Removed npm version lock

spdy-http2 / node-spdy

SPDY server on Node.js

2.81k stars 196 forks source link

Removed npm version lock #355

Closed guilhermehn closed 4 years ago

guilhermehn commented 5 years ago

Locking the npm version leads to a regression where perfectly working versions of npm lower than 6 can't install spdy@4.0.0.

This was introduced by 4209f1ff2c385cbb6a374b736088ec2c72de96ed, probably by mistake.

guilhermehn commented 5 years ago

@jacobheun @indutny this is a blocking issue for my company because spdy is a deeply nested dependency:

└─┬ react-styleguidist@8.0.6
  └─┬ webpack-dev-server@3.1.14
    └── spdy@4.0.0

We don't have permission to update the npm running on our CI environment, so the npm version is coupled with the node version provided by nodesource (node 8).

We could turn engine-strict off, but then we would loose the package security/consistency level.

KevinRamsunder commented 4 years ago

Bump! Can we get this merged please? Related to #361

KevinRamsunder commented 4 years ago

thank you @jacobheun!

KevinRamsunder commented 4 years ago

@jacobheun can we please cut 4.0.1 to pick up this change?

🙏

jacobheun commented 4 years ago

I will reach out to the folks with npm powers for this to get a release.