Closed mjhenkes closed 5 years ago
Why would you have another prismjs dependency? 🤔
We lock prism because it’s not just a dependency. We manipulate its source code. As you can see for example in https://github.com/wooorm/refractor/commit/568ef78f19413149428c598468bf0b1ffcdef806
We've got a big application, one component we have uses prismjs through react-syntax-hilighter which uses refractor. https://github.com/cerner/terra-core/blob/master/packages/terra-doc-template/package.json#L30 This component reads source code directly for examples embedded in our doc site.
The other component uses prismjs directly to highlight code blocks in markdown using marked. (This one is out for pull request now.
It makes sense why you lock the source code, and I'm in no hurry to upgrade. I just wanted an issue to reference. :)
Thanks @wooorm!
Refractor locks prismjs to patch versions only
Prismjs just released 1.16.0, To avoid pulling in duplicate versions of prismjs into applications could we either upgrade to the latest minor version or unlock the dependency?
For now I'll lock my other prismjs dependency to patch only.
Thanks :)