chore: updating peerDependencies#28
Conversation
|
The PR didn't update the package-lock file. Fixed it on main now and released 2.0.7. Constantly updating the peerDependency sucks, but not declaring a dependency and just injecting it sucks as well since it can lead to runtime failures. Not sure what a good way to handle this is. Do you have any suggestions @igorescobar ? |
|
Hey @jwagner! Sorry about that and thanks for fixing it and releasing it. Yeah, If I were you... I would probably be more permissive with the version matching since its very unlikely that with new minor releases smartcrop would break, try something like: Any version after 0.30 but lower than v1. This would safeguard it for future updates without being super strict I guess 👍 |
|
Meanwhile, what I did to work around it was adding this to my package.json: "overrides": {
"smartcrop-sharp": {
"sharp": "$sharp"
}
}, |
|
Might actually also be worth asking Lovell why sharp is still at a major of zero after all this time and what his interpretation of semver is. It could be that he doesn't interpret it as
I guess another option would be to just set up a recurring action that updates and releases if the tests pass. Need to think about it a bit. |
Making sure we can still install it with more recent versions of sharp.