Upgrade Chokidar from 2.0.0 to 3.0.0 #41
Conversation
|
It drops support for our support matrix. This would be a breaking change for us. |
|
Oh I see. Why is Gulp supporting Node.js down to This has the side effect of not updating any dependencies (since most libraries support only |
|
Because gulp 4 was in development before iojs even happened and a not insignificant amount of users are stuck on node 0.10 We take security notices very seriously, and even take on dependencies in our chain so we can maintain our support matrix. Gulp is a development tool so many security alerts don't affect it the way they would in production/server environments. |
|
Just out of curiosity, how do you keep track of Gulp users Node.js versions? For reference, last year's Node.js downloads by version:
|
|
I have notifications set for all sorts of projects that indicate the level of node 0.10/0.12 users, especially when those projects accidentally break those users within their semver range. |
|
Where do you get this data from? I am curious because I would like to know for my own projects (and I don't want to make analytics HTTP requests, for privacy reasons). The Edit: oh I guess maybe you are checking dependent packages (which is given by |
|
I'm not sure what information npm collects or provides but one indicator I use is issues on popular stream modules. In one instance, through2 accidentally broke old node support without a major bump and users created/commented on an issue about it. |
|
Yes exactly that was my guess: through GitHub issues. But that's not so representative as it emphasizes outliers. Namely if you have 10 users on an old Node.js version, you will hear from them, but not from the 10000 users that are on newer versions. I just wished |
This comment has been minimized.
This comment has been minimized.
|
@simison no, that's not how semver works. You have to bump whole major version for breaking changes. |
Chokidar 3.0.0 is mostly a big refactoring with several bug fixes.