Dependencies governance
We use more and more libraries to provide a set of core components and guarantie the same user experience accross projects.
More and more external libraries means also more and more maintenance, security issues and dead libraries.
To be efficient and have lightest possible stack (performance) we need to ensure:
- libraries are aligned accross repositories so we do not embed the same libraries multiple times
- best effort to not take multiple libraries that does the same (ex: react-css-transition, react-transition-group)
- document the usage of libraries we have, share best pratices and issues
For all theses reasons we will open a track on frontend dependencies governance.
Brain storming:
- define as soon as possible next target (breaking changes)
- remove dependencies when possible
- when a dependencies is dead we may fork it under @talend namespace to update it
d3 library is used accross multiple projects. d3 itself is splitted into multiple libraries: d3-shape, d3-drag, d3-arrray. What about the dependencies alignement ?
- d3 5: https://github.com/d3/d3/blob/v5.16.0/package.json
- d3 6: https://github.com/d3/d3/blob/v6.3.0/package.json
Recharts depends on some of the d3-* packages but if you look closer you will see they are not aligned with a current existing version of d3. https://github.com/recharts/recharts/blob/master/package.json
What should be done ?
- contact authors by creating an issue
- create pull requests to fix the issue we have