Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Lock dependencies #12

Closed
ysbaddaden opened this issue Jun 28, 2015 · 4 comments · Fixed by #27
Closed

Lock dependencies #12

ysbaddaden opened this issue Jun 28, 2015 · 4 comments · Fixed by #27
Assignees
@ysbaddaden
Labels
kind:feature
Milestone
v0.4.0

Comments

@ysbaddaden
Copy link
Contributor

Shards is missing a mechanism to lock the state of installed dependencies, so installs could be repeatable, always installing the same exact set of dependencies across developer machines, CI, ...

The format of the lock file is undecided. I think it should contain the flattened list of dependencies, along with their Git URL and either the version or Git commit (if a git tag/commit/branch refs is specified).

The lock file will impact the install command which must abide to the locked versions/refs and do its best to install new dependencies that match. The lock file may be seen as an initial set of requirements for dependencies —yet not be injected as dependencies, which could install removed dependencies.

The update command must not be impacted, but must generate the lock file.
@ysbaddaden ysbaddaden modified the milestone: v0.4.0 Aug 2, 2015
@ysbaddaden ysbaddaden mentioned this issue Sep 3, 2015
Closed
@ysbaddaden ysbaddaden self-assigned this Sep 3, 2015
@ysbaddaden ysbaddaden mentioned this issue Sep 4, 2015
Merged
10 tasks
@jhass
Copy link
Member

jhass commented Sep 9, 2015

We probably should also aim for defining a formal format for the lockfile in the midterm too so we can ease retaining backwards compatibility when we have to do changes or additions to it.

@ysbaddaden
Copy link
Contributor Author

Yes, probably.

For now it's merely a list of dependencies with either a version requirement or a commit sha1. Maybe we should have them under a shards key instead? That would leave space to add other data (like a shards version number, or something).

@jhass
Copy link
Member

jhass commented Sep 9, 2015

Yes, that sounds like a good idea. Maybe we should just version the lockfile independently, so if worst comes to worst we can have entirely different codepaths for legacy versions.

version: 0.1.0
shards:
  - source: ...
    version: ...

Or so (didn't look at the current version tbh :P)

@ysbaddaden
Copy link
Contributor Author

Almost:

version: x.y.z
shards:
  name:
    github: url
    version: x.y.z
  name:
    git: url
    commit: <sha1>

@ysbaddaden ysbaddaden mentioned this issue Sep 9, 2015
Closed
@duraki duraki mentioned this issue Nov 11, 2018
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ysbaddaden ysbaddaden

Labels
kind:feature
Projects
None yet
Milestone
v0.4.0
Development

Successfully merging a pull request may close this issue.

Lock file implementation crystal-lang/shards
3 participants
@ysbaddaden @jhass @straight-shoota