can@5.33.2 - version mismatch of can-observable-array with sub-dependency in can-connect

[rjgotten]

The can@5.33.2 package takes locked version dependencies on can-observable-array@0.8.2 and can-connect@3.2.5. can-connect@3.2.5 in turn takes an open-ended dependency ^0.7.0 for can-observable-array.

But because it is a zero major version, the eligible range is effectively locked to [0.7.0 ... 0.8.0).
NPM cannot consolidate these two versions for deduping and thus gives can-connect its own local copy of can-observable-array@0.7.0

[phillipskevin]

@rjgotten is there an issue with can-connect having its own version?

[rjgotten]

Browser-bloat, mostly. Which can become larger if dependencies-of-dependencies start coming into play.

[frank-dspeed]

@rjgotten to have less bloat i always use the ecosystem.mjs this reduces the dependency package hell. let all your code depend on the mjs build that also reduces install time simply wget it from unpkg.com i would not use the npm packages.

[rjgotten]

@frank-dspeed
You know; that is actually not a bad idea. Will have to bring that up with my colleagues and see if we can give that a shot. Thanks 👍