but it doesn't seem to happen the same way in other parts of the programming world. Even in Django, yes, there are squillions of libraries for different things, and many of them haven't been updated in years, but the long-lived ones don't tend to have breaking changes in (at least in my experience). It just seems to be front-end stuff where people will make breaking changes in some long-lived package, and for no obvious reason.
Make a new package, or a distinctly different version of the original package that won't get imported by a simple upgrade.
Or am I missing some reason that it's not as simple to do this in front-end stuff as it is in other areas?
I mean the browser and security does change somewhat often so there's that.
> Make a new package, or a distinctly different version of the original package that won't get imported by a simple upgrade.
Maybe some of this is cultural or habits, but I've seen projects that do like import "react-router": "latest", and with no package-lock... and I'm like WTF are you doing? That is a recipe for disaster pulling in latest major versions which by semver can and do have breaking changes.
That so many libs take advantage of semver is both good and bad.
Make a new package, or a distinctly different version of the original package that won't get imported by a simple upgrade.
Or am I missing some reason that it's not as simple to do this in front-end stuff as it is in other areas?