Feature Request: Ignore just major version updates

[luanmuniz]

trafficstars

The problem that i have is the following:

I'm developing an AWS Lambda function and using joi and lab, but the recent versions don't support node v6.10, which is the newest version in AWS Lambda.

For example joi, i need to use v12.0.0 instead of v13.0.1.

What i want is to ignore just major version updates, so if [email protected] is released i want to know, but if [email protected] come out, i don't want to be notified because its not compatible with my stack.

[jpaulin]

Really interesting, you know, I thought that this case was covered. But I think the so-called 'caret' comparison is not in 'david' at the moment. Hmm... @alanshaw As simple to implement as I would imagine? I'd be curious to get just your ballpark / gut feeling on this one, as you know David very well :)

[luanmuniz]

Hi guys, any plans for this one? Thanks for the attention!

[jpaulin]

@luanmuniz Whipping up something, soon.

[usmanbuilds]

Any update on this? Would be a useful addition.

[jpaulin]

Plan:

• think "good version ranges" and "bad ranges" (it's very binary!)
• good version range is equal to: all - exclusions (all minus exclusions)
• exclusions = U{good.any.any} (universe except the "good version range")
• U = universe of semver versions in x.y.z format
• if "latest available" of package is within a "good range", suggest it to user / update automatically

Important practical consideration: mind the CI pipelines

Especially since david might be used in Continuous integration pipelines... note:

• verify that existing "david" users are not disturbed, ie. things work opt-in way. If David itself is updated on a CI, the CI process does not go awry due to the update

• if user decides to use the new feature, they can ignore ranges (ie. just as mentioned in example)

Practicalities

• exclusions comes from command line options, or similar (david standard way of configuration)
• obey package.json as usual