-
Notifications
You must be signed in to change notification settings - Fork 3k
Git urls don't allow semver ranges #3328
Comments
If you want that to work, then tag or branch so that |
@isaacs We can walk through tags, though? I believe I proposed this to you in the past. |
Yeah, it's not a good idea, though. Very complicated and weird. If you have loose git deps, then point at a branch, rather than a commit. |
Write a pre-procressor for package.json, call your sourcefile clever-package.json or so. It's a known fact that pre-processors are the solution to just about any gripe you have with the syntax for your platform of choice. ;) But seriously, the pre-processor could fix up the package.json for you so that it points to a real commit. It'd be certainly a useful little tool, if open source. Ideally, npm would have a "preinstallpackages" script hook for this. Then you can be sure that the generated package.json is always up to date before it gets evaluated. |
@isaacs It's certainly not a trivial implementation, but it would be very nice to have feature parity with bower here. |
If we're talking about github only, it's trivial. I can't point out the exact commit, but it was done in visionmedia/npm and yapm a long time ago using github api and gh-lookup. Just run Actual git url's are more tricky than that, because you have to fetch the entire tree before you know what commit hash you need, and there are a few corner cases. But people usually look just for github repos anyway. |
For the record, here is bower's implementation: https://github.com/bower/bower/blob/master/lib/core/resolvers/GitResolver.js#L91 |
Amusingly, although I opened this issue originally, I've now come to agree with @isaacs that this would be "very complicated and weird". I would advise people to just use an npm registry instead of conflating source control with published package management. |
@NickHeiner How's that working out with your private packages? Even today, years since |
npm private package hosting isn't the only one hosting available out there. I'm using private packages for 2 years now, and it works just fine. But git urls are useful for public stuff, if people don't want to use npm registry for one reason or another. |
Link to service provider? |
@jasonkuhrt , if you are looking for a npm-compatible private registry installed on your servers, look at |
@jasonkuhrt, we are hosting our own copy of the npm registry on couchdb. It's painful to maintain at times but generally works. |
how come jspm is able to install git packages using a semver range ? can the same technique not be used ? i think it's just getting the tags using |
being impressed by the richness of node packages and the well working idea of reusable modules I am convinced that this is the very case where having an option of working semvers for git urls is worth extracting the job already done for bower. |
bower.json has no problem with this syntax
I wish I could add a similar syntax to package.json. |
@dehru
Actually latest npm resolves your case correctly. The challenge is the
semver handling ie. git://myrepo.com/mymodule.git#^1.0.5
I mean the caret and tilde chars as range selectors.
|
@dimfeld Thanks for the tip, but unfortunately this won't help with version ranging with UPD: Moreover, we have force push restricted in repos |
@dimfeld thanks for pitching in your strategy! The team I'm in is a small one and as is atm, I think moving the tags would be more complicated (and thus error prone) for everyone to grok correctly than just being thorough with updating platforms. Experience might show me otherwise, and in that case your strategy is probably the soundest one. The only other sane alternative is branches for minor version ranges, as someone suggested earlier. |
Yeah, I agree it's a high-maintenance strategy... It could maybe be automated using a post-commit hook that pulls the package version from As far as ^ and ~ compatibility, my thinking was that using the Ultimately, I agree fully that having official support for semver ranges on git urls would be much better :) |
Honestly, although I highly support npm adding this possibility, why doesn't GitHub itself do this? |
@StephanBijzitter This should be done in npm, not in Github. |
The CLI team still intends to ship this as part of giving hosted Git dependencies as much parity with registry dependencies as is practicable. If somebody wants to take a stab at implementing this, it's mostly in the caching logic (and |
thank you @dimfeld i ended up implementing the same thing for my team as well, only difference is i opted to use v1.1.x and v1.x.x notation to help make obvious to them whats going on with the semver-ing ... works like a charm til semver on git urls is officially supported as far as automation, i have the script that re-creates those tags run anytime i do a "npm run publish-{major,minor,patch}" along with testing, babel transpiling, npm version, etc |
I'm glad it's working well for you @cellvia. Good idea with the v1.x.x style notation. I think I'll start using that too. |
If you really need this feature you can just switch to Yarn utility instead of NPM. It supports regular package.json and has this feature already. Example
|
@ondratra That's exactly what we've ended up with. |
We're closing this issue as it has gone thirty days without activity. In our experience if an issue has gone thirty days without any activity then it's unlikely to be addressed. In the case of bug reports, often the underlying issue will be addressed but finding related issues is quite difficult and often incomplete. If this was a bug report and it is still relevant then we encourage you to open it again as a new issue. If this was a feature request then you should feel free to open it again, or even better open a PR. For more information about our new issue aging policies and why we've instituted them please see our blog post. |
Worth noting this is supported now: https://github.com/npm/npm/releases/tag/v5.0.0 |
It seems broken in npm 5 (at least 5.5.1):
Produces:
|
@SkeLLLa maybe try |
@Yannik yep, it supported actually in >=5.6.0. |
According to the documentation:
I would like to be able use the full semver range syntax for the
commit-ish
part:I'm dependent on git urls because my company uses a number of repos on our internal github instance, and we don't have our own npm registry. (Based on digging through some old issues, it wasn't even clear that setting up our own npm registry would be possible.)
Could I submit a PR for this?
The text was updated successfully, but these errors were encountered: