Closed hashtagchris closed 2 months ago
disregard this approval, I didn't see it was done w/ a hard config to a specific version. That's not how this is done.
We usually don't bake versions into this package itself.
I see we typically don't specify versions of dependencies, not even major versions. However why is there support for exact versions in template-oss if we should never use it?
And why does /test/apply/lint.js
test with a version of @github/prettier-config
without a caret?
The exact version specification appears to be for template-oss
itself, which takes the version from its own package.json.
It does not look like we've baked into template-oss the ability to enforce no prefixes for other dependencies. I know we'd talked about it for the linting rules packages, but I don't think it's been done.
To correct it: ... npm i @github/prettier-config@0.0.6 --save-dev --save-exact
I now understand that we should avoid hardcoding versions in this repo, as its too much trouble to update them later. Ideally we'd want a way to indicate which dependencies should be installed as an exact versions, and template-oss would output something like To correct it: ... npm i @github/prettier-config@* --save-dev --save-exact
.
I don't know if we'd actually want or need to migrate to a eventual newer release of @github/prettier-config
, but I'll assume that's true for this or another dependency.
This matches what I've seen us install in practice. See https://github.com/npm/template-oss/blob/4ef5cf6be626cb5265486420634ad231832540ab/package.json#L70 and https://github.com/npm/template-oss/blob/b35bca55b28b41773aa6b936fc626bc15b40eae5/test/apply/lint.js#L50-L52
Sample postlint guidance
Instead of
@github/prettier-config@*
, it tells you to install@github/prettier-config@0.0.6
with the--save-exact
flag.Exact version enforcement
semver range
Exact version
References
Follow-up to https://github.com/npm/template-oss/pull/447