v1.16.3 introduced "node": ">=10" depencency

[metalass]

In v1.16.3 packages were bumped, in particular semver from 6.3.0 to 7.1.3. In this new version of semver new dependency was introduced:

https://github.com/npm/node-semver/blob/master/package.json#L36

I'm not sure if this could be considered as breaking change but productions servers with lower node version harmed.

[ljharb]

Indeed, semver should be pinned at v6; this is a breaking change.

[cookpete]

Yep I overlooked this when using the sledgehammer of yarn upgrade --latest. Apologies to anyone this affects. I plan to release v1.16.4 with semver pinned and then deprecate v1.16.3. Then maybe bump semver and drop node 8 support in v2.0.0.

[ljharb]

There’s no value in bumping semver or dropping support for older nodes; why rush to a v2?

[cookpete]

I think there’s value in keeping up with the latest versions of dependencies, if we assume later versions are generally better, faster and/or more secure. It also avoids your dependency tree from stagnating over time.

There's no rush to v2, but it is happening soon (whenever I get time), so seems like a convenient time for ending support for Node 8. It reached end of life in December 2019 anyway, and probably means I can get rid of a bunch of the core-js polyfill stuff while I'm at it.

[cookpete]

I plan to release v1.16.4 with semver pinned and then deprecate v1.16.3.

This is now done.