Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Pinning react version 15.6.2 #1142

Merged
merged 1 commit into from
Oct 11, 2017
Merged

Pinning react version 15.6.2 #1142

merged 1 commit into from
Oct 11, 2017

Conversation

luisrudge
Copy link
Contributor

@luisrudge luisrudge commented Oct 11, 2017

We can't reliably make this library available in both react@15 and react@16 without changing react and react-dom to peerDependencies. Since this would break everyone moving forward, we decided to pin version ^15.6.2 in this library.

Copy link
Contributor

@aaguiarz aaguiarz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good

@luisrudge luisrudge merged commit c3749ef into master Oct 11, 2017
@luisrudge luisrudge deleted the fix-downgrade-react-version branch October 11, 2017 21:14
@luisrudge luisrudge mentioned this pull request Oct 12, 2017
@jglover
Copy link

jglover commented Jan 8, 2018

Are there plans to release a react 16 compatible package?
There are drawbacks to using yarn resolutions and for end users the change back and forth is breaking.
Being locked to react 15 is no good for users who have already (or need to) upgrade. it's putting users in a position to choose between staying on auth0-lock 10.21.x and using yarn resolutions for react.

@luisrudge
Copy link
Contributor Author

What are the drawbacks of using the resolutions field?

@jglover
Copy link

jglover commented Jan 15, 2018

Probably best covered by the original RFC & its conversation.
It's essentially a manipulation on yarn.lock and can have unintended consequences,
the impression they give is that it's for dire situations like security updates where package authors haven't yet had time to update.

There's no support for it in npm (granted yarn is more widely in use now, and personally I prefer it), but this is forcing end users to use yarn exclusively for now; that's not always desirable/possible.
It might sound petty but it can leave projects in a position where auth0-lock is the only package preventing them from using conventional dependencies with react 16, if yarn were to deprecate or modify resolutions behaviour it could be an issue.
React 16 has been out almost 6 months, it seems that compatible packages would be a good middle ground for now.

@luisrudge
Copy link
Contributor Author

I understand what you're saying and I can see your point clearly. We understand the trade offs (no npm support or people might not know about yarn resolutions), but we're in a tough spot to solve the issue. We should move to peer dependencies, but we can't do that without releasing a new major version and major reviews of our docs, samples and quickstarts. We just can't dedicate the time to doing that right now. Rest assured we will fix this situation, but, considering we have a clear and simple workaround (resolutions or cdn), we are focusing on more important and valuable things right now. The benefit of waiting a bit more is that more and more projects will upgrade to react@16, which will make our job a bit easier 🎉 . Once we upgrade to react@16, we will suggest people still using react@15 as well, so they can have more time to upgrade.

Again, I'm sorry this is not the answer most of react@16 users want to read, but it is the place that we encounter ourselves right now.

@corysimmons
Copy link

Happy so long as you guys have it on a roadmap somewhere. 🤤

@luisrudge
Copy link
Contributor Author

We'll absolutely fix this in the next major!

@luisrudge luisrudge mentioned this pull request Dec 7, 2018
9 tasks
@luisrudge luisrudge mentioned this pull request Aug 30, 2019
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants