You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The reason will be displayed to describe this comment to others. Learn more.
@mikeal i've been reading on the issues of bundleDependencies including #313 , and now I see you've ditched them. I have 2 reasons to go towards bundling (1. have a local registry, and not make any external requests 2. some deps owners have breaking changes to their pkg, and even delete versions), but reading up on bundling, I see many issues.
The reason will be displayed to describe this comment to others. Learn more.
bundling deps is great for deployable applications. this solves the "things can change in the registry" problem and it also gives you git diffs of all the changes you take in your deps. but for library maintainers its a huge pain in the ass. as the library maintainer i'm trusting other package maintainers i depend on a little more than you should deploying this with your application and that's really the only stable way to maintain all the modules in this giant ecosystem. that does not mean that you should share my optimism about the packages included in request and should still check the deps you pull in to the git repo of your application and evaluate the changes made.
6f0f8c5There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@mikeal i've been reading on the issues of bundleDependencies including #313 , and now I see you've ditched them. I have 2 reasons to go towards bundling (1. have a local registry, and not make any external requests 2. some deps owners have breaking changes to their pkg, and even delete versions), but reading up on bundling, I see many issues.
Any experience sharing is highly appreciated.
6f0f8c5There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
bundling deps is great for deployable applications. this solves the "things can change in the registry" problem and it also gives you git diffs of all the changes you take in your deps. but for library maintainers its a huge pain in the ass. as the library maintainer i'm trusting other package maintainers i depend on a little more than you should deploying this with your application and that's really the only stable way to maintain all the modules in this giant ecosystem. that does not mean that you should share my optimism about the packages included in request and should still check the deps you pull in to the git repo of your application and evaluate the changes made.
6f0f8c5There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Point taken. Thank you, Mikeal