NPM should install satisfying version (or fail) #3305

Closed
vojtajina opened this Issue Apr 2, 2013 · 5 comments

Comments

Projects
None yet
4 participants

log4js@0.5.8 runs only on Node 0.8
log4js@0.6.1 runs only on Node 0.10

karma depends on log4js and aims to support both Node 0.8 and 0.10, so it specifies:

dependencies: {
  "log4js": "~0.5.8 || ~0.6.1"
}

NPM should install either 0.5.8 (when installing on Node 0.8) or 0.6.1 (when installing on Node 0.10).

It however installs ALWAYS 0.5.8 and displays WARN (if Node 0.10).

vojtajina referenced this issue in paulmillr/chokidar Apr 2, 2013

@vojtajina vojtajina referenced this issue in karma-runner/karma Apr 2, 2013

Closed

Upgrade to Node.js 0.10 #400

Contributor

paulmillr commented Apr 2, 2013

IMO this is like browser UA spoofing. We spoof for features, not versions.

@paulmillr agree, however "version" is kind of an alias for huge number of features... so it's easier to say I depend on 0.10, rather than listing all the features that could possible change.

@isaacs What is the current thinking behind the "engine" property in package.json ?

Contributor

luk- commented Apr 4, 2013

I don't think this will ever happen (and I definitely don't think it should).

If the dependency you are using is not backwards compatible and you need it to be, then submit a patch, or maintain your own fork. Package manager dependency duplicity is an indicator of code smell.

Member

mfncooper commented Apr 6, 2013

The engine field is entirely advisory. In the old days, npm used to consider it an error if there wasn't a package version available for the running version of Node. In a perfect world, that's probably the right thing to do. However, the world isn't going to be perfect any time soon, and this turned out to be a major pain for all involved. Hence it became advisory, and it's up to the user to determine whether to heed the warning or ignore it.

@luk- luk- closed this Apr 10, 2013

bitwiseman pushed a commit to bitwiseman/karma that referenced this issue Sep 10, 2014

chore: install log4js manually (on Node 0.10)
Workaround for npm/npm#3305

This is cherry-picked commit from stable branch (707684b)

Conflicts:
	package.json
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment