Yanking v15 is suspicious behavior

[quentindemetz]

Hello,

I noticed this morning that v15 has been yanked and I can't find the explanation. This is bound to impact many users, a significant fraction of which are likely to move to the just-released v16.

This is suspicious:

• yanking v15 is an aggressive nudge to move to v16
• there is a very large commit which landed directly on master. It did not go through a pull request and subsequent code review; the summary is AI-generated.

This looks fishy in the light of recent NPM package compromises (1 and 2).

We'll be holding off from upgrading to v16 for a couple days/weeks until this clears up

[justin808]

@quentindemetz I almost pushed a 15.0.1, but that would have caused breaking changes. So I went with v16.

Feel free to get in touch with me justin@shakacode.com or message me on our community Slack.

v15 contained huge updates, a few of which I decided to change, as we're about to merge in React on Rails Pro.

Stay tuned!

[atyndall]

@justin808 Yanking v15.0.0 because you've "decided to change" something after it was live is very disruptive behavior that breaks people's CI without good reason. Please don't make a habit of it.

[justin808]

Yes, 100% agree. We're making a huge investment in modernizing the platform and enabling the very best for react to have a super smooth experience with rails so that all agenetic coding tools can easily work with the framework.