This issue is a followup to #1787222: [meta] Strategy for updating vendor JS libraries within a major stable version and #1810352: Support version detection of core libraries when implemented through drupal_process_attached (drupal_add_library).

It has been proposed that modules will use the latest core libraries unless they explicitly declare a specific library version with hook_library_info

Calls to drupal_add_library() don't specify version, just the library. If you want a specific version, register your own custom library in hook_library_info(), list the dependency that JS code has, and then call drupal_add_library() of that custom library. -- #1787222-38: [meta] Strategy for updating vendor JS libraries within a major stable version

If a module pins itself to a library version, Core should warn a site maintainer when a library required by a module has been up-versioned beyond the max version allowed by the module.

The module should not be disabled nor should enabling it be prohibited. The module might work without issue with a later version of a required library. But a site maintainer should be made aware that an element of their site is behind the latest version of some required component.

Comments

valthebald’s picture

Does this belong to core or d.o. issue queue?

Version: 8.0.x-dev » 8.1.x-dev

Drupal 8.0.6 was released on April 6 and is the final bugfix release for the Drupal 8.0.x series. Drupal 8.0.x will not receive any further development aside from security fixes. Drupal 8.1.0-rc1 is now available and sites should prepare to update to 8.1.0.

Bug reports should be targeted against the 8.1.x-dev branch from now on, and new development or disruptive changes should be targeted against the 8.2.x-dev branch. For more information see the Drupal 8 minor version schedule and the Allowed changes during the Drupal 8 release cycle.

Version: 8.1.x-dev » 8.2.x-dev

Drupal 8.1.9 was released on September 7 and is the final bugfix release for the Drupal 8.1.x series. Drupal 8.1.x will not receive any further development aside from security fixes. Drupal 8.2.0-rc1 is now available and sites should prepare to upgrade to 8.2.0.

Bug reports should be targeted against the 8.2.x-dev branch from now on, and new development or disruptive changes should be targeted against the 8.3.x-dev branch. For more information see the Drupal 8 minor version schedule and the Allowed changes during the Drupal 8 release cycle.

Version: 8.2.x-dev » 8.3.x-dev

Drupal 8.2.6 was released on February 1, 2017 and is the final full bugfix release for the Drupal 8.2.x series. Drupal 8.2.x will not receive any further development aside from critical and security fixes. Sites should prepare to update to 8.3.0 on April 5, 2017. (Drupal 8.3.0-alpha1 is available for testing.)

Bug reports should be targeted against the 8.3.x-dev branch from now on, and new development or disruptive changes should be targeted against the 8.4.x-dev branch. For more information see the Drupal 8 minor version schedule and the Allowed changes during the Drupal 8 release cycle.