I think once that plugin version constraint PR lands, we can removing
plugin pinning. Correct me if I'm wrong, but for that PR to be useful, we
need to update all of the package.json files of the plugins to include the
engine information.
I agree logging something like "fetching pinned plugin version X" when
installing a plugin would be a nice addition. We could also do a lookup to
see what the latest version on npm is and only output a message if what is
being fetched isn't the latest.
Another possible solution is to trust our semver versioning and allow the
pins to grab minor updates by default.
I don't think it is necessary to do a tools release every time a minor
plugin is released. If people really want to latest plugins, then can
install them explicitly until the next tools release.
On Mon, Feb 29, 2016 at 9:57 PM, Nikhil Khandelwal
wrote:
> I think pinning plugins in the CLI is causing a bunch of confusion (see
> CB-10677) as cordova plugin add might not get you the latest released
> plugin. This is a change in behavior - perhaps - we should log when the
> plugin is different from the latest released version. Also, there is an
> issue with our release strategy - should we change our policy to release
> TOOLS with every minor plugin release bump in addition to platform release?
>
> With new plugin version constraint matching behavior implemented as part
> of this PR: https://github.com/apache/cordova-lib/pull/363 . Is there
> still a use case for pinning core plugins in package.json? Presumably, we
> could specify the constraints for a new plugin release and plugins will be
> "effectively" pinned.
>
> Thanks,
> Nikhil
> My team is hiring.
>
>