Ariakit, used as a prod dependency, should have its version pinned instead of allowing a range
frankieyan opened this issue ยท 0 comments
frankieyan commented
๐ Bug report
Current behavior
Discovered in @scottlovegrove's personal project, when Reactist is installed as a dependency, newer versions of Ariakit with breaking changes can end up being installed. This is because Ariakit uses prerelease tags, and the caret semver range does not prevent upgrades between them: ref
Breaking change introduced in:
ariakit/ariakit#1521
https://github.com/ariakit/ariakit/releases/tag/ariakit%402.0.0-next.32
Steps to reproduce the bug
- Install Reactist in another project. You should see a version of Ariakit newer than
2.0.0-next.27
to be installed.
Expected behavior
We should explicitly declare Ariakit versions we are using