> At least for Cordova 8, adding the dependency to `xcode` back would be the > right thing to do from a semver perspective.
Will do > Actually, if we wanted to do it the right way, we would have to restore any > other dependency we dropped or changed a version of. These are basically all > major semver changes with `Context.requireCordovaModule`. Agreed for any other dependency dropped or major version changed. But for `request`, while we dropped exact version `2.79.0` I think we should just add `request@2` which should not reintroduce any `npm audit` warnings. Keep in mind that this was a *minor* release (as opposed to a patch release). [ Full content available at: https://github.com/apache/cordova-lib/issues/706 ] This message was relayed via gitbox.apache.org for [email protected]
