Remove BrowserSync

[nicholasio]

Is your enhancement related to a problem? Please describe.

BrowserSync doesn’t seem to be actively maintained anymore and also has a severe vulnerability (engine.io) and there’s no way for us to update the dependency with the security vulnerability.

Now that #150 is merged and provides a much better experience. We should remove browser-sync from 10up-toolkit.

The proper way to do this would be to cut a major release but I m also not sure how actively BrowserSync is being used across 10up engineers.

Designs

No response

Describe alternatives you've considered

Remove browser-sync in the next minor version release but still provide an easy way to opt-in by manually installing BrowserSync. 10up-toolkit would then detect if the package was installed and then run browser sync in watch mode.

#159 removes it but still supports it if the packages are installed at the project level. I like this idea because it removes a problematic package with known high severe security issues while still providing an easy way for projects to get it working in case they can't migrate to --hot immediately.

Thoughts @joesnellpdx and @devinle

Code of Conduct

• I agree to follow this project's Code of Conduct

[nicholasio]

This has been included the v3 major release.

For those who still wants to use browser-sync, you will need to add browser-sync and browser-sync-webpack-plugin as dev deps to your project manually.