Open daveisfera opened 5 years ago
Any particular dependency you’re interested in? Is there an issue beyond redundant dependencies being installed?
No big security issues or glaring bugs that I know of. I'm mostly just going through our dependencies and their dependencies and trying to clean things up to minimize bundle size and such.
I would go a step further and say that since jscodeshift
is pretty widely used and depends on recast
, recast
should just release the current API as 1.0.0
so that new features and bugfixes can be released in the proper semver way and work with the rest of the ecosystem.
And also ast-types
. I know this stuff is all still very beta quality but a version is just a number and everyone benefits if you use semantic versioning for what it's designed for.
I would go a step further and say that since
jscodeshift
is pretty widely used and depends onrecast
,recast
should just release the current API as1.0.0
so that new features and bugfixes can be released in the proper semver way and work with the rest of the ecosystem.
I agree, personally. But that's a decision @benjamn will have to make.
Would it be possible to use
^
instead of specific versions and~
so it's less likely that multiple versions of dependencies needing to be installed?