package.json does not allow to use current node/npm versions

[nursoda]

When trying to build my nextcloud app on Arch, I got

npm WARN EBADENGINE Unsupported engine {
npm WARN EBADENGINE   package: '@nextcloud/axios@1.9.0',
npm WARN EBADENGINE   required: { node: '^14.0.0', npm: '^7.0.0' },
npm WARN EBADENGINE   current: { node: 'v17.6.0', npm: '8.5.2' }
npm WARN EBADENGINE }

In fact, nextcloud-axios 1.9 package.json requires

	"engines": {
		"node": "^14.0.0",
		"npm": "^7.0.0"
	}

I had a hard time finding a way to downgrade everything to suit this since the latest node 14.x comes with npm 6.x, and upgrading to latest npm results in 8.5.2… I used the latest npm 7.x from node 16.10 and combined it with node 14.19 to build. However, even with these 'latest allowed' versions I get security issues from GitHub for my build. Today, latest 'Active' LTS (since 2021-10-26) for node is 16.14, which includes npm 8.3.1…

Is that constraint a technical necessity? If not, could you please also allow for newer versions, like

	"engines": {
		"node": ">=14.0.0",
		"npm": ">=7.0.0"
	}

or at least to something similar as this?

	"engines": {
		"node": "^14.0.0 || ^15.0.0 || ^16.0.0 || ^17.0.0",
		"npm": "^7.0.0 || ^8.0.0"
	}

[ChristophWurst]

a0061bd aimed for that but the automagical templates update enforce a locked version for everyone: #380

Inside this repo I'm not aware of any change that wouldn't allow newer node/npm.

cc @CarlSchwan

[nursoda]

Also see nextcloud-libraries/eslint-config#305

[CarlSchwan]

I'm totally fine reverting #380. I just tested that it still worked but if the repo supports more npm versions, we should probably expose that

[nursoda]

Not that I want to jeopardize my own request, but please note that skjnldsv points out that this change was made on purpose.