Versioning and Releasing PIE Web Components

[ashleynolan]

This is to start discussions over how we want to handle the versioning and releasing of the PIE web components as we build out the web component library.

Below are some of my own thoughts/opinions on the subject to start things off and maybe provoke some discussion on the subject; please do feel free to reply or add your own thoughts and we can then get together to discuss it all in more detail.

Versioning

It should come as no real surprise that we'll be using semver for versioning components.

As of me writing this, I can think of three possible routes we could take with versioning our components:

1. Version and release our components individually i.e. pie-button, pie-card, and pie-modal would all be versioned and released separately. Consumers of the components would then install each component as needed via npm install @justeattakeaway/pie-button for example. Components would have different version numbers from one another.
2. Version Components in Sync, Release as separate components. This is the same premise as in (1), but instead of components having different version numbers, we use changesets to link the versions so that there's a shared release version across components.
   This approach is common in libraries such as ESLint, Babel etc as it gives the overall release version shared meaning but also allows for components to be released independently (and rolled back independently).
3. Version and release our components as one package under which all components are available. i.e. the pie-components package is versioned and released. Consumers then install the component library as a single package (npm install @justeattakeaway/pie-webcomponents) and import a specific component in their JS – import pie-button from @justeattakeaway/pie-webcomponents

The above massively simplifies the considerations and possibilities in both approaches, so I'll break down some of the considerations of each approach before giving my own opinion on which approach may be best to take.

1. Individually Version and Release Components

This is the approach that we currently use for the Fozzie Vue Components.

Essentially, each component looks after itself and is versioned and released separately from one another. So pie-button could be on v1.2.0 while pie-modal could be on v5.3.0. Each component is installed and listed as a separate dependency in the package.json. To consider the pros and cons of this approach:

Pros

• Components look after their own concerns. When releasing a component, the only thing that needs to be considered is the changes to that component, rather than how that change might impact the library as a whole.
• Issues in a release can be fixed by rolling back to an older version of a component rather than rolling back the version of the whole library. This means that if we found an issue in a release of pie-modal, and pie-button also had improvements made to it, we wouldn't need to downgrade both together if they were versioned separately.
• Consuming applications only import what they need. If an application only needs to import pie-button and pie-modal gets a new breaking update, then it's of no concern to that consuming application as they don't use it anyway.
• New component releases don't bottleneck one another.

Cons

• Less shared identity across components. Components having different versions means that we can only refer to specific versions of a component, rather than a specific version of the library as a whole.
• Need to be more careful about performance implications. If pie-modal and pie-alert both rely on pie-button, we need to ensure that only one version of pie-button is being loaded in the application to avoid page bloat.
• Compatibility is harder to ensure. As there is such a wide variety of versions being release, it's hard to ensure that every version of pie-button is compatible with every version of pie-modal. This can be mitigated by using peerDependencies to specify which version of a child component we consider compatible with a parent component.
• Similar to the above – it's harder to ensure that consuming applications aren't using a strange mix of component versions. For example, a team may be ensuring they're on the latest version of the pie-button component, but haven't updated the pie-modal component and it is now significantly out of date. This can again be mitigated slightly by using peerDependencies.

2. Version Components in Sync

This approach is the same as Approach 1 with the key difference that components are versioned in sync with one another so that the package number across all components is the same.

So in a component library where pie-button and pie-modal exist and are currently on version v1.2.0, a minor update to pie-button would mean that both packages will increment their version number to v1.3.0, but are then released as separate packages.

The Pros and Cons of this approach are essentially the same as Approach 1 but with the following considerations:

• The potential pro of this approach is that it gives the whole library a shared version for consuming applications to reference. For example, it's super clear for the DS team to ask teams what version of the DS they are using (assuming they are updating their packages together). It also means the DS team can reference a more simplified version when communicating changes potentially.

• A potential con of this approach is that it could mean that the component library versioning goes through a lot of major release versions, especially as the library is being built up. A breaking change for one component would mean the whole library gets bumped to the next major version. We may therefore need to be more careful with breaking changes so this doesn't get out of hand (otherwise release versions could mean less ultimately).

3. Version as one bundled component library package

This is the approach currently used by the Snacks React Component System and Skip React PIE Library.

Pros

• Potentially Simpler. Applications install and manage one dependency from which all components are imported.
• Release quality across the library is more consistent. As components are versioned together, it's virtually impossible for teams to use components together in a combination that they weren't intended.

Cons

• An issue with one component affects the release of all components.
  For example, if both pie-button and pie-modal had been updated in a new update but it was later found that there was an issue with the change to pie-modal, then both components would be rolled back by moving back to an older version of the library. The more components in the library, the wider this issue could become.
• Potentially more overhead/noise for teams using the library. If any component is updated, consuming applications will need to update their library dependency to stay up-to-date (and make any associated changes to do so).
• New component releases could bottleneck one another – if a component update in v2.1.0 of the library has been made to pie-modal and a consuming app is using v1.9.0 they have to update to the latest major version of the library to benefit from the change.

Overall opinion on Versioning

I think due to the nature of how our library works across many teams with many applications consuming our components, flexibility and avoiding any sort of bottlenecks or blocks to releasing is really important.

The cons to the individual component versioning and releasing should be mitigated by providing upgrade tooling (through something like Scorecard) and rigid peerDependencies defined in our components.

Therefore I'd advocate for either Approach 1 or 2, leaning potentially towards Approach 2 as it would give us the benefit of being able to communicate major version releases as a whole library version bump while also giving us the benefit of granular component releases.

Component Versioning Relationship to PIE Design Tokens

Currently, I think it makes sense to keep the pie-design-tokens package as a separate version, mainly as we use the tokens across other applications other than on Web (iOS and Android for instance). Therefore, I don't think it would make sense to tie the two together unless we thought there was a perceived benefit in doing so. Happy to discuss this if others feel differently though.

Release cycles

One aspect that runs alongside the above is how we structure our release cycles for component releases.

Currently these are done in an ad-hoc manner, with changes made to components then released within a few days as part of our changeset release PR.

We could potentially plan our major releases much more than we currently do, working to a more regular cadence for these bigger releases. There are pros and cons to this approach, but this should probably be discussed with the team to decide if we think there are benefits (probably depending on the versioning approach we go for above).

Thoughts?

Any thoughts on the above would be great to hear and opinions on the different approaches welcomed! Likewise, if there's a versioning approach I may have missed, please write it up so we can consider it as well.

[jamieomaguire]

Thanks for setting this up @ashleynolan! This is definitely a nuanced subject with no single answer being correct. That said, I would like to add a few thoughts to your suggestions:

Component versions

I think that versioning all the components as one version in a combined package, whilst tempting, could ultimately be harder for people to adopt into their projects. Given that teams will have to fit component adoption into their own priorities, I think the more we can reduce the overhead, the better our chance of seeing adoption. In this instance, I believe adopting an entire component library would be harder than individual components.

Design and Engineering versioning

Design and Engineering have different philosophies and standards when it comes to versioning. In engineering, we use SemVer. Breaking changes can result in a major version bump that wouldn't make sense in a design context. For example, design may bump a button version from version 1 to version 2 because of a big visual change. On the other hand, we might bump a package major version due to an API change that has no visual change.

Rather than shoehorn both disciplines into the same versioning approach in an attempt to synchronise versions between design tooling and component package versions (which I think would be unnatural to both sides and potentially not even possible), I think we should respect the differences and version component packages and designs at their own cadences and simply reference the design version in package versions.

This would mean both engineers and designers can use their own versioning methodologies, but still have a way to quickly reference designs easily.

An example of this in practice could be having [email protected] that references pie-button-design-spec version 2.0 We then bump the package due to an API change, but it still adheres to the same design specification. Therefore pie-button@v5 would still reference pie-button-design-spec version 2.0. When communicating with design, we can refer to v2 of their designs.

Then we get a new design, and eventually have something like pie-button@v6 that references pie-button-design-spec version 3.0.

Hopefully, this makes some sense. We might be able to leverage tagging/labelling to achieve this and also reference in changelogs.

I would advocate for option 1 or 2 also. I think they are the simplest solutions and give us the most flexibility, which should help with adoption.

[siggerzz]

Thanks for the write-up @ashleynolan!

Fully agree with @jamieomaguire's point about the separation between design / engineering versioning too.

I'll bring another option to the table regarding the repo versioning 👀.

4. Version Components under a single version & also provide individual Components

After looking at some other design systems, mainly https://github.com/chakra-ui/chakra-ui and https://github.com/adobe/react-spectrum, I believe it's possible to provide both capabilities, and leave it down to the consumer to decide which approach works for their use-case. There's potentially a bit more complexity on our side, and is probably worth doing a spike into, but I personally believe this approach would address most, if not all of our concerns.

The idea is as follows...

Creating a @justeattakeaway/pie-web-components package

This package would be a new package in the monorepo, that is both versioned by changesets and published to npm. This package would define all web components in the monorepo as a package.json dependency, either targeting workspace or a pinned version on npm.

Continue to have individually versioned components

We would continue to individually version and publish our components, giving us the flexibility we currently have. The main difference, is because the @justeat/pie-web-components package defines these as dependencies, whenever a semver bump is applied to a web-component via changesets, the dependency would also get bumped in the main @justeat/pie-web-components package, and a new version the the whole component library would be available.

Example Implementations

@adobe/react-spectrum - In our case, this would be @justeattakeaway/pie-web-components and serve as a versioned / publishable package of the entire component library. You'll notice that all components are defined as dependencies.
https://github.com/adobe/react-spectrum/blob/main/packages/%40adobe/react-spectrum/package.json

Another example here for chakra-ui - https://github.com/chakra-ui/chakra-ui/blob/main/packages/components/react/package.json.

@chakraui/popover - https://github.com/chakra-ui/chakra-ui/blob/main/packages/components/popover/package.json
The main difference with this approach, is that the dependencies are defined by the component, and it's not down to the consumer to provide peerDependencies. By targeting the workspace, you ensure consistent dependency version usage across all components.

I'll outline pros/cons tomorrow :)

[ashleynolan]

Thanks for the write-up of that approach – it was something we've talked about in the past so good to have it outlined properly 👍

To add to what you put above, Spectrum also have a web component library – and they also provide a bundle package, in the same way that the react package does (here's the package.json file where they include all the Spectrum web components.

One thing I noticed from reading their docs is they do give a couple of reasons for why they recommend consuming applications use individual components in production apps, rather than full library bundles (except for prototyping). For example on the Spectrum WC getting started page:

There is also the @spectrum-web-components/bundle package, which includes all of the elements defined by Spectrum Web Components in one easy-to-import entry point. The @spectrum-web-components/bundle package is literally everything that Spectrum Web Components has to offer. This is why when bundled, it weighs as large as it does, and is why we DO NOT suggest leveraging this technique in a production application.

And on the bundle README:

@spectrum-web-components/bundle is a master dependency that allows a project to import any and all of the Spectrum Web Components. While it is a great approach to prototyping, the fact that it versions all of the Spectrum Web Components packages collectively means that depending on it can leave you with a lot of package updates to manage at any one version change. For a more predictable upgrade process, we suggest that you depend upon individual packages directly, but hope you find this bundle productive when initially trying to get into the act of developing with Spectrum Web Components!

I think it'd be really great for us to try and reach out to the Spectrum team around versioning to see if we can learn from their experience – especially as they also use Lit. For context, Spectrum WC's power Adobes online version of Photoshop, so should be a really good use-case for us to take learnings from.

[webbertakken]

@siggerzz wrote: There's potentially a bit more complexity on our side, and is probably worth doing a spike into, but I personally believe this approach would address most, if not all of our concerns.

Question we should ask ourselves:

• How much complexity does it really add?
• What's the value of giving people multiple options?
• Is the complexity worth the value to us?

This option as I understand it is effectively the implementation of options 1 and 3 combined. That also means that you have to address the concerns of both of those options, for example with regards to your versioning and publication process.

I have a feeling that this would go at the cost of some flexibility, which might not be desirable for a fresh project.

@ashleynolan wrote: I think it'd be really great for us to try and reach out to the Spectrum team around versioning to see if we can learn from their experience

I agree it would be great to learn from other teams' experiences. Let's get in touch with them.

[raoufswe]

Thank you, @ashleynolan for putting this up, and for the rest for sharing your thoughts on this. ❤️

As someone who has only worked with one bundled package before, I can definitely relate to the pros and cons you mentioned. One issue I particularly resonate with is the fact that if we roll back, all the consumers of the package will be affected, even if the bug was introduced by a specific piece of work they don't actually need. For example, if we update the button component, but the modal component introduces a bug, users who only need the button component will also need to wait for the fix. While this approach is simpler and I don't see the bundle size as a big issue as we can delegate bundle size management to our consumers by ensuring they have proper tree shaking (this step is done in L-Takeaway CW), I am inclined to explore other options to gain a fuller understanding.

I do believe that individual versioning and releasing components might be the way since we can adopt a gradual improvement approach when we roll out to our consumers, however, the Individually Version approach can introduce complexity for both us and our users in terms of figuring out version numbers. This may not be a big issue in the beginning but could become more challenging as versions diverge and breaking changes based on business logic become harder to track. For example, if we had to make changes such as icing, it would be clear that all components with version 1.x.x are prior to icing changes and 2.xx is post-icing. and, if each component had its own version, the version numbers would lose their contextual meaning and become more difficult to manage.

Also as a side note just in case I forget, we probably need to maintain metadata to reference which PIE version in design the current version is based on.

[webbertakken]

Development process vs public API

A lot depends on your rationale on how you want your users to consume your public API, and how your development process is designed.

For example, when going for 1 or 2, there will be those who always upgrade to latest (using Dependabot or similar) and there will be those who’ll eventually not stay on top of this, especially if upgrades happen often or if different packages have different manual steps for upgrading in case of deprecations and breaking changes.

This frequency is also especially important to consider for option 2, after all this is not just about your publication process but also about the perceived ease of use of your library.

Amount of packages

For options 1 and 2 it also depends a bit on how many components you plan on publishing. I don’t think people would be happy to use it if the number gets above 60, as it will blow up package.json and make manual operations more tedious when needed.

Shared code

You’ll probably still want a core package that holds shared code, so that it does not need to be duplicated across all components. This could also give the flexibility of say “quickly updating a colour” or broken style in a non-breaking way: [email protected] could work together with [email protected], since there are no breaking changes in core when semver is used.

There is a flexibility vs complexity question here as well: if you require a core package (sooner or later I think you would), then what is the cost of maintaining that compared to having a single package altogether (option 3). And how happy are you with the flexibility that it gives you?

Option 4

You could consider doing a hybrid of options 1 and 3, where you have some cohesive packages of which their scope makes sense from a technical / development point of view.

Personally I was happily surprised by the quality and great separation and cohesion of the modules of TailwindCSS. Not quite the same thing, but they seem to have things under control quite well.

See plugins in the left menu at the very bottom of their docs.

Ultimately I'd go with whatever works best in practice and decide when to split off a package on a case by case basis, and evaluate the pros and cons of that package as opposed to having it included in the main package.

[fernandofranca]

Regarding the second approach, I'm wondering how can we make the consumer life easier after version updates.

Let's say we have a breaking change in pie-button, then we need to bump the version of pie-button and all other components. How can we communicate, for example, though latest pie-modal version was updated, it doesn't have any breaking changes the consumer needs to take care of, since it was just a version bump following pie-button?

[ashleynolan]

I think there are two issues that need to be considered with option 2 that I can think of.

The first is as you mention – ensuring that the incremental version updates that don't affect components are clearly communicated. I think this would need to be done through a combination of CHANGELOG's and using the docs site to document releases.

The other thing I'm a little cautious about is a point @webbertakken mentioned – the number of major version bumps that are made due to version increments running across all components. I imagine this would mainly be an issue as we spin up the library and components are less stable, but I wouldn't want the shared version number having lots of major breaking version bumps within a short time period, otherwise it gives the impression to consumers that it's not v stable (and so hard to work with). One possibility with this is that we could look to make more use of feature branches and alpha/beta releases to group these breaking changes so that we only have major version releases every so often (6 months?), similar to something we're doing with the design tokens going forward for breaking changes.

