-
-
Notifications
You must be signed in to change notification settings - Fork 9.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Upgrade: Install/Add Storybook dependencies the default way #28572
base: next
Are you sure you want to change the base?
Upgrade: Install/Add Storybook dependencies the default way #28572
Conversation
With this change we are respecting the user's setting related to how dependencies should be saved to the package.json. The default behaviour is adding a caret to dependencies when added to the package.json. People can override this behaviour by defining them in, for example, a `save-exact=true` setting in their .npmrc file.
☁️ Nx Cloud ReportCI is running/has finished running commands for commit 1c5424b. As they complete they will appear below. Click to see the status, the terminal output, and the build insights. 📂 See all runs for this CI Pipeline Execution ✅ Successfully ran 1 targetSent with 💌 from NxCloud. |
return monorepoDependencies.map((dependency) => { | ||
let char = '^'; | ||
if (isCLIOutdated) { | ||
char = ''; | ||
} | ||
if (isCanary) { | ||
char = ''; | ||
} | ||
/* add ^ modifier to the version if this is the latest stable or prerelease version | ||
example outputs: @storybook/react@^8.0.0 */ | ||
return `${dependency}@${char}${versions[dependency]}`; | ||
}); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
See here:
#28579 (review)
When @yannbf was testing the behavior on his machine we observed yarn
behave very differently from when we tested a similar command on your machine with npm
.
The problem is that package managers do different things.
npm
will install the exact version, in the lockfile, but add a caret in the package.json
file
yarn however, will add the exact version to the
package.json`.
The industry standard is to have ^
ranges in package.json
and ensure versions do not drift unexpectedly using lockfiles.
We want to ensure this behavior is held true, for all package managers.
Here's why me and @JReinhold ended up with the code above:
- In the case of
@latest
isCLIOutdated
will befalse
, andisCanary
will befalse
too.
Meaning we add the^
and manually write that to thepackage.json
We can safely do this, becauselatest
islatest
, the subsequent install command will install the same version, because nothing higher can exist. - In the case of someone installing
@next
, both will befalse
again. Actually that behavior might be wrong. The caret will be added, meaning you might get a lateralpha
then you asked for. - In the case of a canary, the
isCanary
will be true, and no caret will be added.
Due to this being manually written topackage.json
, the behavior from all the package manager will be consistent. - In the case of an specific version, the
isCLIOutdated
will betrue
, and cause the^
not to be printed.
I hope this explains a bit why it was chosen to manually write to package.json
, instead of letting them do as they do... their behavior is inconsistent, and the upgrade experience would be different between using npm
and yarn
.
If we're going to fix the bug here: #28569
..then we need to make absolutely sure, that the upgrade behavior is as is expected in every package manager we support.
The code below will not do that.
Closes #28569
What I did
With this change we are respecting the user's setting related to how dependencies should be saved to the package.json. The default behaviour is adding a caret to dependencies when added to the package.json. People can override this behaviour by defining them in, for example, a
save-exact=true
setting in their .npmrc file.Checklist for Contributors
Testing
The changes in this PR are covered in the following automated tests:
Manual testing
This section is mandatory for all contributions. If you believe no manual test is necessary, please state so explicitly. Thanks!
Documentation
MIGRATION.MD
Checklist for Maintainers
When this PR is ready for testing, make sure to add
ci:normal
,ci:merged
orci:daily
GH label to it to run a specific set of sandboxes. The particular set of sandboxes can be found incode/lib/cli/src/sandbox-templates.ts
Make sure this PR contains one of the labels below:
Available labels
bug
: Internal changes that fixes incorrect behavior.maintenance
: User-facing maintenance tasks.dependencies
: Upgrading (sometimes downgrading) dependencies.build
: Internal-facing build tooling & test updates. Will not show up in release changelog.cleanup
: Minor cleanup style change. Will not show up in release changelog.documentation
: Documentation only changes. Will not show up in release changelog.feature request
: Introducing a new feature.BREAKING CHANGE
: Changes that break compatibility in some way with current major version.other
: Changes that don't fit in the above categories.🦋 Canary release
This PR does not have a canary release associated. You can request a canary release of this pull request by mentioning the
@storybookjs/core
team here.core team members can create a canary release here or locally with
gh workflow run --repo storybookjs/storybook canary-release-pr.yml --field pr=<PR_NUMBER>