Remove peer dependency on express

[clarkie]

I'm using hapi instead of express yet I now have both installed just to use this lib. When using npm v2 peer dependencies are automatically installed.

I'm not sure if there is anything I can do to prevent having both express and hapi installed, except upgrade to npm v3.

Any thoughts?

[seanadkinson]

Yeah, I've known that was a little silly to have in there for awhile, since if someone wasn't using express, they'd get the whole package.

I think if we move it to optionalDependencies, it should not be automatically downloaded, but still have a version constraint if it is there. I'll try to throw up a branch with that so that you can give it a try.

[clarkie]

I've just had a look at this and optionalDependencies are automatically installed by default so it doesn't help unless you use the --no-optional flag when running npm install.

It doesn't feel like there's a nice solution to this. I wonder which is the most common version of npm in use? v2 or v3?

I think the biggest value of this module is the react component and lifecycle bit. Generating the signed url is the easy bit. It might be worth removing the express section completely and just improving the docs to explain what's required from the user's backend.

What do you think?

[seanadkinson]

Could also just remove the dependency altogether, since someone who is using express will naturally already have the dependency specified elsewhere. Then if you aren't using express and never import the router, it wouldn't be a problem.

[clarkie]

see #53. Let me know what you think

[seanadkinson]

Merged #53 and published v2.0.0 with this change. Thanks!