Auth package versions documentation

[domvernon]

👋 I think I've noticed some things whilst working with auth recently (swapping netlify identify for Clerk!) and hopefully my understanding is correct. Most of these might be down to documentation, but I know this is due for an overview at some point so this issue might just serve as more of a reminder of things to think about.

• When talking about setting auth up manually and not using the cli, yarn add @redwoodjs/auth is used. This will always add the latest version of the package. It isn't immediately obvious if this is ok and the auth package can be versioned independently, or should be kept the same as per all the other packages.
• Also when setting up manually, the default behaviour of the yarn add command seems to be to add the caret modifier eg "@redwoodjs/auth": "^0.41.0". This is different from the yarn rw setup auth <provier> command which adds an exact version. Again, this may be intentional, but not immediately obvious why.

[jtoar]

Hey @domvernon sorry for the late response!

isn't immediately obvious if this is ok and the auth package can be versioned independently, or should be kept the same as per all the other packages.

Great point—you definitely can't use a different version of the auth package (or any for that matter). To make it worse, when you use a different version, things only subtly break.

Also when setting up manually, the default behaviour of the yarn add command seems to be to add the caret modifier eg "@redwoodjs/auth": "^0.41.0". This is different from the yarn rw setup auth command which adds an exact version.

Another great point. We should make the behavior consistent.

Would you be up for taking this on? No pressure—if not I can shop it out, but wanted to give you first dibs. As you said in your OP, this would most likely be fixed via docs.