Bower version control best practice?

I am wondering how can I ensure that my bower version configuration will work in the future? For example. I've already touched on a few projects that either say to use

">=1.0.0"
"~1.0.0"

      

Afaik

">=" tells that all versions above 1.0.0 are fine
"~"  tells all versions/minor updates on 1.0.x are fine

      

More specific:

"dependencies": {
  "angular": ">=1.3.0",
  "bootstrap": ">=3.2.0",
  "jquery": "~2.1.0",
}

      

On the day this code was written, the following version of the config was included:

angular:   1.3.1
bootstrap: 3.2.0
jquery: 2.1.0

      

today you will include:

angular:   1.4.0
bootstrap: 3.3.4
jquery: 2.1.4

      

From a lib developer integration point of view, these features are great early on in development. You don't have to mess with painful library and version dependency management. But once it's tested, the version needs to be patched for specific versions.

I have already touched on a few projects that crashed after a very short period of 3 months as the libraries were updated to different versions that are either incompatible with each other or some of them got corrupted. So, either the build didn't work anymore, or worse, the problems arise on the client side.

What's the best practice to get rid of such version issues in long term projects?

+3


source to share


2 answers


Not at the moment if your only option is a gazebo. The lockfile

a la composer

or a la shrinkwrap

mechanism npm

is in the works , however it seems to have stalled as there are not enough contributors or maintainers at this time to test the feature and save it eventually.



UPDATE:
Since we now have yarn , you can use this using the locking mechanism as the default behavior. The only caveat is that it uses a registry npm

, which means that either some packages have not been registered yet or have been placed as Google Polymer that you might have to keep an eye on.

+1


source


My get-t-go method uses exact versions, don't let your dependency tool decide which version is best for you, because they (and other people) are usually wrong.

What I mean is this, and I've seen quite a lot on the gazebo. One day you will get the ABC version, and the next day you will run into ADF and ADF conflicts with whatever other dependency you have. This can lead to all problems.



Your best bet is to handle all of your updates yourself and test it yourself. I have yet to see a project where UI and javascript testing has been automated in such a way that it can be done reliably.

0


source







All Articles