Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Is the peer dependency on graphql exactly 15.5.1 on purpose? #355

Closed
badrange opened this issue Sep 9, 2021 · 3 comments · Fixed by #357
Closed

Is the peer dependency on graphql exactly 15.5.1 on purpose? #355

badrange opened this issue Sep 9, 2021 · 3 comments · Fixed by #357

Comments

@badrange
Copy link

badrange commented Sep 9, 2021

I noticed that the peer dependency on graphql was changed from ^15.5.0 to 15.5.0 in #350. Was the change from depending on a minor release to an exact patch release done on purpose?

If I install graphql-relay to a project which already has the most recent version of graphql installed it will require me to downgrade to an older graphql version that is depending on another project that has a security release.

@saihaj
Copy link
Member

saihaj commented Sep 10, 2021

I think only major version should be locked for peer deps to avoid this issue. I have opened a PR will try to get a release out soon. cc @IvanGoncharov

@oliversalzburg
Copy link

I've been wondering about this as well. It forces us into an overly specific set of outdated dependencies for apparently no good reason.

@badrange
Copy link
Author

Thank you for the quick reaction! 👍

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging a pull request may close this issue.

3 participants