Giter Club home page Giter Club logo

Comments (6)

DavHau avatar DavHau commented on June 26, 2024

The problem with peerDependencies is that different versions of NPM handle them differently. See https://docs.npmjs.com/cli/v7/configuring-npm/package-json#peerdependencies

In npm versions 3 through 6, peerDependencies were not automatically installed, and would raise a warning if an invalid version of the peer dependency was found in the tree. As of npm v7, peerDependencies are installed by default.

That means depending on the npm version used upstream, peerDependencies might be completely ignored, and therefore not part of the lock file, in which case we should ignore them too, and in other npm versions they are treated as normal dependencies and are part of the lock file, in which case we should install them.

If we want to have a nice UX, we should detect automatically which npm version was used upstream. We could to that by looking at:

  • lock file version (version 2 or higher indicates npm version 7 or higher)
  • engine field of package.json (might have a minimum version for npm)
  • devDependnecies in package.json (might have a npm version specified)

But some projects won't have a lock file and none of the required fields set in package.json, therefore we still need a flag, allowing the user to manually toggle peer deps on/off.

from dream2nix.

happysalada avatar happysalada commented on June 26, 2024

very nice find.
I tried to install the dependency with the lockfile with version 1 and with version 2
the previous snippet was after I updated the lockfile.
Before I updated it, the lockfile looks like

    "@sveltejs/vite-plugin-svelte": {
      "version": "1.0.0-next.37",
      "resolved": "https://registry.npmjs.org/@sveltejs/vite-plugin-svelte/-/vite-plugin-svelte-1.0.0-next.37.tgz",
      "integrity": "sha512-EdSXw2rXeOahNrQfMJVZxa/NxZxW1a0TiBI3s+pVxnxU14hEQtnkLtdbTFhnceu22gJpNPFSIJRcIwRBBDQIeA==",
      "requires": {
        "@rollup/pluginutils": "^4.1.2",
        "debug": "^4.3.3",
        "kleur": "^4.1.4",
        "magic-string": "^0.25.7",
        "svelte-hmr": "^0.14.9"
      },
      "dependencies": {
        "debug": {
          "version": "4.3.3",
          "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.3.tgz",
          "integrity": "sha512-/zxw5+vh1Tfv+4Qn7a5nsbcJKPaSvCDhojn6FEl9vupwK2VCSDtEiEtqr8DFtzYFOdz63LBkxec7DYuc2jon6Q==",
          "requires": {
            "ms": "2.1.2"
          }
        },
        "ms": {
          "version": "2.1.2",
          "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz",
          "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w=="
        }
      }
    },

it doesn't even show the dependency, however I get the exact same error.
So in the previous version of npm, the lockfile is just wrong and we have no way to fix this.
This tends to make me think that we shouuldn't worry about npm version and always try to install peerDependencies to be on the safe side (if they are not used, we loose just a bit of space, if they are we prevent mistakes).

If we don't install them, we should have a way to make an override to add a dependency. something like

vite-plugin-svelte = {
   add-missing-deps = {
       buildInputs = old: old ++ [ self.svelte ];
   }
}

(or something like that, I couldn't find a way to manually add a dependency already in the dependency graph).

from dream2nix.

DavHau avatar DavHau commented on June 26, 2024

We can't just try to install peerDependencies by default, because they might not be part of the lock file and then translation will fail.
Though we could install them whenever they are part of the lock file.

You can add dependency edges via the inject parameter. See an example here:
https://github.com/bobanetwork/boba/blob/b6b200d74e6e90c63ade6180adb1c06585c9b77b/flake.nix#L162-L172

from dream2nix.

happysalada avatar happysalada commented on June 26, 2024

very nice secret api!
do they support wildcard ?
at the moment my inject looks like

      inject = {
        "@sveltejs/vite-plugin-svelte"."1.0.0-next.37" = [
           ["svelte" "3.46.4"] ["vite" "2.8.4"]
         ];
        "@tiptap/extension-blockquote"."2.0.0-beta.26" = [
           ["@tiptap/core" "2.0.0-beta.174"]
         ];
        "@tiptap/extension-bold"."2.0.0-beta.26" = [
           ["@tiptap/core" "2.0.0-beta.174"]
         ];
        "@tiptap/extension-bubble-menu"."2.0.0-beta.55" = [
           ["@tiptap/core" "2.0.0-beta.174"]
         ];
        "@tiptap/extension-bullet-list"."2.0.0-beta.26" = [
           ["@tiptap/core" "2.0.0-beta.174"]
         ];
        "@tiptap/extension-code"."2.0.0-beta.26" = [
           ["@tiptap/core" "2.0.0-beta.174"]
         ];
        "@tiptap/extension-code-block"."2.0.0-beta.37" = [
           ["@tiptap/core" "2.0.0-beta.174"]
         ];
        "@tiptap/extension-document"."2.0.0-beta.15" = [
           ["@tiptap/core" "2.0.0-beta.174"]
         ];
        "@tiptap/extension-dropcursor"."2.0.0-beta.25" = [
           ["@tiptap/core" "2.0.0-beta.174"]
         ];
        "@tiptap/extension-floating-menu"."2.0.0-beta.50" = [
           ["@tiptap/core" "2.0.0-beta.174"]
         ];
        "@tiptap/extension-gapcursor"."2.0.0-beta.34" = [
           ["@tiptap/core" "2.0.0-beta.174"]
         ];
        "@tiptap/extension-hard-break"."2.0.0-beta.30" = [
           ["@tiptap/core" "2.0.0-beta.174"]
         ];
        "@tiptap/extension-heading"."2.0.0-beta.26" = [
           ["@tiptap/core" "2.0.0-beta.174"]
         ];
        "@tiptap/extension-highlight"."2.0.0-beta.33" = [
           ["@tiptap/core" "2.0.0-beta.174"]
         ];
        "@tiptap/extension-history"."2.0.0-beta.21" = [
           ["@tiptap/core" "2.0.0-beta.174"]
         ];
        "@tiptap/extension-horizontal-rule"."2.0.0-beta.31" = [
           ["@tiptap/core" "2.0.0-beta.174"]
         ];
        "@tiptap/extension-image"."2.0.0-beta.27" = [
           ["@tiptap/core" "2.0.0-beta.174"]
         ];
        "@tiptap/extension-italic"."2.0.0-beta.26" = [
           ["@tiptap/core" "2.0.0-beta.174"]
         ];
        "@tiptap/extension-link"."2.0.0-beta.36" = [
           ["@tiptap/core" "2.0.0-beta.174"]
         ];
        "@tiptap/extension-list-item"."2.0.0-beta.20" = [
           ["@tiptap/core" "2.0.0-beta.174"]
         ];
        "@tiptap/extension-ordered-list"."2.0.0-beta.27" = [
           ["@tiptap/core" "2.0.0-beta.174"]
         ];
        "@tiptap/extension-paragraph"."2.0.0-beta.23" = [
           ["@tiptap/core" "2.0.0-beta.174"]
         ];
        "@tiptap/extension-strike"."2.0.0-beta.27" = [
           ["@tiptap/core" "2.0.0-beta.174"]
         ];
        "@tiptap/extension-text"."2.0.0-beta.15" = [
           ["@tiptap/core" "2.0.0-beta.174"]
         ];
      };

wondering if I can do something like

      inject = {
        # wildcard to match all versions ?
        "@tiptap/extension-blockquote"."*" = [
           # wildcard to match all versions ? Or perhaps I just don't specify the version ?
           ["@tiptap/core" "*" ]
        # wildcard in the name to match a series of dependencies ?
        "@tiptap/extension-*"."*" = [
           ["@tiptap/core" "*"]
         ];
      };

just wondering about those, no worries if they are not implemented.

from dream2nix.

DavHau avatar DavHau commented on June 26, 2024

That API should be improved and documented. The wildcard idea needs to be added as well.

from dream2nix.

DavHau avatar DavHau commented on June 26, 2024

I'm sorry, I just noticed that my previous comments on this issue are highly misleading. We are in fact installing exactly the dependencies from the lock file. Dependency resolution already has happened by NPM which created the lock-file, Therefore we cannot and should not do anything regarding the peerDependencies.

The problems you were running into @happysalada are due to the build toolchain not being able to cope with symlinks. This requires either patching the toolchain, or using installMethod=copy.

With installMethod=copy + some fixes in #194, the package builds fine without having to use any injects

from dream2nix.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.