Skip to content

Declare and pin the supported rspack range after the 2.x bump (peer/meta statement + 2.x compat-matrix row) #179

Description

@justin808

Summary

PR #140 bumped the @rspack/core devDependency 1.7.11 → 2.1.2 (a major) inside the 19.2.1 line. The bump is safe (verified: hook ordering unchanged, both majors exercised), but the package now has no declared supported-rspack range and its compat matrix only tests 1.x — so 2.x coverage exists only by accident of the lockfile, and a future 3.x bump would silently drop it. Best resolved before 19.2.1 final.

Evidence

  • At origin/main (9fae9c7) there is no rspack peerDependency — peers list only react ^19.2.7, react-dom ^19.2.7, webpack ^5.59.0. Consumers bring their own rspack; the plugin duck-types the compiler (AnyCompiler, resolveBundler).
  • No README/docs statement of supported rspack majors.
  • .github/workflows/compatibility-matrix.yml pins rspack-version: '1.x' in all four rows. 2.x is only exercised because the lockfile happens to resolve 2.1.2 for the unit/e2e jobs.
  • docs/versioning.md states bundler peers are "compatibility contracts for the plugin layer — keep them tied to tested bundler behavior".

Implementation plan

  1. Add explicit rspack 2.x row(s) to compatibility-matrix.yml so 2.x is a pinned, guaranteed lane (keep a 1.x row if 1.x is still supported).
  2. Add an optional peerDependenciesMeta rspack entry or a documented support statement (README + docs/versioning.md) naming the supported rspack majors.
  3. Note the supported majors in the README/CHANGELOG for 19.2.1.

Acceptance criteria

  • CI has a pinned rspack 2.x compatibility lane that cannot be silently dropped by a future dependency bump.
  • The supported rspack range is stated in docs/peer metadata and the 19.2.1 release notes.

Audit ledger: shakacode/react_on_rails#4010 (comment)

Post-merge audit follow-up (19.2.1-rc.0 wave, e528e8b..9fae9c7). Filed by Claude Code on behalf of Justin Gordon.

Metadata

Metadata

Assignees

No one assigned

    Labels

    P2Backlog priorityenhancementNew feature or request

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions