-
Notifications
You must be signed in to change notification settings - Fork 171
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat!: remove --all
flag
#351
Conversation
Force users to opt-in into the package managers they want to support. As more and more package managers are added to Corepack, it's more and more unlikely that our users will be interested in _all_ the package managers Corepack supports, and it is unreasonable to expect Corepack maintainers would be able to perform security audits.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I find the increased friction in user experience a little problematic. Running corepack enable
and things Just Work is easy. having to run the command multiple times isn't, especially if the only message people get is "command not found". Can we find alternatives?
Yes unfortunately it is likely some script out there relies on it. We could deprecate I expect the |
The |
Maybe @styfle would have an opinion there? I would expect cloud providers to be "picky" about which package managers they enable by default, as more and more package managers are added to Corepack, I would expect they want to activate only a subset. |
At Vercel, we only enable the package manager found in package.json. I didn't know the I think we need to look at more long term and see how this would impact the scenario when |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not 100% convinced, but I don't have a very strong opinion either way - it can be added back later on if really needed.
The old
|
Why not using |
Force users to opt-in into the package managers they want to support. As more and more package managers are added to Corepack, it's more and more unlikely that our users will be interested in all the package managers Corepack supports, and it is unreasonable to expect Corepack maintainers would be able to perform security audits.