Our approach to semver needs to take these factors into consideration. Node.js is certainly no exception our platform has a relatively unique approach to dependencies and our community norms have evolved towards much smaller, fine-grained packages and projects that can be constructed from complex and deep dependency trees. Semver is fairly clear in its specification but there are details that each software community choosing to adopt semver must grapple with in order to make the ideals of semver line up with the practicalities of their platform and the norms of their community. In this article we'll be using the newly introduced caret ^ range specifier to dive deeper into how npm views semver and how we, as Node.js developers, should be thinking about how to version our packages. Peer-depend on, and add it to your package.Our previous article took an introductory look at semver from a Node.js perspective. When writing a plugin, figure out what version of the host package you Peer dependencies are pretty simple to use. Good thing npm was around to help us figure out this conflict, so it could be fixed in version 0.11.7! Using Peer Dependencies Npm ERR! peerinvalid Peer wants ~0.3.0Īs you can see, jitsu depends on two Flatiron-related packages, which themselves peer-depend on conflicting versions Node, you should be ready to use peer dependencies!Īs proof, I present you the results of trying to install jitsu 0.11.6 with npmġ.2.10: npm ERR! peerinvalid The package flatiron does not satisfy its siblings' peerDependencies requirements! Node.js 0.8.19, so if you've installed the latest version of Specifically, they were introduced in a rudimentary form in npm 1.2.0, and refined over the next few releases into Months ago, I finally found a free weekend, and now peer dependencies are in npm! Volunteering to get this done "over the weekend" nine The peer dependency idea has been kicked around for literally years. Only work when plugged in to version 1.2.x of my host package, so if you install me, be sure that it's alongside aĬompatible host." We call this relationship a peer dependency. What we need is a way of expressing these "dependencies" between plugins and their host package. I'll leave the subtle failures that come from the plugin using a different Winston API than the main application to Latest and greatest stuff, so you look up the latest versions of winston and of winston-mail, putting them in yourīut now, running npm install results in the unexpected dependency graph of ├── Its "dependencies" hash, since that's the latest version it was tested against. For example, let's pretend that winston-mail 0.2.3 specified "winston": "0.5.x" in Specifying the dependency in the plugin's package.json would result in a dependency tree with multiple copies of the Possibly plugging in the plugin to a host package that it's incompatible with.Įven for plugins that do have such direct dependencies, probably due to the host package supplying utility APIs, So we'd be back to square one, with your application Package as a dependency, the downloaded copy would never be used. grunt plugins never do require("grunt"), so even if plugins did put down their host Most plugins never actuallyĭepend on their host package, i.e. Usual model, with a "dependencies" hash in package.json, clearly falls down for plugins. Grunt plugins, version 0.3.1 of grunt-contrib-stylus works with grunt 0.4.0rc4, but breaks when used with gruntĪs a package manager, a large part of npm's job when installing your dependencies is managing their versions. Or, in the faster-paced and less-semver–friendly world of For example, versions 1.x and 2.x of my chai-as-promised plugin work withĬhai version 0.5, whereas versions 3.x work with chai 1.x. But more importantly, they're designed to be used with In essence, plugins are designed to be used with host packages. There are many examples of this pattern in theĮven if you're not familiar with any of those use cases, surely you recall "jQuery plugins" from back when you were aĬlient-side developer: little s you would drop into your page that would attach things to jQuery.prototype Package, even though it does not always directly use the host package. A plugin package is meant to be used with another "host" There's one use case where this falls down, however: plugins. Everyone's code works! The Problem: Plugins This is, generally, great: now some-other-library has its own copy of request v1 that it can use, while not Request version 2 and some-other-library, but some-other-library depends on request version 1, the resultingĭependency graph looks like: ├── In particular, it handles sub-dependencies very well: if my package depends on Reposted from Domenic's blog with permission.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |