-
Notifications
You must be signed in to change notification settings - Fork 331
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Peer version pins #1254
Comments
Thank you for bringing this up. The change from "^foo" to "foo" came when migrating aways from Lerna and I never had a good argument for prefering one over the other. I think we can change that.
What I am wondering is: why/how did you get a different version for @cosmjs/tendermint-rpc than @cosmjs/stargate? We release all packages for every new version. |
The relevant yarn docs are here: https://yarnpkg.com/features/workspaces#publishing-workspaces. By specifying the path to the package our internal versions were turned into exact version. |
That’s intriguing. Upon further reflection, I cannot explain the effect I saw in terms of the model I described, so I must have missed something. That said, I’m sure using a semver range is not worse than pinning. Thank you for looking into this! |
Shipped as part of CosmJS 0.29.0 |
All
@cosmjs
packages are coversioned and pin their peer dependencies to the same exact version.CosmJS packages also use TypeScript classes with private fields, which makes them particularly sensitive to identity and type discontinuity. That is to say, an application’s lockfile and
node_modules
tree can only have one version of each CosmJS package or they will see type errors of the form “Tendermint34 RPC client can’t be assigned to Tendermint34 RPC client because private field X is not X.” The only difference will be that the left and right Tendermint34 clients will come from different versions of the same package.To that end, applications and libraries using CosmJS must also pin to the exact same version of each package and must not use semver ranges. That also means that any libraries being used with CosmJS must transitively be pinned so that any pair of libraries can reliably refer to the same instance.
At Agoric, we used a semver range for
@cosmjs/stargate
and@cosmjs/tendermint-rpc
. That resulted in our packages receiving a newer version oftendermint-rpc
than the one pinned instargate
, sostargate
got its own version. This in turn resulted in type discontinuity errors. Semver ranges are the default behavior ofyarn
andnpm
when installing new packages.This problem can be mitigated a number of ways:
The text was updated successfully, but these errors were encountered: