Ah, this is a good question and in general something that’s not always clear. For Auth providers and setup integrations built-in to Redwood, do know that we are often upgrading and testing requirements against the latest available versions. The current version of Redwood (v0.36) uses
"@supabase/supabase-js": "1.21.1" And the upcoming release (v0.37) will use the latest
In general, you can try upgrading your project to the latest version of a dependency. If things break, revert the change and then open a GitHub Issue as we’ll want to know an internal update is required to support the latest.
More often that not, what is likely to happen is that you’ll try to upgrade Redwood and discover a dependency you have is outdated and causing an issue. That’s when you’ll realize you need to upgrade.
Lastly, did you mean to write
yarn.lock instead of
package.lock (since the latter is only created if you’re using npm package manager)?