react-boilerplate / react-boilerplate-cra-template

:fire: Setup Create React App with React Boilerplate. Highly scalable & Best DX & Performance Focused & Best practices.
https://react-boilerplate.github.io/react-boilerplate-cra-template/
MIT License
1.87k stars 395 forks source link

update to react 17 #131

Closed vospascal closed 3 years ago

vospascal commented 3 years ago

plz update to react 17 to still be relevant also the older react-boilerplate wy not give deprecation notice and link to this project?

Can-Sahin commented 3 years ago

It is not always best to update to the latest version. You can easily do so in 5 seconds in your project. Sometimes newer versions come with problems and it's better for the sake of the majority to stay a bit behind and safe. I will consider it after some time.

I wanted to do so in the other repo but after huge discussions, I decided not to proceed.

vospascal commented 3 years ago

@Can-Sahin "Sometimes newer versions come with problems and it's better for the sake of the majority to stay a bit behind and safe. "

This not a boilerplate for new projects? So wouldnt you want it to be most up to date not already use older stuff when you start a project knowing you have technical depts to begin with in the future? It makes no sense to me what so ever to use older stuff when starting a project.. unless there are big bugs.. making you stop updating to a newer package...

you dont want to start a project updating all dependencies ... also how you know old dependencies are still safe to use? the dont have any snyk.io vulnerability issues.. (something you might want to run nightly to give insights)

my 2 cents on the matter

Can-Sahin commented 3 years ago

Agree and disagree :) See this : https://github.com/react-boilerplate/react-boilerplate-cra-template/issues/86

Here the new version had a bug and I updated it before waiting that much. It takes a while for the community to find bugs -> report -> get fixed. That's what I saw in the past years and concluded that its safer to stay some months behind.

You don't need to update dependencies though. Dependency management is a tedious task and definitely project-specific. I'm trying to find a safe middle ground only. Recently, I switched to npm7(5 months old) and it took us 1 day to workaround a tiny bug of it in cli.

vospascal commented 3 years ago

"Dependency management is a tedious task" that i can agree up on for sure.