New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unlock dependencies #145
Comments
Realistically, This is a common problem throughout the PostCSS plugin ecosystem. |
Now that postcss is a peer dependency, this throws a warning; with npm 7, it becomes a hard stop. Making the peer dependency on postcss |
fixed in 10.1.0 |
No. This is still an issue: Lines 26 to 29 in 18ecf75
|
With #156 this is now much improved as it uses the |
Improved but not solved. You should still be trusting dependencies' ability to respect semver & only introduce breaking changes in new major versions. The changes here collect all patch updates, but still require that you/the maintainers here manually update the minor versions (even if new the features aren't used). Otherwise, this package will still be pulling in old & outdated versions of packages during Closing as it's an improvement. |
Right :) "you" as in if you're willing to keep opening PRs haha |
All dependencies are pinned to exact versions - including
postcss
This means that anyone using
postcss
+postcss-url
today will have 2+ copies of PostCSS active in their toolchain.The text was updated successfully, but these errors were encountered: