In the next major version of Roosevelt, we want Roosevelt app maintainers to manage the Express version themselves, for four main reasons:
- To more easily get security updates to Express since it is such a vital component of Roosevelt apps.
- To let users to take advantage of new features in Express more easily than using npm overrides.
- To more clearly signal that Roosevelt apps are mainly just finely-tuned Express apps, not some separate thing, in accordance with the principles articulated in Roosevelt's design philosophy.
- So that we no longer need to maintain 2+ versions of Express (version 4, 5, and potentially others in the future) as direct dependencies with funky aliases for old versions to allow users to use multiple versions of Express.
In the next major version of Roosevelt, we want Roosevelt app maintainers to manage the Express version themselves, for four main reasons: