out-dated peer dependencies between repository libraries

[esakal]

Hello,
Thanks for the great library. We need an advice.

We have 3 libraries, each has its own version. this is how we setup each library:

 "version": {
          "executor": "@jscutlery/semver:version",
          "options": {
            "baseBranch": "master",
            "commitMessageFormat": "ci: release version ${version} [skip ci]",
            "postTargets": ["ui-components:publish", "ui-components:github"]
          }
        },     
        "github": {
          "executor": "@jscutlery/semver:github",
          "options": {
            "tag": "${tag}"
          }
        },
        "publish": {
          "executor": "ngx-deploy-npm:deploy",
          "options": {
            "access": "public"
          }
        }

Our setup is aligned to the suggestion in readme.md, but we noticed that in NPM packages we have outdated peer dependencies between our libraries.

It happens because this library updates the version of the libraries under dist folder during the bumping process but it doesn't update the peer-dependencies versions so it results in outdated versions for peer-dependencies.

{
  "name": "@kep-ui-kit/ui-components",
  "version": "3.0.0", <-- this is the correct version after the bump process
  "peerDependencies": {
    "@kep-ui-kit/ui-theme": "1.0.0", <-- those are the values that were there when we ran the build before running the semver
    "@kep-ui-kit/ui-icons": "1.0.0"
  }
}

Although the target publish is not part of this library, as it is being executed as postTarget right after this one, we cannot interfere in the middle. We tried but it didn't help because we need first to run the version on all of them and then run targets github and deploy only on those with the changes.

Just to note that peer-dependencies are added automatically for inner dependencies during the nx build process npx nx run-many --target=build --prod --projects=ui-theme,ui-icons,ui-components

I believe others has the same need, so maybe we missed something in the configuration?

Thanks!

[edbzn]

Semver does not support bumping peer dependencies in the workspace (like Lerna does). It could be a new feature that we can discuss.

[dbpieter]

For my use case this is pretty crucial as well! I'm mainly using nx + semver as a build tool for an angular library. If I make at change to a library and then also version and publish it's dependants (through nx affected) it should also update the peerdeps. Otherwise consumers won't know which version of peer deps to install and always get warnings on it.

[cakeinpanic]

Hi!
I ran into same issue and just created my own bash script which I run after successfully bumping version for a lib which is used as a dependency in other libs.
I have basic components and angular and react wrappers distributed as a separate libs.
package.json of angular library looks like this

{
	"name": "angular-b2b-components",
	"version": "3.3.0",
	"dependencies": {
		"ui-components": "3.3.0"
	}
}

So each time I bump ui-components version I need to also bump it here

With the script I wrote my git log looks like this.

Here is the script. it requires you to install jq (brew install jq).
It presumes that you have a standard nx folder structure: libs having all libraries inside of it

#!/bin/bash

replace_version () {
  folder=$1
  version=$2
  cd ../$1

  oldVersion=` jq -r '.dependencies."ui-components"' package.json`

  nextPatch=$(echo ${oldVersion} | awk -F. -v OFS=. '{$NF += 1 ; print}')
  echo "new: $version, old: $oldVersion, nextPatch: $nextPatch"
  updatedPackage=`cat package.json | jq  --arg version "$version" '.dependencies."ui-components"=$version' | unexpand -t2`
  echo "$version"
  echo "$updatedPackage" > package.json
  if [ "$nextPatch" = "$version" ]; then
      commitPrefix="fix"
  else
     commitPrefix="feat"
  fi
  echo "commit prefix for $folder is $feat"
  git add package.json
  git commit -m "${commitPrefix}(ui-components): update ui-components dependency in ${folder}"
}

cd libs/ui-components
version=`jq -r '.version' package.json`
echo "ui-components version is: $version"
replace_version "react-b2b-components" "$version"
replace_version "angular-b2b-components" "$version"

[mrsufgi]

@cakeinpanic, thank you for the script; however, don't you think it will be a good idea to have this library do it for you? Updating dependencies is basic. Without it, --trackDeps kinda miss the point, no?

if LibA requires LibB in a monorepo and the was a change in LibB, both are being published to NPM. Now, if you didn't update "dependencies" in package.json for LibA. a user install and get the old dep.

doing it "adhoc" for packages makes it unusable really.
sounds like a feature request?