Skip to content

Update deps + switch to fixed versions in package.json #1418

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Jul 16, 2018
Merged

Update deps + switch to fixed versions in package.json #1418

merged 2 commits into from
Jul 16, 2018

Conversation

IvanGoncharov
Copy link
Member

No description provided.

IvanGoncharov
IvanGoncharov commented Jul 13, 2018
View reviewed changes
package.json
"@babel/preset-env": "^7.0.0-beta.51",
"@babel/register": "^7.0.0-beta.51",
"babel-eslint": "8.2.4",
"@babel/cli": "7.0.0-beta.53",
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Even though we use yarn I think it's better to use explicit versions in package.json.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For devDependencies you're probably right. That's definitely not true for regular dependencies, as it can cause people to needlessly download multiple compatible versions of the same library.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@mjmahone Plus I'm especially paranoid after eslint recent catastrophe and it motivated this change.

mjmahone
mjmahone approved these changes Jul 16, 2018
View reviewed changes
package.json
"@babel/preset-env": "^7.0.0-beta.51",
"@babel/register": "^7.0.0-beta.51",
"babel-eslint": "8.2.4",
"@babel/cli": "7.0.0-beta.53",
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For devDependencies you're probably right. That's definitely not true for regular dependencies, as it can cause people to needlessly download multiple compatible versions of the same library.

IvanGoncharov
IvanGoncharov commented Jul 16, 2018
View reviewed changes
package.json
@@ -48,34 +48,34 @@
"iterall": "^1.2.2"
Copy link
Member Author

@IvanGoncharov IvanGoncharov Jul 16, 2018
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That's definitely not true for regular dependencies, as it can cause people to needlessly download multiple compatible versions of the same library.

@mjmahone Agree, iterall is the only one non-dev dependency we have and it's not pinned.

@mjmahone mjmahone merged commit 7219e51 into graphql:master Jul 16, 2018
@IvanGoncharov IvanGoncharov deleted the updateDeps branch July 18, 2018 15:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mjmahone mjmahone mjmahone approved these changes

Assignees
No one assigned
Labels
CLA Signed
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@IvanGoncharov @mjmahone @facebook-github-bot