[🐛] Relax the firebase-js-sdk import

[dhenneke]

Issue

Since the web platform implementation, @react-native-firebase/app depends on firebase@10.12.2. We would prefer to have this be made more relaxed as firebase@^10.12.2. Maybe it could also be a peer dependency for projects that don't need the web implementation.

Background: We still use the js-sdk in our react-native app and are already on a newer version there. We also have our mobile app in a monorepo with our react-app, and we'd prefer to have only a single firebase version in the whole repo.

Do you think that would be an option?

[russellwheatley]

We keep the version locked because that is what we test against. If you want to change the firebase version, you could do something like this I believe:

{
  "name": "your-project-name",
  "version": "1.0.0",
  "dependencies": {
    "@react-native-firebase/app": "^20.4.0"
  },
  "resolutions": {
    "firebase": "11.0.0"
  },
  "scripts": {
    "preinstall": "npx npm-force-resolutions"
  }
}

Essentially, have a resolutions object with updated firebase version, and preinstall script to force resolution. I think this would work but I haven't tested.

[dhenneke]

Yes we actually did that to unblock the upgrade:

"resolutions": {
    "**/@react-native-firebase/app/firebase": "^10.12.4"
},

We use yarn and with deduplicated entries in the yarn.lock, we can manage it without additional scripts. But it makes it more challenging for tools like dependabot to understand what to do.

It still feels a bit unfortunate that we need to have a workaround as we currently don't use the web feature of the react-native library. I'd accept it if you think pinning it is the more safe approach for the library; just wanted to ask if this is intentional.

[russellwheatley]

@dhenneke - yes, this is intentional. We would otherwise get further issues in respect to why it doesn't work for version X when we tested against Y 🙏