Join GitHub today
GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.
Sign up[WIP] Move jQuery package.json dependencies #1430
Conversation
and update deps and lock files. - jQuery is a runtime dependency closes #1428
|
Atm:
|
|
This will cause duplicate jQuery dependencie which isn't supported by jQuery |
- Logical OR should be used in semver, rather than comma for logical AND.
(https://getcomposer.org/doc/articles/versions.md#version-range)
(https://semver.npmjs.com/)
- Resolves the UNMET PEER DEPENDENCY jquery@1.12.4
No more "npm ERR! peer dep missing: jquery@^1.7.0, ^2, ^3, required by selectize@0.12.6"
'npm ls' on projects now does not report UNMET PEER DEPENDENCY anymore.
fixes #1414
|
Oh that might be better |
|
Yep, I was hitting my head on those WARNS until I didn't check the npm semver syntax With selectize@0.12.6 it can't resolve a valid version: With the pull-request it gets rid of the WARN and satisfies the required dependencies: About the I couldn't manage to install and get a use case with duplicated versions. But maybe that's also depending on a different NPM version. |
|
devDeps are ignored by upstream deps
…On Tue, 17 Jul 2018, 16:39 Igor Pellegrini, ***@***.***> wrote:
Yep, I was hitting my head on those WARNS until I didn't check the *npm
semver* syntax
|
Yes, but When Selectize is the only project dependency requiring jQuery, no jQuery will be installed on production. There will be a PEER DEP warning (if the user notices that) but why forcing to act manually if there is no conflict? jQuery in I see most of the other libraries using jQuery to rely (imho correctly) on |
|
jQuery is specifically mentioned in the npm docs as a case to use peerDeps
…On Tue, 17 Jul 2018, 22:54 Igor Pellegrini, ***@***.***> wrote:
devDeps are ignored by upstream deps
Yes, but
devDependencies are for the dev-scripts, e.g. unit testing, packaging,
doc generation
dependencies are required for production use, and assumed required for
dev as well.
When Selectize is the only project dependency requiring jQuery, no jQuery
will be installed on *production*. There will be a PEER DEP warning (if
the user notices that) but why forcing to act manually if there is no
conflict?
Especially since our users didn't need to do it until now (= more people
opening issues)
jQuery in dependencies will always work as expected from a non-expert
user, and will warn just when an unsolvable conflict (duplicate) is found.
In that case the user MUST do something manually and investigate more.
I see most of the other libraries using jQuery to rely (imho correctly) on
dependencies and peerDependencies. I think we should do the same.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#1430 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AAZQTI3FVwPhFKhNrkCjKI2UleqbHZgzks5uHl0ZgaJpZM4VSAoD>
.
|
|
Also npm won't warn on duplicate dependencies. It will just break in
production or result in duplicate jQuerys
…On Tue, 17 Jul 2018, 22:57 Thomas Grainger, ***@***.***> wrote:
jQuery is specifically mentioned in the npm docs as a case to use peerDeps
On Tue, 17 Jul 2018, 22:54 Igor Pellegrini, ***@***.***>
wrote:
> devDeps are ignored by upstream deps
>
> Yes, but
> devDependencies are for the dev-scripts, e.g. unit testing, packaging,
> doc generation
> dependencies are required for production use, and assumed required for
> dev as well.
>
> When Selectize is the only project dependency requiring jQuery, no jQuery
> will be installed on *production*. There will be a PEER DEP warning (if
> the user notices that) but why forcing to act manually if there is no
> conflict?
> Especially since our users didn't need to do it until now (= more people
> opening issues)
>
> jQuery in dependencies will always work as expected from a non-expert
> user, and will warn just when an unsolvable conflict (duplicate) is found.
> In that case the user MUST do something manually and investigate more.
>
> I see most of the other libraries using jQuery to rely (imho correctly)
> on dependencies and peerDependencies. I think we should do the same.
>
> —
> You are receiving this because you commented.
> Reply to this email directly, view it on GitHub
> <#1430 (comment)>,
> or mute the thread
> <https://github.com/notifications/unsubscribe-auth/AAZQTI3FVwPhFKhNrkCjKI2UleqbHZgzks5uHl0ZgaJpZM4VSAoD>
> .
>
|
Yes, I am totally fine with jQuery in peerDependencies.
I meant that it will warn about unsatisfied peerDeps. |
|
I also agree with the idea in this article, that the duplicates case is acceptable since it can be easily resolved, while maintaining compatibility with either NPM 2 & 3. |
|
Thanks for tackling this whole matter @Pictor13, I knew from the start it was going to be a thorny issue. I don't have any bandwidth to study this in depth, @Pictor13 @graingert do we have a consensus to merge? |
|
@joallard no. Do not merge this PR |
|
Thanks. Let me know when you're ready |
|
Don't merge yet. Anyway I add also #1218 to support @graingert point. |
|
I really appreciate that we're taking the time to think about the consequences and that we're trying to reach a solution that makes some kind of consensus. If I can see that and that the changes are reasonable for most users going forward, I'm pretty sure I'll have @brianreavis' support on this. My understanding of #1218 is that it's been more or less solved by moving jQuery to peerDependencies. Edit: I put a WIP tag on the title, feel free to remove it when it's ready. |
joallard
changed the title
and update deps and lock files.
closes #1428