Lightning LockerService Disabled
Lightning LockerService is enabled for all custom Lightning web components. The service was activated for customers in the Summer ’17 release. Lightning LockerService isn’t enforced for components that use API version 39.0 and lower, which covers any component created before Summer ’17. When a component is set to at least API version 40.0, it’s enabled. New AppExchange security reviews and periodic re-reviews require components to be version 40.0 or higher so that Locker is enabled.
Metadata Example
<?xml version="1.0" encoding="UTF-8"?>
<AuraDefinitionBundle xmlns="http://soap.sforce.com/2006/04/metadata">
<apiVersion>39.0</apiVersion>
<description>My Component</description>
</AuraDefinitionBundle>
<?xml version="1.0" encoding="UTF-8"?>
<AuraDefinitionBundle xmlns="http://soap.sforce.com/2006/04/metadata">
<apiVersion>40.0</apiVersion>
<description>My Component</description>
</AuraDefinitionBundle>
For more information, read the Summer 2017 Release Notes and Security with Lightning Locker in the Lightning Web Components Developer Guide.