smartcrop-sharp icon indicating copy to clipboard operation
smartcrop-sharp copied to clipboard

Published 20 hours ago verified publisher icon jwagner

chore: updating peerDependencies

Open igorescobar opened this issue 2 years ago • 4 comments

Making sure we can still install it with more recent versions of sharp.

igorescobar avatar Jan 07 '23 20:01 igorescobar

The PR didn't update the package-lock file. Fixed it on main now and released 2.0.7.

Constantly updating the peerDependency sucks, but not declaring a dependency and just injecting it sucks as well since it can lead to runtime failures. Not sure what a good way to handle this is. Do you have any suggestions @igorescobar ?

jwagner avatar Jan 08 '23 12:01 jwagner

Hey @jwagner! Sorry about that and thanks for fixing it and releasing it. Yeah, sharp releases minor versions quite often and it must be hard to keep track of it.

If I were you... I would probably be more permissive with the version matching since its very unlikely that with new minor releases smartcrop would break, try something like:

"peerDependencies": {
    "sharp": ">=0.30.0 < 1"
  },

Any version after 0.30 but lower than v1. This would safeguard it for future updates without being super strict I guess 👍

igorescobar avatar Jan 08 '23 13:01 igorescobar

Meanwhile, what I did to work around it was adding this to my package.json:

"overrides": {
    "smartcrop-sharp": {
      "sharp": "$sharp"
    }
  },

igorescobar avatar Jan 08 '23 13:01 igorescobar

Might actually also be worth asking Lovell why sharp is still at a major of zero after all this time and what his interpretation of semver is. It could be that he doesn't interpret it as

initial development. Anything MAY change at any time. The public API SHOULD NOT be considered stable.

I guess another option would be to just set up a recurring action that updates and releases if the tests pass. Need to think about it a bit.

jwagner avatar Jan 08 '23 17:01 jwagner