chore(ci): don't pin dev dependencies

[JP-Ellis]

No description provided.

[JP-Ellis]

I noticed that the Renovate config was invalid, looking at the changes you made, I suspect that's what you intended @vwong?

[JP-Ellis]

For more context, the best-practices config is defined here and it includes a pinDevDependencies preset.

[vwong]

I find that with npm libraries, which this is, many leave dependencies unpinned - it makes it easier to upgrade on the consumer side. Hence I didn't want pinned versions.

[JP-Ellis]

I find that with npm libraries[..], many leave dependencies unpinned - it makes it easier to upgrade on the consumer side.

If I'm understanding correctly, this applies to runtime dependencies only? If so, Renovate does behave like you're intending already and leaves SemVer ranges mostly intact. What's included in Renovate's best-practices configuration is the pinning of dev dependencies, as these should not impact consumer-side installations, and they ensure a reproducible developer experience.

Renovate's PR to pin dependencies:

• chore(deps): pin dependencies #5

Is only pinning dev dependencies, and is not changing ranges for any of the runtime dependencies. Is that still what you want? Or do you want to use semver ranges for dev dependencies as well?

[vwong]

Ok, in that case. unpinned prod, pinned dev is fine by me.

[JP-Ellis]

All good, I'll close this PR and revert the commit that's bugging Renovate 👍