- Some dependabot updates.
- Babel parsing exceptions now handled more gracefully.
In the past, I've simultaneously bumped the versions of all the Stopify
packages. This time, I've only bumped @stopify/stopify to 0.7.4, and
all its dependencies remain at 0.7.3.
However, I am really confused about the semantics of yarn.lock.
We have a shared yarn.lock for all Stopify packages. Dependabot pushed
some updates to this file which are part of this release:
However, since it is a shared yarn.lock, I can't easily tell which of these
dependencies belong to which project. Moreover, they are mostly transitive
dependencies that we have never directly imported! So, do I need to think
more carefully and potentially publish new versions of the other packages?
Or, do I not need to think about this at all?