Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unnecessarily narrow range for React peer deps #808

Closed
4 tasks done
MartinCupela opened this issue Jan 10, 2024 · 7 comments
Closed
4 tasks done

Unnecessarily narrow range for React peer deps #808

MartinCupela opened this issue Jan 10, 2024 · 7 comments
Labels
🙋 no/question This does not need any changes 👎 phase/no Post cannot or will not be acted on

Comments

@MartinCupela
Copy link

Initial checklist

Affected packages and versions

v9.*

Link to runnable example

No response

Steps to reproduce

  1. Have project with React 16.8 / 17
  2. Install the latest version of react-markdown with npm 7+

Node: v20
NPM: v10

Expected behavior

Allow to install latest version of react-markdown to projects running on React v16.8 and higher.

At the moment yarn allows to install the react-markdown version 9 and the code runs without issues in projects running on React v16.8 / v17.

Actual behavior

The installation with npm crashes and complains about unmet peer dependency:

npm install react-markdown
npm ERR! code ERESOLVE
npm ERR! ERESOLVE unable to resolve dependency tree
npm ERR! 
npm ERR! While resolving: test@1.0.0
npm ERR! Found: react@16.14.0
npm ERR! node_modules/react
npm ERR!   react@"16.14" from the root project
npm ERR! 
npm ERR! Could not resolve dependency:
npm ERR! peer react@">=18" from react-markdown@9.0.1
npm ERR! node_modules/react-markdown
npm ERR!   react-markdown@"*" from the root project
npm ERR! 
npm ERR! Fix the upstream dependency conflict, or retry
npm ERR! this command with --force or --legacy-peer-deps
npm ERR! to accept an incorrect (and potentially broken) dependency resolution.

Runtime

No response

Package manager

No response

OS

No response

Build and bundle tools

No response
@github-actions github-actions bot added 👋 phase/new Post is being triaged automatically 🤞 phase/open Post is being triaged manually and removed 👋 phase/new Post is being triaged automatically labels Jan 10, 2024
@wooorm
Copy link
Member

wooorm commented Jan 10, 2024

It’s intentional: https://github.com/remarkjs/react-markdown/releases/tag/9.0.0. You should update.

@wooorm wooorm closed this as completed Jan 10, 2024
@wooorm wooorm added the 🙋 no/question This does not need any changes label Jan 10, 2024
@github-actions GitHub Actions

This comment has been minimized.

Sign in to view
@github-actions github-actions bot added 👎 phase/no Post cannot or will not be acted on and removed 🤞 phase/open Post is being triaged manually labels Jan 10, 2024
@ChristianMurphy
Copy link
Member

Adding on.
react-markdown generally aims to support actively maintained platforms and libraries.
Node is has a well documented release and support cycle https://github.com/nodejs/Release#release-schedule and we support active and maintainance LTS releases.
React is a bit fuzzier https://react.dev/community/versioning-policy, from this comment from the maintainer team only latest release has active support reactjs/react.dev#1745 (comment)

Speaking for myself, I have no interest working around bugs that will never be fixed in unsupported releases of React, Node, etc.

I'd second @wooorm's recommendation above.
Upgrading to the actively supported React version would be the most secure and best maintained option.

@remcohaszing
Copy link
Member

Adding on further, react-markdown uses the JSX automatic runtime, which was broken before React 18.

@MartinCupela
Copy link
Author

Thank you for the explanation. In our case we are using this lib in our SDK that is further used by other clients that are reluctant to upgrade their React. So we are in a bit of a pickle here 😄

@ChristianMurphy
Copy link
Member

ChristianMurphy commented Jan 10, 2024
edited

In our case we are using this lib in our SDK that is further used by other clients that are reluctant to upgrade their React.

How you message this to your customers is of course your choice.

  • You could continue to use react-markdown version 8, which supports react version 16, with the understanding that neither react version 16 nor react-markdown version 8 are supported
  • You could upgrade to react-markdown version 9 and encourage your customers to migrate to react version 18

So we are in a bit of a pickle here

I understand and sympathize.
As an independent open source project, the support matrix is determined at an organization level by the maintainer team based on best practices and bandwidth of maintainers. Not by promises made by the sales team/developer relations team of an enterprise/company unaffiliated with the project.
I hope you understand the frustration that comes when sizeable enterprise focused requests are sent to open source projects, especially from companies that are neither contributing to or supporting the project.

If an organization is interested in supporting maintenance of the project and/or hours for support, there's more info at:

My obligatory reminder, as even well meaning folks often forget, that in open source, in the terms of every project:

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED

@MartinCupela
Copy link
Author

I did not intend to persuade you with my last comment. Your explanation makes total sense and I am thankful you found the time to write it. What I wrote was a small rant 🙂

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
🙋 no/question This does not need any changes 👎 phase/no Post cannot or will not be acted on
Milestone
No milestone
Development

No branches or pull requests
4 participants
@remcohaszing @wooorm @ChristianMurphy @MartinCupela