ShockwaveNN closed 3 years ago

ShockwaveNN commented 3 years ago

On gem build autoprefixer-rails there is

WARNING:  open-ended dependency on execjs (>= 0, development) is not recommended
  use a bounded requirement, such as '~> x.y'

I think it's better to use major version as required version, since someone may install autoprefixer-rails with execjs v1 or even v0 which may not work at all

Also there is a lot of development dependencies with open version, but I don't touch them - it's up to maintainers to decide if this need to be cchanged

albb0920 commented 3 years ago

It's pretty much open dependency since day 1 https://github.com/ai/autoprefixer-rails/commit/b114dbd0c3482deef902d6e7d3ee876d9abd850d#diff-9642ddb7ee8e272ce54e0374a57cf87dfeb67a62bbdc16bac69568d34fe2c8c0R23

But I also don't think it hurts to lock it down, I'll merge this. Thanks.

ShockwaveNN commented 3 years ago

@albb0920 Thanks, totally agree with you. Also day 1 was almost 8 years ago, older standards of version management was in place in that era