Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

New Zod version breaks the existing versions when using yarn #169

Closed
RobinTail opened this issue Oct 18, 2021 · 3 comments · Fixed by #170, #172 or #173
Closed

New Zod version breaks the existing versions when using yarn #169

RobinTail opened this issue Oct 18, 2021 · 3 comments · Fixed by #170, #172 or #173
Assignees
@RobinTail
Labels
bug Something isn't working CI/CD

Comments

@RobinTail
Copy link
Owner

Suddenly I found out that yarn does NOT respect yarn.lock files of sub-dependencies. So the version of zod defined in my yarn.lock file does not actually mean anything when doing yarn add express-zod-api.

Related issue: yarnpkg/yarn#4928

https://classic.yarnpkg.com/blog/2016/11/24/lockfiles-for-all/

When you publish a package that contains a yarn.lock, any user of that library will not be affected by it. When you install dependencies in your application or library, only your own yarn.lock file is respected. Lockfiles within your dependencies will be ignored.

Holy Moly!

The version of Zod 3.10.x seems to have some breaking changes and it should not be installed according to my lock file included to the package distribution, but yarn installs this version along with my library and it causes the following error.

/node_modules/zod/lib/types.js:82
           path: params?.path || [],
                        ^

SyntaxError: Unexpected token '.'
@RobinTail RobinTail added bug Something isn't working CI/CD labels Oct 18, 2021
@RobinTail RobinTail self-assigned this Oct 18, 2021
@RobinTail RobinTail mentioned this issue Oct 18, 2021
Merged
@RobinTail RobinTail linked a pull request Oct 18, 2021 that will close this issue
Locking the dependency versions in package.json. #170
Merged
@RobinTail
Copy link
Owner Author

Still need to fix the same issue for v1

@RobinTail RobinTail reopened this Oct 18, 2021
@RobinTail RobinTail mentioned this issue Oct 18, 2021
Merged
@RobinTail RobinTail linked a pull request Oct 18, 2021 that will close this issue
Locking the dependency versions in package.json for v1. #172
Merged
@RobinTail
Copy link
Owner Author

Preparing to release the fix...

@RobinTail
Copy link
Owner Author

The issue has been fixed in versions 2.8.1 and 1.3.3.

@RobinTail RobinTail mentioned this issue Oct 18, 2021
Merged
@RobinTail RobinTail linked a pull request Oct 18, 2021 that will close this issue
Integration test #173
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@RobinTail RobinTail

Labels
bug Something isn't working CI/CD
Projects
None yet
Milestone
No milestone
1 participant
@RobinTail