chore: remove precise locking of lodash dependency #225
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Use the caret (^) operator to allow any version of lodash with a version over the specified version (4.17.13). This means that when this package is installed alongside other packages depending on a higher version of lodash, the shared lodash dependencies can be deduped properly across all dependents. The caret also ensures that this package will not automatically upgrade to 5.x versions of lodash (the next major version).
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Use the caret (^) operator to allow any version of lodash with a version over the specified
version (4.17.13). This means that when this package is installed alongside other packages
depending on a higher version of lodash, the shared lodash dependencies can be deduped properly
across all dependents.
The caret also ensures that this package will not automatically upgrade to 5.x versions of
lodash (the next major version).
If it's preferred, I can also use the tilde (~) - this will lock the version to the current minor version. I figured the caret would be okay, given that the other dependencies were locked with the caret.
Motivation: One of our applications is currently depending on multiple versions of lodash, even after using
npm dedupe. It's not terrible - this project does a good job of only using the necessary functions - but it would be nicer if we could dedupe them all. If this library were to accept other versions of lodash (which would, at least assuming semver, be backwards compatible), then this would be resolved.I hope this is okay, and useful!