-
Notifications
You must be signed in to change notification settings - Fork 9
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
update tmp type definitions to 0.1.0 #31
Comments
This is now closed with 2.0.1 :] |
Maybe we should add |
Probably it should be a dependency. |
Yeah that sounds like a good idea. PR welcome. |
I wond add it as dependency, because it is only required if you use typescript. and you only would need it as a dev dependency |
Since tmp doesn't maintain its own types (right?) I think the reasonable thing to do would be to publish @types/tmp-promise that would rely on @types/tmp as a dependency and then people could install that as a devDependency. |
the best would be to integrate the |
@silkentrance what do you think? |
Hmm, that would mean we'd stop publishing the types ourselves. It is easier to keep the definitions up to date (as we're now type-checking them) if we maintain them in this repo and publish them as part of our own package. The @types namespace is maintained through DefinitelyTyped.
That's not true. If you use
That's a nice idea. I'd be happy to make a PR to do that. |
Why? You mean if you're shipping typescript to production and compiling on your production server? |
Normally nobody needs them for production |
Ah yes, I see. Declaring it as a dependency allows us to trigger it to be installed automatically and match the version number. Making it a dev dependency of tmp-promise wouldn't work because dev dependencies wouldn't be installed. Making it a peer dependency would be no better, as it would yield warnings for non-TypeScript users. We could make it an optional dependency, though the consumer will still need to match the version on their own. Until the types are shipped by |
This means users' production environments are at-risk because of a devDependency which I am not a fan of (imagine a faulty postinstall script for example). Honestly I think I'm fine with the status quo with the better alternative being tmp including its types which I think they're open to. |
While I appreciate this concern, for what it's worth the packages that come from DefinitelyTyped are very reputable, published through an automation chain which is far removed from individual bad actors. I don't think it is possible even through a PR review process to inject scripts into those packages. |
Please update the type definitions to
@types/tmp
0.1.0, otherwise we will get wrong typings and missingOptions
andSimpleOptions
.The text was updated successfully, but these errors were encountered: