Polaris web components are a production risk

Polaris
1

This is a follow-up to my previous post. I wanted to summarize my findings after spending more time with the new Polaris web components.

Moving toward web components is definitely the right direction, but there are a couple of massive deal-breakers that make this feel unready for professional use.

1. No version pinning is reckless

Right now, there is no way to pin a specific version. Forcing everyone to use the “latest” version via CDN is a major stability risk. While this works for App Bridge because the scope is small and changes are rare, Polaris is a complex UI library.

Just looking through the community threads, you can already see plenty of posts about new bugs being introduced. Without version locking, any update Shopify pushes can instantly break a live app UI. To assume there will never be regressions or breaking changes is delusional. Using an unversioned script in a production environment is a nightmare for stability.

2. GitHub over forum threads

The closed-source nature of these components makes troubleshooting way harder than it should be. I would much prefer if issues, changelogs, and releases were tracked on GitHub instead of buried in these community forums. An open-source model would give us the transparency we need to track changes and report bugs effectively.

I hope the Shopify team takes these points seriously. Polaris web components need to be a stable, professional tool if the community is expected to adopt them.

1 Like
How can we lock the version of Polaris Web Components loaded from the CDN?
2

Here are a few thoughts on how we could solve the versioning issue:

  • npm distribution: This is the most professional route. It allows for proper bundling and ships types directly, which would eliminate the need for the separate @shopify/polaris-types package.
  • Versioned CDN URLs: We should at least have the option to pin a version in the URL (e.g., /v1.2.3/polaris.js) if we choose to.
  • Incentives, not force: I understand Shopify wants apps to stay in sync with the Admin UI, but automatic updates aren’t the answer. This could be managed like Admin API versions. The library could simply write its version to the window object, allowing Shopify to monitor which version an app is using via their existing app health/web vitals tracking. They could then notify developers in the Partner Dashboard when an update is required or a version is nearing deprecation.

Ideally, Shopify should provide both. An npm package for production-grade apps and a versioned CDN for quick prototypes or simpler implementations.

2 Likes
3

I love the discussion, but we have existing threads for this topic – it would be great to keep the conversation consolidated into one place so everyone is kept up-to-date. Please post in How can we lock the version of Polaris Web Components loaded from the CDN? and note that there are some workarounds in there as well!

Thank you. Again, not trying to stifle this conversation, just keeping it in one place.