Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

DEP Update JS dependencies #101

Merged
merged 1 commit into from
Nov 24, 2021

Conversation

emteknetnz
Copy link
Member

@michalkleiner
Copy link

Just to confirm, @emteknetnz, updating the package.json file isn't necessary to get the updates that are in the yarn.lock file, right?

Just wondering if this is the case of running a generic yarn upgrade or whether it's specifically about the @silverstripe/eslint-config package, in which case we wouldn't need the package.json update at all, or could as well update all other constraints to their latest.

@emteknetnz
Copy link
Member Author

It seemed like the caret ^ on 0.0.x versions may not actually do anything, hence why I bumped it

@michalkleiner
Copy link

michalkleiner commented Nov 23, 2021

TIL from https://github.com/npm/node-semver#caret-ranges-123-025-004

^ allows changes that do not modify the left-most non-zero element in the [major, minor, patch] tuple.
... and no updates for versions 0.0.X.

In that case I wonder if there's a way how to update only the single dependency and its nested dependencies and not update other stuff, similarly to the difference between what composer require single/package:version vs composer update does, and whether we care in the ever-changing world of npm package versions.

@emteknetnz
Copy link
Member Author

@maxime-rainville ^ might be worth releasing eslint 0.1.0 for this reason so that the caret actually does something

@maxime-rainville
Copy link

In SEMVER, the >=0.0.0 <1.0.0 interval has a special meaning and set of rules. Going from 0.1.0 to 0.2.0 is considered a major release. So if you have a composer constraint like ^0.1.0, it will let you installed 0.1.2 but not 0.2.0.

NPM works the same way.

I can release @silverstripe/eslint-config: 0.1.0 if you want, but you'll have to update the constraint for it to be installable.

@emteknetnz
Copy link
Member Author

emteknetnz commented Nov 23, 2021

Yeah I think release it, I'm happy to update all the various package.json's on all the modules (at a slightly later date)

Copy link

@maxime-rainville maxime-rainville left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@maxime-rainville maxime-rainville merged commit 122488f into silverstripe:4.4 Nov 24, 2021
@maxime-rainville maxime-rainville deleted the pulls/4.4/js branch November 24, 2021 04:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants