Bump package-lockfile to v3 #7099
Conversation
birkskyum
force-pushed
the
bump-package-lockfile-v3
branch
from
f0dd5ff to
578f9a1
Compare
|
What are the benefits of a lock file v3? |
|
Mainly that it's half the size, which makes it faster to read/modify, and reduces conflict |
|
What are the minimum npm & node required versions that support lock file v3? |
|
I believe it's minimum npm v9. Node 18 comes with npm 10, and I think node 16 comes with npm 8 |
|
Okay. It'll not change the bundle one byte though, so I don't see how it can break for any users. |
We have users that use this custom bundle script to generate custom bundles. If they still use node.js v16 in their system I think we should allow them to continue for a bit longer. No? @alexcjohnson What do you think? |
|
Aha, intersting. @archmoj I've just tried with npm v8 (shipped with node 16), and fortunately it's perfectly capable of consuming a lockfile v3. Even npm v7 can consume it, it just rewrites it to a lockfile v2, but it does not break. |
|
Given that we can support users back to npm v7 (older node 16 versions) I think it's reasonable to make this switch now and not consider it a breaking change. It'll require contributors to be on later node/npm versions at least if they're touching dependencies, but that's fine, we've never considered contributor requirement changes as breaking. Also I'll note we already describe later node/npm as a requirement for custom bundling: Lines 4 to 7 in 74dedd4 |
gvwilson
added
P1
birkskyum
force-pushed
the
bump-package-lockfile-v3
branch
from
578f9a1 to
ff8f5ec
Compare
|
Rebased, after the addition of biome. |
No description provided.