Dependencies rely on forwards compatibility
Closed this issue · 4 comments
Currently the dependencies of this module assume all future versions of the required modules will be compatible:
"async": ">=0.2.9",
"qs": ">=0.5.0",
"request": ">=2.22.0",
"underscore": ">=1.2.3"
The qs module has moved to requiring ES6 in its latest version, which breaks the widely deployed node 0.10.x release. That may or may not concern you personally (although I'm stuck forking your module to get around it), but as it's written, your dependencies would allow versions that are not API compatible with the way you're using these modules at all.
I recommend you set your dependencies more conservatively, for instance using '0.5.x' or '~0.5.0' to ensure that you get patchlevels in the 0.5.x series of qs, and '^1.2.3' to keep getting updates in the 1.x.y series of underscore (since it is semver compliant and won't break bc without changing the major version number). Otherwise your code will at some point stop working, even in the latest node, as the APIs of the modules you depend on change.
(P.S. Thanks for this excellent and useful module.)
There's quite a lot of drama around this:
I respect the author's decision to make qs an ES6 module in version 6.0.x, but since your module's 2.x releases worked in ES5 until the update of qs, I would suggest that you set your dependencies more conservatively as a "fix" for version 2.x, and start a 3.x series if you are interested in being ES6-only in future.
thanks for the PR... and sorry for the delay ;)(