[webbertakken]

If you have breaking changes often but they're not very big and you don't want to scare off people, you can also use an increasingly popular versioning scheme, like 2023.2.49 (year, major release, patch+minor). It is common in product releases, not so much in javascript packages (yet?).

This versioning scheme is useful because it gives you a better idea (than with conventional semver) of how outdated you are as an implementer. At the time of writing I'm unsure whether it's also useful for javascript packages or not.

About branches, I'd recommend keeping it quite simple:

• main branch tracks what will be released, adding a version tag to it publishes the changes
• next branch includes everything of main + breaking changes and can not be released until the next major. Can release versions like 2.0.0-beta.1 where 2 is the next major version and 1 is a simple increment. I'm afraid that if you go with either 1 or 2 that every major bump will affect all packages regardless, also a bit dependant on the semantics of what is considered BC in major; of course changes in public api are always breaking, but is a colour change too? or a change in global padding?.

While the repo is still in early and active development you could prevent the breaking changes part by starting with 0 as the major version, effectively marking it as unstable.

Note: unstable is a keyword that mostly only people that require LTS are interested in.

[fernandofranca]

The flexibility and convenience provided by the approach suggested by Ben seems to be a good option.

I understand the concern of bundle size, though I wouldn't agree that the package size necessarily corresponds to what is bundled in the consumer application.

Treeshaking is used in CW in order to get rid of Snacks unused components in the app production build.

I'd suggest doing some sort of experiment for checking how much of a web components bundle can be treeshaken before discarding this approach.

[ashleynolan]

Yeh, I agree – I think we should be able to try this approach too alongside individual versioning (as it's just a bundle that wraps the individual releases effectively). Then once we have the bundle we can try out how well it might work in prod vs dev/prototyping (evaluating tree-shaking as you mention)

[sebastienrocks]

Thanks for the write up @ashleynolan .

Another thing is it might be beneficial for us to reach out to consumers (or future consumers) to get their input earlier on, which might help make a decision. Below are my personal thoughts:

Around one bundled library:
Indeed There may be package size issues with a whole version bundled, but teams should hopefully be able to mitigate this with tree-shaking. Probably worth us having some investigation on this as well to validate it's an issue or not.
For the issue involving rollbacks, another thing I thought of is we could potentially review how we do releases, and leverage a beta package before moving something into a stable version (a more detailed process would need to be defined of course, specifically around what we consider 'stable').
Teams could consume the beta if they wished, with the caveat they know there may be issues, otherwise they can stay on stable and have more assurances.

Based purely off personal experience, individually versioned components from a consumer standpoint can be frustrating: Each component needs to be independently installed, and maintained. As you pointed out, it adds additional complexity when components are dependent on each other.
Ensuring consumers are remaining up to date would also potentially be more difficult depending on the size of the teams with this approach.

Ultimately, I really like @siggerzz write up around both approaches. This seems to be a very good solution as we are leaving the option to consumers.

[ashleynolan]

I just wanted to sum up our findings and conversations on bundling so far – I'll keep this discussion open as it's useful to help track any progress on this topic.

Summary

After discussions both in this thread and through conversations we've had, it seems like our preferred approach will be to follow @siggerzz suggestion which is to Version and release components individually while also providing a bundled version of these components which provides more identifiable bundle version numbers across components.

This should give us flexibility of letting consumers decide on what might work best for them.

The main concern that we will need to address (through a spike as we build out the capability and through further discussions) around the bundle approach is around performance. Currently, it's unclear how bundling components in this way could impact performance. As mentioned in this comment, the Adobe Spectrum team do provide a similar bundle for consumers, but advise against using it in production due to performance concerns. I think it's still of benefit to maintain a versioned bundle, as it could help with prototyping, as well as enabling clear communications as to which individual component releases relate to major version bumps in the bundle package (which could be useful for larger brand updates for example).

We'll initially recommend for early adopters to consume components by using the individual package releases. We can then spike out the creation of a bundle distributable of components and look into the implications of this as the number of components in PIE grows.

We are shortly due to be catching up with the Adobe Spectrum team, so any learnings from that may also influence the direction we take with the component bundle.