[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Cyclic npm dependencies
|
From: |
swedebugia |
|
Subject: |
Re: Cyclic npm dependencies |
|
Date: |
Sun, 25 Nov 2018 14:16:36 +0100 |
On 2018-11-24 16:41, Jelle Licht wrote:
Hey swedebugia,
I will still send a more elaborate reply to the general npm-importer
thread later this week, but we can assume that generally these
recursive dependencies can be untangled by looking at the different
versions of the dependencies.
So in your example, I imagine an input chain like:
node-glob 0.1 -> node-rimraf 0.1 -> node-glob 0.2 -> node-rimraf 0.2 ->
.... -> node-glob 1.0 -> node-rimraf 1.0
Thank you for showing me a way forward. I did not think of this :p
While *extremely* annoying to untangle, this is definitely doable.
Problems arise if this chain does not actually exist, which basically
means that we have to hunt down commits [1] which are steps in these
chains. Another complication is the versioning scheme used by many npm
packages, the semver [2] + ranges notation [3]. This makes this kind of
'versioning archeology' even harder to do.
For the case where this chain does exist, I have been working on a
semi-npm-compatible semver parser for guile [4], which I was hoping to
integrate in the npm importer or a standalone tool to assist people
wanting to untangle these dependency chains. The goal would be to
reconstruct the needed versions to package by parsing data in the
package.json files of historic versions of these packages.
Sounds good with a dedicated tool.
For now I concluded:
jquery, browserify, async are off limits because of one or more cycdeps.
Right now I am pursuing rollup and leaflet.
I put all cycdeps aside and intend to publish here in a thread for brave
hackers to work on. ;-)
--
Cheers Swedebugia