Closed nfischer closed 8 years ago
nfischer
commented
8 years ago This should be resolved by #44 (as best as I can tell, anyway). I did my best to test against node v4-6 (I installed dev deps, built the lib/ folder, and then removed everything except runtime deps).
levithomason
commented
8 years ago We should probably consider removing the polyfill, actually. It is quite large and pollutes the consumer's global scope. Node 6 supports most all of what the poyfill gives, so it will not be necessary at some point in the not too distant future. Until then, we could just write in Node 4.
levithomason
commented
8 years ago It is considered very bad practice to unpublish a package. Consider, someone may have already downloaded that version. If you do unpublish, you still cannot ever publish the same package with the same version. It is forever locked by npm, otherwise, you could have two identical packages and versions that are not the same version. Could be total chaos.
Good news, dot versions are meant for this exact thing, bug fixes. I shipped a bug fix (patch version) after merging the update.
Any new installs will have the correct and working version. Also, any existing users can install the latest package to get the fix. I think it is wise to stick to this release cycle.
For good measure, I also deprecated v0.1.0 with an appropriate message:
ariporad
commented
8 years ago 👍
On Tue, May 3, 2016 at 2:55 PM, Levi Thomason notifications@github.com wrote: It is considered very bad practice to unpublish a package. Consider, someone may have already downloaded that version. If you do unpublish [https://docs.npmjs.com/cli/unpublish] , you still cannot ever publish the same package with the same version. It is forever locked by npm, otherwise, you could have two identical packages and versions that are not the same version. Could be total chaos.
Good news, dot versions are meant for this exact thing, bug fixes. I shipped a bug fix (patch version) after merging the update.
Any new installs will have the correct and working version. Also, any existing users can install the latest package to get the fix. I think it is wise to stick to this release cycle.
For good measure, I also deprecated v0.1.0 with an appropriate message:
[https://cloud.githubusercontent.com/assets/5067638/14999600/1dea3ef4-113f-11e6-91b0-0d993c810314.png]
— You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub [https://github.com/shelljs/shx/issues/43#issuecomment-216676795]
nfischer
commented
8 years ago @levithomason Awesome! Thanks for the fix.
What kind of refactor would be necessary to cut out this dep?
levithomason
commented
8 years ago Not much refactoring currently required, there is not much code. I think we use String.startsWith() somewhere for instance. That would need be some other method.
The latest release for shx is broken. It looks like
babel-polyfillshould actually be listed as a runtime dependency, not a dev dependency. It appears this is the only one so far.I would recommend removing the current release (if it's possible to remove) and replacing it with a branch that has the fix.
Also, we should investigate ways to prevent slip-ups like this in the future, if at all possible. No good ideas come to my mind right now, however, since the dev dependencies are required to build the project.