Is your feature request related to a problem? Please describe.
Both @supabase/supabase-js and @supabase/ssr are bundled as direct dependencies, meaning a user is locked to whatever version the module ships. Supabase releases quite frequently new package versions for supabase-js. I use Netlify functions and add the supabase-js package separately there, so I'm sure it's available at runtime, making the bundled version redundant and a source of duplicate instances (getting warnings too about that everytime).
Describe the solution you'd like
Move both to peerDependencies so users can control their own versions and always get the latest features and security fixes without waiting for a module release. If we would move forward with this, we should define a minimum version too, for supabase-js and /ssr
Describe alternatives you've considered
More frequent dependency bumps, but I know that would put unnecessary burden on the maintainer and I don't always want to make a PR just for version bumps.
Additional context
Happy to submit a PR if this direction sounds good.
Is your feature request related to a problem? Please describe.
Both @supabase/supabase-js and @supabase/ssr are bundled as direct dependencies, meaning a user is locked to whatever version the module ships. Supabase releases quite frequently new package versions for supabase-js. I use Netlify functions and add the supabase-js package separately there, so I'm sure it's available at runtime, making the bundled version redundant and a source of duplicate instances (getting warnings too about that everytime).
Describe the solution you'd like
Move both to peerDependencies so users can control their own versions and always get the latest features and security fixes without waiting for a module release. If we would move forward with this, we should define a minimum version too, for supabase-js and /ssr
Describe alternatives you've considered
More frequent dependency bumps, but I know that would put unnecessary burden on the maintainer and I don't always want to make a PR just for version bumps.
Additional context
Happy to submit a PR if this direction sounds good.