-
Notifications
You must be signed in to change notification settings - Fork 2.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
difference between npm and yarn behavior with nested dependencies #3951
Comments
I wouldn't class this as a bug. We have no strict guarantee on how the hoisting process will put things in the end - for what it's worth, we could implement a I feel like the fix should be on |
@arcanis - No matter how and what we hoist, we should accept anything for |
Yes and no. This is a bit tricky.
So, to sum up: the hoister is about trimming the fat and avoiding filling your disk with garbage - not ensure your dependencies are correctly setup (that's the responsibility of package authors). Ideally, your code should work with no hoisting, or with super-weird hoisting that would create ten levels of indirection. If you don't, it will eventually break, whether it's in Yarn or in another package manager. Of course, we could potentially fix this (most likely not without spending some serious time, and breaking other behaviors). But I fear that by doing so, we would actually enable this kind of "We can do whatever we want, the package managers will have to make it work anyway" behavior, which I think is detrimental to everyone in the long term (Yarn, but also other package managers who would have to have the exact same behavior, and package consumers that would have to use sub-par package managers that can't apply aggressive optimizations because some packages do not play by the rules - we've already been hit by that in a few occasions). 😉 Now, from an implementation viewpoint, here is what causes the behavior described in the OP. First, you have to understand that what we called the "hoister" is actually splitted in two different parts:
So during the first step, both angular versions are resolved to their respective versions, independently from each other, then the hoister tries to merge them, see that their versions don't match, and just doesn't merge them. And as described in the first part of this comment, this is to be expected. If you want them to be merged, you would instead use a |
@sthuck - Okay, we've had an offline chat with @arcanis about this and now I understand why he is right and this is the expected behavior. Here's the thing: hoisting is not a requirement, it is an optional optimization. So if a dependency lists a sub-dependency as Does this make sense? |
@BYK yep. Will open a PR with DefinitelyTyped to fix their dependencies. |
@sthuck have you made this PR? I'm having massive issues right now because |
@TheTedAdams |
I have a further question about
installing
This creates duplicate @types/react dependencies everywhere unless I peg the version of Edit: on further testing it looks like that module resolution changed after deleting yarn.lock and re-generating a brand new one. It was slightly confusing how picking these nested dependencies changed after deleting the lock file. |
@cwmoo740 that is consistent with my experience. |
@cwmoo740 That seems to be a different issue, we should probably fork this discussion in a new ticket. That being said, I've just tested it and got |
@arcanis your suggestion to use peerDependencies wont' work with npm@3, since they no longer install peerDependencies by default. |
I just ran into this issue or something related trying to switch a project for npm to yarn. I needed to delete my node_modules/@types folder and run "npm install" in order to fix the problem. |
Yep, same problem here: in our project we had to revert to Yarn version |
It's not automatic, but you can now use the resolutions block introduced in 1.0.0 to fix this issue manually without messing with yarn.lock! |
Hi everyone :) I slightly lost the overview on this issue. Given the following {
"name": "yarn-star",
"version": "1.0.0",
"private": true,
"dependencies": {
"@types/react": "^15.0.0",
"@types/react-router-dom": "^4.0.7"
}
}
Is there consensus if yarns behaviour is a bug or not? |
@donaldpipowitch doesn't look like a bug to me since |
@BYK Thanks for the feedback. Sorry for pinging you directly @RyanCavanaugh, but maybe you can comment on this? Your comment here microsoft/types-publisher#371 (comment) sounds like this wouldn't be a feasible solution for I personally would favour npm's behaviour. Not just for |
We want a way to say "There should be some version of this dependency installed automatically, but multiple packages can form a consensus to avoid multiple versions from being installed". NPM's |
Thank you @RyanCavanaugh for taking the time. (I'm actually glad that So I guess for TypeScript users or users who want as few modules as possible (e.g. for bundling) the |
@donaldpipowitch I've also had success manually editing the yarn.lock file to force |
This is strictly to fix `yarn` problem of not deduping packages See yarnpkg/yarn#3951 (comment) for more details
This is strictly to fix `yarn` problem of not deduping packages See yarnpkg/yarn#3951 (comment) for more details
Same issue on Linux \ Windows. Different versions of nested packages with yarn |
…wer/cli/node_modules/* Also defining as a peer dependency should fix it. See yarnpkg/yarn#3951
Hi all,
I found a slight difference in behavior between npm (v4) and yarn 0.24.5 to yarn 0.27.5.
my package.json dependencies has something like this:
now
@types/angular-mocks
package.json looks like this:In npm v4 and yarn 0.24.5, the
@types/angular: "~1.5.0"
I have in my package.json, satisfies this dependency, so I have only 1@types/angular
installed, innode_modules/@types/angular
, and it's version is 1.5.23. Which is great.But in yarn 0.27.5, I think the
"@types/angular": "*"
is being interpreted as a dependency on "latest".Whatever the reason is, this causes me to now have 2
@types/angular
packages.Version 1.5.23 in
node_modules/@types/angular
, and version 1.6.26 (latest) innode_modules/@types/angular-mocks/node_modules/@types/angular
. This obviously causes issues for typescript.Im not sure if this is the intended behavior... If it is the intended behavior, and if someone by chance has an idea which commit is responsible for this change, I would love to know. Like I wrote, in 0.24.5 this issue didn't happen. I tried finding it myself but without success.
node: v6.9.5, npm: 4.1.2, yarn: 0.27.5
The text was updated successfully, but these errors were encountered: