Closed kleydon closed 3 years ago
@wSedlacek: Currently, we've got:
"peerDependencies": {
"@prisma/client": "*",
"express-session": "*"
},
I'm considering changing this to:
"peerDependencies": { "@prisma/client": "^2.16.1", "express-session": "^1.17.3" },
Do you foresee any issues with this, or anything more clever we could do to avoid future version mis-matches?
Using strictly ^2.16.1
and ^1.17.3
will mean that we need to release new versions every time that either of these packages perform any minor release.
Maybe we should use >=2.16.1
and >=1.17.3
or something like that.
If you want a ceiling and floor then you could use something like
2.16.1-2.x
Thanks. Going to start with >= checks, and revisit/revise, if/when it makes sense.
Currently, the version of prisma and express-session is set to *; great for when Prisma was updating so frequently without breaking changes, but now potentially problematic - since Prisma and express-session have evolved (and probably will continue to evolve), such that past and future versions cannot easily be compatible with the same version of this library.
Should we simply choose a "floor" version for dependencies, and rely on semantic versioning to handle the ceiling? Are there alternate/better approaches to consider? If we did this: What should the floor be for Prisma and express-session?