Eslint-plugin-import: [deps][question] The reason of outdated packages
Hi there!
Is there any reason to keep some of your deps outdated?
For example, you have
{
"debug": "^2.6.9",
"doctrine": "1.5.0",
"read-pkg-up": "^2.0.0"
}
However, in my project, those packages are higher for most of the packages
{
"debug": "^4.1.1",
"doctrine": "^3.0.0",
"read-pkg-up": "^7.0.1"
}
Because of it, such outdated deps are loaded inside of the package itself into <package>/node_modules/
I prefer to avoid it, but it's possible only if you update your deps.
Are those deps kept outdated because of some reason or just because of a lack of time to update it?
pahan35
All 3 comments
A few thoughts:
- there is never anything inherently wrong with having a dep that's "not the latest major", code that works will likely work forever.
read-pkg-upaggressively drops support for older node versions, so we can't use a newer major; I'd prefer to see that dep removed before it's ever updated.doctrineis unmaintained, so unless there's a concrete benefit of v2 or v3 over v1, there's no reason to update itdebughas the same problem asread-pkg-up: v4 doesn't support node < 6, and iirc v3 doesn't support node < 4, so we can't upgrade to it.
ljharb
on 26 Aug 2020
@ljharb, thanks for the explanation!
As I see here, https://endoflife.date/nodejs Node v12 is the oldest LTS with active support.
Is there any reason to support the older node versions?
As I see, eslint itself actively drops support for old versions https://github.com/eslint/eslint/releases/tag/v7.0.0
Here https://github.com/TrySound/postcss-inline-svg/pull/68 is also a PR for dropping not supported node version, but it looks like that repo isn't actively maintained.
Maybe it's better to sync up the latest node support version with eslint itself, releasing drops for support with major releases?
I'm just curious about the reasons.
pahan35
on 26 Aug 2020
Yes - for one, platform support is irrelevant. People use older nodes, and thus they should be supported. Additionally, we鈥檇 have to have a semver-major to drop them, and doing that just to drop support for something is highly user-hostile.
We still support eslint 2 - 7, and thus we support all the node versions those eslint versions do, and plan to continue doing so for as close to forever as is possible, so as to support the maximum amount of humans (something that鈥檚 far more important than theoretical or actual maintenance burden)
ljharb
on 26 Aug 2020
Related issues
kentcdodds
路
3Comments
AndrewLeedham
路
3Comments
pcorpet
路
3Comments
felixfbecker
路
3Comments
migueloller
路
3Comments
Most helpful comment
Yes - for one, platform support is irrelevant. People use older nodes, and thus they should be supported. Additionally, we鈥檇 have to have a semver-major to drop them, and doing that just to drop support for something is highly user-hostile.
We still support eslint 2 - 7, and thus we support all the node versions those eslint versions do, and plan to continue doing so for as close to forever as is possible, so as to support the maximum amount of humans (something that鈥檚 far more important than theoretical or actual maintenance burden)