node-unzipper icon indicating copy to clipboard operation
node-unzipper copied to clipboard

Published 20 hours ago verified publisher icon ZJONSSON

Relaxed versions? (Please chime in if you are using unzipper)

Open daveisfera opened this issue 6 years ago • 5 comments
trafficstars

Would it be possible to use ^ instead of ~ for the versions so it's less likely that multiple versions of dependencies needing to be installed?

daveisfera avatar Aug 21 '19 19:08 daveisfera

Thanks for voicing this. I have to admit I am bit on the fence here. Ideally I want to make sure that nothing breaks if any of the dependencies are upgrade and restriction to patch is probably the best way to defend against that. On the other hand, minor versions should be backwards compatible, but there is always a possibility that is not the case (certainly more likely than a patch breaking)

Is there any consensus or material you can reference to best practices here? I do agree that limiting unnecessary copies of dependencies is a worthy goal, but stability is critical.

In the meantime, if you feel we are behind on any of the dependencies, please feel free to do a PR

ZJONSSON avatar Aug 22 '19 21:08 ZJONSSON

Unfortunately, I don't have a single best practices document for settings versions that I can point you to for maintaining npm modules, but lock file in yarn and the similar changes in npm that that spurred have made it possible for this to be something that the user of the module can control since specific versions are locked down. So the community seems to be driving toward "use ^ (minor version control) unless you have a compelling reason to use ~ (point version control) or specific version control" so the user of the module has control and flexibility.

(On a related note, if you have a compelling reason to use something other than ^ than it's probably a bug in a dependency that should be reported and hopefully fixed)

daveisfera avatar Aug 22 '19 21:08 daveisfera

That makes sense - I was taking guidance from libraries like express but I guess the standard for express was set a long time ago. react on the other hand uses ^ for almost everything

ZJONSSON avatar Aug 22 '19 21:08 ZJONSSON

I've been trying to get our dependency tree to be smaller and I actually just opened this same type of issue with express

daveisfera avatar Aug 22 '19 22:08 daveisfera

Thoughts on this? If I submit a PR to switch to using ^ instead of ~ would it be accepted?

daveisfera avatar Sep 15 '19 04:09 daveisfera