Support for `versionStrategy` conformance
hamlim opened this issue · 1 comments
hamlim commented
TL;DR:
versionStrategy
added to the config file - optional- Allowed values:
'pin'
and'loose'
'loose'
is the default if not provided- Allows any kind of versioning strategy within dependencies across the monorepo, e.g. caret ranges
^5
etc...
- Allows any kind of versioning strategy within dependencies across the monorepo, e.g. caret ranges
'pin'
enforces that all dependencies must specify complete versions
- Allowed values:
Implementation:
Could technically pull in a semver matching package from somewhere, but we might be able to get around a more naive implementation, specifically checking if the dep isn't:
workspace:
link:
git:
(I think that's all of the supported special prefixes)
Otherwise, check if it doesn't begin with:
^
~
.... hmm ok as I'm reading these specs more and more I think it might be worth pulling in some kind of dependency for this: https://docs.npmjs.com/cli/v6/using-npm/semver#advanced-range-syntax
Why:
I recommend using the 'pin'
strategy - it ensures that you have consistent versions especially when some tools ignore lock files. It also makes dependency upgrades specific instead of unknown (without inspecting the lockfile).
hamlim commented
Added support in v0.2.0