greenkeeper icon indicating copy to clipboard operation
greenkeeper copied to clipboard

Published 20 hours ago verified publisher icon greenkeeperio

minor/patch updates only for a package

Open sminnee opened this issue 8 years ago • 6 comments

Right now it seems as though greenkeeper pushes updates that skip major versions.

Under semver, major releases break APIs, and so my code will likely break because of this.

Is it possible to tell greenkeeper to only push patch and minors updates, and leave the major version as-is?

sminnee avatar Sep 10 '16 04:09 sminnee

I wish that there was a way to have Greenkeeper stop trying to upgrade us to Vue 2.x when we're still on Vue 1.1.x as we're not in a place to upgrade yet.

jbrooksuk avatar Nov 24 '16 09:11 jbrooksuk

I need to stay on @types/node 6.x.x since I need to support v6, but I don't want to ignore it completely (the version is pinned because they may break in patch versions)

felixfbecker avatar Jun 26 '17 12:06 felixfbecker

Seeing that the motivation behind Greenkeeper is to keep your dependencies up to date, it makes sense for Greenkeeper to send in PRs for breaking semver releases. The motivation here is that you will update your source with the new API so you can use the latest version of the dependency.

If you only want minor/patch updates then this defeats the purpose of Greenkeeper. Just specify a carat in your dependency's version range; all clients will by default install the latest version within the major release version.

LINKIWI avatar Aug 08 '17 15:08 LINKIWI

@LINKIWI no, it doesn't. Greenkeeper is also for detecting in-range semver breakages and also already offers the ignore option. A dependency can have a peerDependency on another dependency or on your environment, and then the version you need is dictated by that other version which needs to be upgraded first. Upgrading just the peer dependent, e.g. @types/node without updating the actual Node version in Travis and production serves no purpose, but you still want Greenkeeper to be aware of minor and patch releases.

felixfbecker avatar Aug 08 '17 15:08 felixfbecker

The use-case of this was to be able to put specific non-caret dependencies in a project and let greenkeeper manage the upgrades.

This means that we can bump dependencies explicitly rather than having everyone in our user community get packages automatically.

Since raising this ticket we've started using yarn; it's lock features are reliable enough to serve this use-case.

sminnee avatar Aug 09 '17 21:08 sminnee

I wish that there was a way to have Greenkeeper stop trying to upgrade us to Vue 2.x when we're still on Vue 1.1.x as we're not in a place to upgrade yet.

Would it be helpful if we would allow to not only ignore package names, but package names with version numbers? E.g. something like this?

  "greenkeeper": {
    "ignore": ["vue > 1"]
  }

Not making any promises, just gathering more opinions :)

gr2m avatar Aug 17 '17 04:08 gr2m